Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: avira meldung EXP/08-5353.AJ

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.10.2012, 15:38   #1
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



hallo!
von meinem (auch für fb genuntzten) email account aus wurden vorgestern zu allen adressen links mit werbung verschickt, woraufhin ich meinen rechner sicherheitsgescannt habe mit avira, was die meldung EXP/08-5353.AJ erbrachte. ich habe schon im forum einen hinweis dazu gelesen, aber da ich 1. leider keine ahnung davon habe und 2. kein risiko in bezug auf meine daten eingehen will, frage ich noch mal selber: reicht es nicht aus, das "ding" in quarantäne zu schicken? was genau ist es überhaupt? hat es was mit den von meinem account verschickten emails zu tun? die erste frage ist mir am wichtigsten, danke!

Alt 23.10.2012, 08:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Hi,

Wo wurde der Virus gefunden?


Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 23.10.2012, 21:04   #3
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Hallo schrauber! vielen dank für deine zeit!!
ich weiss leider nicht, wo es gefunden wurde...bei avira reporter wird eine "quelle" angegeben, die ist in temp., aber ich weiss nicht, ob dass der original-fundort ist?
hier otl.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.10.2012 20:39:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mirjam\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,29% Memory free
3,49 Gb Paging File | 2,62 Gb Available in Paging File | 74,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,31 Gb Free Space | 72,00% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 67,31 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Mirjam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mirjam\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 9A 0E E1 F9 4A CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2DC33F31-3A42-4218-9FF2-D005B537B9AC}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "Ask.com Search"
FF - prefs.js..browser.search.order.1: "Ask.com Search"
FF - prefs.js..browser.search.selectedEngine: "Ecosia"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.gmx.de"
FF - prefs.js..extensions.enabledAddons: zotero@chnm.gmu.edu:3.0.8
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 10:14:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 10:14:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.06.24 12:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirjam\AppData\Roaming\mozilla\Extensions
[2012.08.06 10:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirjam\AppData\Roaming\mozilla\Firefox\Profiles\bzzcq0f2.default\extensions
[2012.07.19 07:37:21 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Mirjam\AppData\Roaming\mozilla\Firefox\Profiles\bzzcq0f2.default\extensions\zotero@chnm.gmu.edu
[2012.08.06 10:20:34 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Mirjam\AppData\Roaming\mozilla\firefox\profiles\bzzcq0f2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.21 10:06:28 | 000,002,331 | ---- | M] () -- C:\Users\Mirjam\AppData\Roaming\mozilla\firefox\profiles\bzzcq0f2.default\searchplugins\askcom.xml
[2012.06.19 11:41:50 | 000,002,306 | ---- | M] () -- C:\Users\Mirjam\AppData\Roaming\mozilla\firefox\profiles\bzzcq0f2.default\searchplugins\askcomsearch.xml
[2012.04.13 13:38:30 | 000,002,289 | ---- | M] () -- C:\Users\Mirjam\AppData\Roaming\mozilla\firefox\profiles\bzzcq0f2.default\searchplugins\ecosia.xml
[2012.09.07 10:14:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 10:14:33 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.22 23:46:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 14:32:48 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.22 23:46:16 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.22 23:46:16 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.22 23:46:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.22 23:46:16 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - Startup: C:\Users\Mirjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{338D137A-2141-4AA5-A7D5-B71F1BCAFE15}: NameServer = 136.199.8.101,136.199.8.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD1477C9-F6CB-4F2B-82D0-D537182F582C}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1048b14b-cf44-11e0-89ab-0024814ac727}\Shell - "" = AutoRun
O33 - MountPoints2\{1048b14b-cf44-11e0-89ab-0024814ac727}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.23 20:20:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mirjam\Desktop\OTL.exe
[2012.10.21 16:34:03 | 000,000,000 | ---D | C] -- C:\Users\Mirjam\Desktop\Neuer Ordner (2)
[2012.10.20 09:14:49 | 000,000,000 | ---D | C] -- C:\Users\Mirjam\Desktop\Oshin MASTERED High quality MP3s
[5 C:\Users\Mirjam\Desktop\*.tmp files -> C:\Users\Mirjam\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.23 20:43:50 | 000,018,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 20:43:50 | 000,018,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 20:36:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.23 20:36:15 | 1406,820,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.23 20:20:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mirjam\Desktop\OTL.exe
[2012.10.23 07:49:01 | 001,732,365 | ---- | M] () -- C:\Users\Mirjam\Desktop\SNF Antwortschreiben S2.JPG
[2012.10.23 07:48:06 | 002,123,507 | ---- | M] () -- C:\Users\Mirjam\Desktop\SNF Antwortschreiben S1.JPG
[2012.10.22 17:16:17 | 002,325,040 | ---- | M] () -- C:\Users\Mirjam\Desktop\P1010423 (2).JPG
[2012.10.22 17:16:05 | 002,325,040 | ---- | M] () -- C:\Users\Mirjam\Desktop\heller.JPG
[2012.10.22 17:14:09 | 002,443,726 | ---- | M] () -- C:\Users\Mirjam\Desktop\P1010422 (2).JPG
[2012.10.22 16:45:32 | 000,656,034 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.22 16:45:32 | 000,617,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.22 16:45:32 | 000,131,114 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.22 16:45:32 | 000,107,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.21 16:48:59 | 003,170,426 | ---- | M] () -- C:\Users\Mirjam\Desktop\P1010422.JPG
[2012.10.21 16:48:03 | 003,574,394 | ---- | M] () -- C:\Users\Mirjam\Desktop\P1010423.JPG
[5 C:\Users\Mirjam\Desktop\*.tmp files -> C:\Users\Mirjam\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.23 07:48:21 | 001,732,365 | ---- | C] () -- C:\Users\Mirjam\Desktop\SNF Antwortschreiben S2.JPG
[2012.10.23 07:46:21 | 002,123,507 | ---- | C] () -- C:\Users\Mirjam\Desktop\SNF Antwortschreiben S1.JPG
[2012.10.22 17:16:04 | 002,325,040 | ---- | C] () -- C:\Users\Mirjam\Desktop\heller.JPG
[2012.10.22 17:14:39 | 002,325,040 | ---- | C] () -- C:\Users\Mirjam\Desktop\P1010423 (2).JPG
[2012.10.22 17:11:16 | 002,443,726 | ---- | C] () -- C:\Users\Mirjam\Desktop\P1010422 (2).JPG
[2012.10.21 16:41:54 | 003,574,394 | ---- | C] () -- C:\Users\Mirjam\Desktop\P1010423.JPG
[2012.10.21 16:35:56 | 003,170,426 | ---- | C] () -- C:\Users\Mirjam\Desktop\P1010422.JPG
[2011.06.24 13:15:32 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.06.24 09:00:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.12 04:17:18 | 000,656,034 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 04:17:18 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 04:17:18 | 000,131,114 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 04:17:18 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:31:17 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:09:29 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:31:11 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.06.28 12:33:10 | 000,000,000 | ---D | M] -- C:\Users\Mirjam\AppData\Roaming\OpenOffice.org
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.06.24 09:11:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.24 09:56:50 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.07.14 06:17:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.06.24 09:11:02 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.09.07 13:42:03 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.06.20 19:17:25 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.06.24 09:11:02 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.06.24 09:11:02 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.06.24 13:21:55 | 000,000,000 | ---D | M] -- C:\SWSetup
[2012.10.23 20:42:23 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.06.24 09:11:11 | 000,000,000 | R--D | M] -- C:\Users
[2012.10.19 20:52:42 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /5 >
 
< %localappdata%\*. /5 >
[2012.10.23 20:39:13 | 000,000,000 | ---D | M] -- C:\Users\Mirjam\AppData\Local\Temp
 
<           >
[2009.07.14 06:17:34 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:17:34 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< End of report >
         
--- --- ---

und hier otl.extrasOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.10.2012 20:39:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mirjam\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,29% Memory free
3,49 Gb Paging File | 2,62 Gb Available in Paging File | 74,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,31 Gb Free Space | 72,00% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 67,31 Gb Free Space | 33,58% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Mirjam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F1100550-5E03-48D2-B8B5-EE54921F0D7D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4534DDFE-E33F-4CA3-89A4-F1E9CA001B5F}" = HP ESU for Microsoft Windows 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.08.2012 11:16:38 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.08.2012 12:17:24 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.08.2012 13:34:47 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.08.2012 17:21:50 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.08.2012 02:00:55 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.08.2012 12:00:40 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.08.2012 13:43:32 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.08.2012 16:04:54 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.08.2012 01:49:42 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.08.2012 03:55:20 | Computer Name = PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 23.10.2012 01:35:53 | Computer Name = PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.10.2012 01:36:15 | Computer Name = PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler.    Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
 3  Fehlertyp: 256  Prozessor-ID: 1    Die Detailansicht dieses Eintrags beinhaltet weitere
 Informationen.
 
Error - 23.10.2012 13:00:49 | Computer Name = PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 23.10.2012 13:00:49 | Computer Name = PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.10.2012 13:01:11 | Computer Name = PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler.    Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
 3  Fehlertyp: 9  Prozessor-ID: 0    Die Detailansicht dieses Eintrags beinhaltet weitere
 Informationen.
 
Error - 23.10.2012 13:01:11 | Computer Name = PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler.    Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
 3  Fehlertyp: 256  Prozessor-ID: 1    Die Detailansicht dieses Eintrags beinhaltet weitere
 Informationen.
 
Error - 23.10.2012 14:11:41 | Computer Name = PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.10.2012 14:36:25 | Computer Name = PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 23.10.2012 14:36:25 | Computer Name = PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.10.2012 14:36:47 | Computer Name = PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler.    Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
 3  Fehlertyp: 256  Prozessor-ID: 1    Die Detailansicht dieses Eintrags beinhaltet weitere
 Informationen.
 
 
< End of report >
         
--- --- ---

ist das das, was du haben wolltest?
lg!
__________________

Alt 24.10.2012, 07:21   #4
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Jep das ist es


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.10.2012, 20:14   #5
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



hier der bericht:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-24 19:32:43
-----------------------------
19:32:43.656 OS Version: Windows 6.1.7601 Service Pack 1
19:32:43.656 Number of processors: 2 586 0x301
19:32:43.658 ComputerName: PC UserName:
19:33:02.178 Initialize success
19:40:03.949 AVAST engine defs: 12102400
19:41:17.284 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:41:17.297 Disk 0 Vendor: TOSHIBA_MK3252GSX LV011C Size: 305245MB BusType: 11
19:41:17.318 Disk 0 MBR read successfully
19:41:17.322 Disk 0 MBR scan
19:41:17.331 Disk 0 Windows 7 default MBR code
19:41:17.335 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
19:41:17.351 Disk 0 Partition - 00 0F Extended LBA 205244 MB offset 204796620
19:41:17.374 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 205244 MB offset 204796683
19:41:17.389 Disk 0 scanning sectors +625137345
19:41:17.492 Disk 0 scanning C:\Windows\system32\drivers
19:41:38.237 Service scanning
19:42:25.444 Modules scanning
19:42:40.242 Disk 0 trace - called modules:
19:42:40.695 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys ataport.SYS PCIIDEX.SYS msahci.sys ndis.sys bcmwl6.sys
19:42:40.722 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85717ac8]
19:42:40.748 3 CLASSPNP.SYS[883b959e] -> nt!IofCallDriver -> [0x85716230]
19:42:40.756 5 hpdskflt.sys[88619f92] -> nt!IofCallDriver -> [0x855d2640]
19:42:40.765 7 ACPI.sys[880263d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8561b030]
19:42:41.317 AVAST engine scan C:\Windows
19:42:45.274 AVAST engine scan C:\Windows\system32
19:48:33.125 AVAST engine scan C:\Windows\system32\drivers
19:48:51.760 AVAST engine scan C:\Users\Mirjam
19:54:20.582 AVAST engine scan C:\ProgramData
19:55:54.715 Scan finished successfully
20:02:10.114 Disk 0 MBR has been saved successfully to "C:\Users\Mirjam\Desktop\MBR.dat"
20:02:10.133 The log file has been saved successfully to "C:\Users\Mirjam\Desktop\aswMBR.txt"

ich habe seit dem durchlaufen von otl gestern übrigens eine menge word documente auf meinem desktop, die im papierkorb waren und jetzt, wenn ich sie anwähle und löschen will, die nachricht rausgeben, dass es eine sytemdatei wäre und das löschen dazu führen könnte, dass windows usw. nicht mehr richtig funktionieren. es finden sich auch neue ordner auf meiner d partition, recycle.bin zb., alle dateinamen beginnen mit $. ich lass die jetzt erstmal so
lg m


Alt 25.10.2012, 08:05   #6
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________
--> avira meldung EXP/08-5353.AJ

Alt 25.10.2012, 16:54   #7
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



der scan hat nix ergeben, also auch keinen bericht!

Alt 25.10.2012, 17:06   #8
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Das halte ich für ein gerücht, schau mal unter C:\
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.10.2012, 17:11   #9
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



huch! du hattest recht!

16:46:45.0962 1176 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:46:47.0160 1176 ============================================================
16:46:47.0160 1176 Current date / time: 2012/10/25 16:46:47.0160
16:46:47.0160 1176 SystemInfo:
16:46:47.0160 1176
16:46:47.0161 1176 OS Version: 6.1.7601 ServicePack: 1.0
16:46:47.0161 1176 Product type: Workstation
16:46:47.0161 1176 ComputerName: PC
16:46:47.0162 1176 UserName: Mirjam
16:46:47.0162 1176 Windows directory: C:\Windows
16:46:47.0162 1176 System windows directory: C:\Windows
16:46:47.0162 1176 Processor architecture: Intel x86
16:46:47.0163 1176 Number of processors: 2
16:46:47.0163 1176 Page size: 0x1000
16:46:47.0163 1176 Boot type: Normal boot
16:46:47.0163 1176 ============================================================
16:46:48.0766 1176 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:46:48.0773 1176 ============================================================
16:46:48.0773 1176 \Device\Harddisk0\DR0:
16:46:48.0773 1176 MBR partitions:
16:46:48.0774 1176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
16:46:48.0790 1176 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x190DE3B6
16:46:48.0790 1176 ============================================================
16:46:48.0824 1176 C: <-> \Device\Harddisk0\DR0\Partition1
16:46:48.0862 1176 D: <-> \Device\Harddisk0\DR0\Partition2
16:46:48.0862 1176 ============================================================
16:46:48.0862 1176 Initialize success
16:46:48.0862 1176 ============================================================
16:48:17.0179 3084 ============================================================
16:48:17.0179 3084 Scan started
16:48:17.0179 3084 Mode: Manual;
16:48:17.0179 3084 ============================================================
16:48:18.0084 3084 ================ Scan system memory ========================
16:48:18.0084 3084 System memory - ok
16:48:18.0099 3084 ================ Scan services =============================
16:48:18.0286 3084 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:48:18.0349 3084 1394ohci - ok
16:48:18.0380 3084 [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:48:18.0396 3084 Accelerometer - ok
16:48:18.0427 3084 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:48:18.0427 3084 ACPI - ok
16:48:18.0474 3084 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:48:18.0489 3084 AcpiPmi - ok
16:48:18.0552 3084 [ 6C61BCEB60C2C187E6F96001FD69493E ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
16:48:18.0598 3084 ADIHdAudAddService - ok
16:48:18.0723 3084 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:48:18.0723 3084 AdobeARMservice - ok
16:48:18.0786 3084 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:48:18.0817 3084 adp94xx - ok
16:48:18.0864 3084 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:48:18.0895 3084 adpahci - ok
16:48:18.0926 3084 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:48:18.0957 3084 adpu320 - ok
16:48:19.0020 3084 [ 4DC6B0772D1698F04FC79053A21C8260 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
16:48:19.0051 3084 AEADIFilters - ok
16:48:19.0098 3084 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:48:19.0098 3084 AeLookupSvc - ok
16:48:19.0160 3084 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
16:48:19.0238 3084 AFD - ok
16:48:19.0285 3084 [ 48091A2374A69F473273C44951195452 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
16:48:19.0285 3084 AgereModemAudio - ok
16:48:19.0363 3084 [ C6FA08A8CCA9001F3197525B07331715 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
16:48:19.0441 3084 AgereSoftModem - ok
16:48:19.0456 3084 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:48:19.0472 3084 agp440 - ok
16:48:19.0519 3084 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:48:19.0534 3084 aic78xx - ok
16:48:19.0581 3084 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:48:19.0581 3084 ALG - ok
16:48:19.0597 3084 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:48:19.0628 3084 aliide - ok
16:48:19.0690 3084 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:48:19.0690 3084 AMD External Events Utility - ok
16:48:19.0737 3084 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:48:19.0737 3084 amdagp - ok
16:48:19.0768 3084 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:48:19.0784 3084 amdide - ok
16:48:19.0800 3084 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:48:19.0831 3084 AmdK8 - ok
16:48:19.0846 3084 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:48:19.0846 3084 AmdPPM - ok
16:48:19.0893 3084 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:48:19.0924 3084 amdsata - ok
16:48:19.0940 3084 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:48:19.0971 3084 amdsbs - ok
16:48:20.0002 3084 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:48:20.0002 3084 amdxata - ok
16:48:20.0096 3084 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:48:20.0096 3084 AntiVirSchedulerService - ok
16:48:20.0143 3084 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:48:20.0143 3084 AntiVirService - ok
16:48:20.0190 3084 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
16:48:20.0221 3084 AppID - ok
16:48:20.0268 3084 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:48:20.0268 3084 AppIDSvc - ok
16:48:20.0283 3084 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
16:48:20.0299 3084 Appinfo - ok
16:48:20.0330 3084 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:48:20.0330 3084 AppMgmt - ok
16:48:20.0377 3084 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
16:48:20.0392 3084 arc - ok
16:48:20.0408 3084 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:48:20.0439 3084 arcsas - ok
16:48:20.0470 3084 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:48:20.0470 3084 AsyncMac - ok
16:48:20.0502 3084 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:48:20.0502 3084 atapi - ok
16:48:20.0689 3084 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:48:20.0860 3084 atikmdag - ok
16:48:20.0938 3084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:48:20.0954 3084 AudioEndpointBuilder - ok
16:48:20.0970 3084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:48:20.0970 3084 Audiosrv - ok
16:48:21.0016 3084 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:48:21.0016 3084 avgntflt - ok
16:48:21.0048 3084 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:48:21.0048 3084 avipbb - ok
16:48:21.0126 3084 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:48:21.0126 3084 avkmgr - ok
16:48:21.0250 3084 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:48:21.0250 3084 AxInstSV - ok
16:48:21.0328 3084 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
16:48:21.0360 3084 b06bdrv - ok
16:48:21.0406 3084 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:48:21.0422 3084 b57nd60x - ok
16:48:21.0562 3084 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
16:48:21.0594 3084 BCM43XX - ok
16:48:21.0625 3084 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:48:21.0625 3084 BDESVC - ok
16:48:21.0656 3084 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:48:21.0656 3084 Beep - ok
16:48:21.0703 3084 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
16:48:21.0703 3084 BFE - ok
16:48:21.0765 3084 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
16:48:21.0781 3084 BITS - ok
16:48:21.0796 3084 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:48:21.0812 3084 blbdrive - ok
16:48:21.0843 3084 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:48:21.0843 3084 bowser - ok
16:48:21.0874 3084 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:48:21.0890 3084 BrFiltLo - ok
16:48:21.0921 3084 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:48:21.0937 3084 BrFiltUp - ok
16:48:21.0984 3084 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
16:48:21.0984 3084 Browser - ok
16:48:21.0999 3084 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:48:22.0015 3084 Brserid - ok
16:48:22.0046 3084 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:48:22.0062 3084 BrSerWdm - ok
16:48:22.0093 3084 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:48:22.0108 3084 BrUsbMdm - ok
16:48:22.0124 3084 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:48:22.0155 3084 BrUsbSer - ok
16:48:22.0171 3084 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:48:22.0186 3084 BTHMODEM - ok
16:48:22.0233 3084 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:48:22.0233 3084 bthserv - ok
16:48:22.0264 3084 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:48:22.0280 3084 cdfs - ok
16:48:22.0342 3084 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:48:22.0374 3084 cdrom - ok
16:48:22.0420 3084 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
16:48:22.0420 3084 CertPropSvc - ok
16:48:22.0436 3084 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
16:48:22.0452 3084 circlass - ok
16:48:22.0483 3084 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:48:22.0483 3084 CLFS - ok
16:48:22.0545 3084 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:48:22.0592 3084 clr_optimization_v2.0.50727_32 - ok
16:48:22.0670 3084 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:22.0686 3084 clr_optimization_v4.0.30319_32 - ok
16:48:22.0732 3084 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:48:22.0748 3084 CmBatt - ok
16:48:22.0779 3084 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:48:22.0795 3084 cmdide - ok
16:48:22.0857 3084 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
16:48:22.0873 3084 CNG - ok
16:48:22.0966 3084 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:48:22.0982 3084 Com4QLBEx - ok
16:48:23.0013 3084 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:48:23.0029 3084 Compbatt - ok
16:48:23.0060 3084 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:48:23.0076 3084 CompositeBus - ok
16:48:23.0091 3084 COMSysApp - ok
16:48:23.0122 3084 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:48:23.0138 3084 crcdisk - ok
16:48:23.0185 3084 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:48:23.0185 3084 CryptSvc - ok
16:48:23.0216 3084 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
16:48:23.0263 3084 CSC - ok
16:48:23.0294 3084 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
16:48:23.0310 3084 CscService - ok
16:48:23.0356 3084 [ 7CAAF4AF453EF3582FEF65DD72CAA0AA ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:48:23.0372 3084 dc3d - ok
16:48:23.0434 3084 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:48:23.0450 3084 DcomLaunch - ok
16:48:23.0497 3084 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:48:23.0497 3084 defragsvc - ok
16:48:23.0528 3084 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:48:23.0528 3084 DfsC - ok
16:48:23.0559 3084 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:48:23.0559 3084 Dhcp - ok
16:48:23.0590 3084 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:48:23.0606 3084 discache - ok
16:48:23.0637 3084 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
16:48:23.0637 3084 Disk - ok
16:48:23.0700 3084 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:48:23.0715 3084 dmvsc - ok
16:48:23.0762 3084 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:48:23.0762 3084 Dnscache - ok
16:48:23.0793 3084 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
16:48:23.0793 3084 dot3svc - ok
16:48:23.0824 3084 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
16:48:23.0824 3084 DPS - ok
16:48:23.0856 3084 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:48:23.0871 3084 drmkaud - ok
16:48:23.0934 3084 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:48:23.0965 3084 DXGKrnl - ok
16:48:24.0012 3084 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:48:24.0012 3084 EapHost - ok
16:48:24.0168 3084 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
16:48:24.0230 3084 ebdrv - ok
16:48:24.0277 3084 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
16:48:24.0277 3084 EFS - ok
16:48:24.0355 3084 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:48:24.0386 3084 ehRecvr - ok
16:48:24.0402 3084 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:48:24.0417 3084 ehSched - ok
16:48:24.0464 3084 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:48:24.0511 3084 elxstor - ok
16:48:24.0542 3084 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:48:24.0558 3084 ErrDev - ok
16:48:24.0636 3084 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:48:24.0651 3084 EventSystem - ok
16:48:24.0682 3084 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:48:24.0698 3084 exfat - ok
16:48:24.0714 3084 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:48:24.0745 3084 fastfat - ok
16:48:24.0792 3084 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
16:48:24.0807 3084 Fax - ok
16:48:24.0838 3084 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
16:48:24.0838 3084 fdc - ok
16:48:24.0870 3084 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:48:24.0870 3084 fdPHost - ok
16:48:24.0885 3084 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:48:24.0885 3084 FDResPub - ok
16:48:24.0901 3084 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:48:24.0901 3084 FileInfo - ok
16:48:24.0916 3084 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:48:24.0932 3084 Filetrace - ok
16:48:24.0963 3084 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:48:24.0979 3084 flpydisk - ok
16:48:25.0041 3084 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:48:25.0041 3084 FltMgr - ok
16:48:25.0119 3084 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
16:48:25.0135 3084 FontCache - ok
16:48:25.0197 3084 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:48:25.0244 3084 FontCache3.0.0.0 - ok
16:48:25.0275 3084 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:48:25.0291 3084 FsDepends - ok
16:48:25.0353 3084 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:48:25.0369 3084 Fs_Rec - ok
16:48:25.0416 3084 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:48:25.0416 3084 fvevol - ok
16:48:25.0447 3084 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:48:25.0478 3084 gagp30kx - ok
16:48:25.0525 3084 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
16:48:25.0540 3084 gpsvc - ok
16:48:25.0587 3084 [ 7DAD592A4D28092D584CFB4DEEF1373D ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
16:48:25.0603 3084 HBtnKey - ok
16:48:25.0634 3084 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:48:25.0665 3084 hcw85cir - ok
16:48:25.0696 3084 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:48:25.0743 3084 HdAudAddService - ok
16:48:25.0774 3084 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:48:25.0774 3084 HDAudBus - ok
16:48:25.0790 3084 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:48:25.0821 3084 HidBatt - ok
16:48:25.0852 3084 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:48:25.0884 3084 HidBth - ok
16:48:25.0899 3084 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:48:25.0930 3084 HidIr - ok
16:48:25.0962 3084 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:48:25.0977 3084 hidserv - ok
16:48:26.0008 3084 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:48:26.0024 3084 HidUsb - ok
16:48:26.0055 3084 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:48:26.0055 3084 hkmsvc - ok
16:48:26.0086 3084 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:48:26.0086 3084 HomeGroupListener - ok
16:48:26.0133 3084 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:48:26.0133 3084 HomeGroupProvider - ok
16:48:26.0180 3084 [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:48:26.0180 3084 hpdskflt - ok
16:48:26.0242 3084 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:48:26.0258 3084 HpqKbFiltr - ok
16:48:26.0336 3084 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:48:26.0352 3084 hpqwmiex - ok
16:48:26.0383 3084 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:48:26.0414 3084 HpSAMD - ok
16:48:26.0430 3084 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe
16:48:26.0445 3084 hpsrv - ok
16:48:26.0492 3084 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:48:26.0523 3084 HTTP - ok
16:48:26.0554 3084 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:48:26.0554 3084 hwpolicy - ok
16:48:26.0601 3084 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:48:26.0648 3084 i8042prt - ok
16:48:26.0695 3084 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:48:26.0726 3084 iaStorV - ok
16:48:26.0804 3084 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:48:26.0882 3084 idsvc - ok
16:48:26.0929 3084 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:48:26.0960 3084 iirsp - ok
16:48:27.0022 3084 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
16:48:27.0022 3084 IKEEXT - ok
16:48:27.0054 3084 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:48:27.0069 3084 intelide - ok
16:48:27.0100 3084 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:48:27.0116 3084 intelppm - ok
16:48:27.0147 3084 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:48:27.0147 3084 IPBusEnum - ok
16:48:27.0178 3084 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:27.0194 3084 IpFilterDriver - ok
16:48:27.0256 3084 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:48:27.0272 3084 iphlpsvc - ok
16:48:27.0288 3084 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:48:27.0303 3084 IPMIDRV - ok
16:48:27.0319 3084 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:48:27.0350 3084 IPNAT - ok
16:48:27.0366 3084 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:48:27.0381 3084 IRENUM - ok
16:48:27.0412 3084 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:48:27.0444 3084 isapnp - ok
16:48:27.0475 3084 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:48:27.0506 3084 iScsiPrt - ok
16:48:27.0537 3084 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:48:27.0553 3084 kbdclass - ok
16:48:27.0584 3084 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:48:27.0600 3084 kbdhid - ok
16:48:27.0631 3084 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
16:48:27.0631 3084 KeyIso - ok
16:48:27.0662 3084 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:48:27.0662 3084 KSecDD - ok
16:48:27.0693 3084 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:48:27.0693 3084 KSecPkg - ok
16:48:27.0724 3084 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:48:27.0756 3084 KtmRm - ok
16:48:27.0802 3084 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
16:48:27.0802 3084 LanmanServer - ok
16:48:27.0849 3084 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:48:27.0865 3084 LanmanWorkstation - ok
16:48:27.0927 3084 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:48:27.0974 3084 lltdio - ok
16:48:28.0005 3084 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:48:28.0021 3084 lltdsvc - ok
16:48:28.0036 3084 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:48:28.0052 3084 lmhosts - ok
16:48:28.0083 3084 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:48:28.0130 3084 LSI_FC - ok
16:48:28.0161 3084 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:48:28.0177 3084 LSI_SAS - ok
16:48:28.0224 3084 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:48:28.0239 3084 LSI_SAS2 - ok
16:48:28.0270 3084 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:48:28.0286 3084 LSI_SCSI - ok
16:48:28.0317 3084 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:48:28.0317 3084 luafv - ok
16:48:28.0380 3084 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:48:28.0411 3084 Mcx2Svc - ok
16:48:28.0442 3084 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
16:48:28.0473 3084 megasas - ok
16:48:28.0504 3084 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:48:28.0536 3084 MegaSR - ok
16:48:28.0567 3084 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:48:28.0567 3084 MMCSS - ok
16:48:28.0582 3084 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:48:28.0614 3084 Modem - ok
16:48:28.0645 3084 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:48:28.0645 3084 monitor - ok
16:48:28.0692 3084 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:48:28.0707 3084 mouclass - ok
16:48:28.0738 3084 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:48:28.0738 3084 mouhid - ok
16:48:28.0770 3084 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:48:28.0770 3084 mountmgr - ok
16:48:28.0832 3084 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:48:28.0832 3084 MozillaMaintenance - ok
16:48:28.0879 3084 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
16:48:28.0926 3084 mpio - ok
16:48:28.0957 3084 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:48:28.0972 3084 mpsdrv - ok
16:48:29.0019 3084 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:48:29.0050 3084 MpsSvc - ok
16:48:29.0082 3084 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:48:29.0113 3084 MRxDAV - ok
16:48:29.0160 3084 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:48:29.0160 3084 mrxsmb - ok
16:48:29.0206 3084 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:48:29.0206 3084 mrxsmb10 - ok
16:48:29.0238 3084 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:48:29.0238 3084 mrxsmb20 - ok
16:48:29.0284 3084 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
16:48:29.0284 3084 msahci - ok
16:48:29.0316 3084 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:48:29.0331 3084 msdsm - ok
16:48:29.0347 3084 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:48:29.0362 3084 MSDTC - ok
16:48:29.0409 3084 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:48:29.0409 3084 Msfs - ok
16:48:29.0425 3084 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:48:29.0425 3084 mshidkmdf - ok
16:48:29.0440 3084 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:48:29.0440 3084 msisadrv - ok
16:48:29.0472 3084 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:48:29.0503 3084 MSiSCSI - ok
16:48:29.0503 3084 msiserver - ok
16:48:29.0534 3084 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:48:29.0534 3084 MSKSSRV - ok
16:48:29.0565 3084 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:48:29.0581 3084 MSPCLOCK - ok
16:48:29.0612 3084 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:48:29.0612 3084 MSPQM - ok
16:48:29.0643 3084 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:48:29.0643 3084 MsRPC - ok
16:48:29.0659 3084 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:48:29.0659 3084 mssmbios - ok
16:48:29.0674 3084 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:48:29.0674 3084 MSTEE - ok
16:48:29.0690 3084 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:48:29.0706 3084 MTConfig - ok
16:48:29.0721 3084 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:48:29.0721 3084 Mup - ok
16:48:29.0768 3084 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
16:48:29.0784 3084 napagent - ok
16:48:29.0830 3084 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:48:29.0877 3084 NativeWifiP - ok
16:48:29.0924 3084 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:48:29.0940 3084 NDIS - ok
16:48:29.0986 3084 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:48:29.0986 3084 NdisCap - ok
16:48:30.0033 3084 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:48:30.0033 3084 NdisTapi - ok
16:48:30.0064 3084 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:48:30.0080 3084 Ndisuio - ok
16:48:30.0096 3084 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:48:30.0096 3084 NdisWan - ok
16:48:30.0127 3084 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:48:30.0142 3084 NDProxy - ok
16:48:30.0189 3084 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:48:30.0189 3084 NetBIOS - ok
16:48:30.0205 3084 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:48:30.0220 3084 NetBT - ok
16:48:30.0252 3084 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
16:48:30.0252 3084 Netlogon - ok
16:48:30.0330 3084 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:48:30.0345 3084 Netman - ok
16:48:30.0392 3084 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:48:30.0408 3084 netprofm - ok
16:48:30.0439 3084 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:48:30.0486 3084 NetTcpPortSharing - ok
16:48:30.0532 3084 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:48:30.0579 3084 nfrd960 - ok
16:48:30.0610 3084 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:48:30.0610 3084 NlaSvc - ok
16:48:30.0642 3084 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:48:30.0642 3084 Npfs - ok
16:48:30.0657 3084 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:48:30.0657 3084 nsi - ok
16:48:30.0673 3084 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:48:30.0688 3084 nsiproxy - ok
16:48:30.0766 3084 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:48:30.0782 3084 Ntfs - ok
16:48:30.0844 3084 [ 37BE10FF10A92031FC5A01E8363925CC ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
16:48:30.0860 3084 NuidFltr - ok
16:48:30.0907 3084 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:48:30.0922 3084 Null - ok
16:48:30.0969 3084 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:48:30.0985 3084 nvraid - ok
16:48:31.0000 3084 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:48:31.0016 3084 nvstor - ok
16:48:31.0047 3084 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:48:31.0063 3084 nv_agp - ok
16:48:31.0078 3084 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:48:31.0110 3084 ohci1394 - ok
16:48:31.0172 3084 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:48:31.0172 3084 ose - ok
16:48:31.0219 3084 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:48:31.0234 3084 p2pimsvc - ok
16:48:31.0266 3084 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:48:31.0266 3084 p2psvc - ok
16:48:31.0328 3084 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
16:48:31.0453 3084 Parport - ok
16:48:31.0500 3084 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:48:31.0500 3084 partmgr - ok
16:48:31.0531 3084 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:48:31.0546 3084 Parvdm - ok
16:48:31.0578 3084 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:48:31.0578 3084 PcaSvc - ok
16:48:31.0593 3084 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
16:48:31.0593 3084 pci - ok
16:48:31.0624 3084 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:48:31.0656 3084 pciide - ok
16:48:31.0687 3084 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:48:31.0718 3084 pcmcia - ok
16:48:31.0765 3084 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:48:31.0765 3084 pcw - ok
16:48:31.0796 3084 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:48:31.0827 3084 PEAUTH - ok
16:48:31.0890 3084 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:48:31.0905 3084 PeerDistSvc - ok
16:48:32.0014 3084 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
16:48:32.0030 3084 pla - ok
16:48:32.0077 3084 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:48:32.0092 3084 PlugPlay - ok
16:48:32.0108 3084 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:48:32.0108 3084 PNRPAutoReg - ok
16:48:32.0139 3084 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:48:32.0139 3084 PNRPsvc - ok
16:48:32.0202 3084 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
16:48:32.0217 3084 Point32 - ok
16:48:32.0264 3084 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:48:32.0295 3084 PolicyAgent - ok
16:48:32.0342 3084 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
16:48:32.0342 3084 Power - ok
16:48:32.0404 3084 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:48:32.0436 3084 PptpMiniport - ok
16:48:32.0467 3084 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
16:48:32.0482 3084 Processor - ok
16:48:32.0514 3084 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
16:48:32.0514 3084 ProfSvc - ok
16:48:32.0545 3084 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:48:32.0545 3084 ProtectedStorage - ok
16:48:32.0592 3084 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:48:32.0592 3084 Psched - ok
16:48:32.0670 3084 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:48:32.0716 3084 ql2300 - ok
16:48:32.0748 3084 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:48:32.0779 3084 ql40xx - ok
16:48:32.0841 3084 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:48:32.0857 3084 QWAVE - ok
16:48:32.0872 3084 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:48:32.0888 3084 QWAVEdrv - ok
16:48:32.0919 3084 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:48:32.0935 3084 RasAcd - ok
16:48:32.0966 3084 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:48:32.0997 3084 RasAgileVpn - ok
16:48:33.0028 3084 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:48:33.0044 3084 RasAuto - ok
16:48:33.0060 3084 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:48:33.0091 3084 Rasl2tp - ok
16:48:33.0138 3084 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
16:48:33.0153 3084 RasMan - ok
16:48:33.0184 3084 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:48:33.0216 3084 RasPppoe - ok
16:48:33.0247 3084 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:48:33.0278 3084 RasSstp - ok
16:48:33.0309 3084 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:48:33.0325 3084 rdbss - ok
16:48:33.0340 3084 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:48:33.0356 3084 rdpbus - ok
16:48:33.0387 3084 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:48:33.0387 3084 RDPCDD - ok
16:48:33.0434 3084 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:48:33.0465 3084 RDPDR - ok
16:48:33.0512 3084 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:48:33.0528 3084 RDPENCDD - ok
16:48:33.0559 3084 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:48:33.0559 3084 RDPREFMP - ok
16:48:33.0621 3084 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:48:33.0668 3084 RDPWD - ok
16:48:33.0730 3084 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:48:33.0730 3084 rdyboost - ok
16:48:33.0777 3084 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:48:33.0777 3084 RemoteAccess - ok
16:48:33.0824 3084 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:48:33.0824 3084 RemoteRegistry - ok
16:48:33.0855 3084 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:48:33.0855 3084 RpcEptMapper - ok
16:48:33.0886 3084 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:48:33.0886 3084 RpcLocator - ok
16:48:33.0918 3084 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
16:48:33.0918 3084 RpcSs - ok
16:48:33.0964 3084 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:48:33.0996 3084 rspndr - ok
16:48:34.0042 3084 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:48:34.0042 3084 s3cap - ok
16:48:34.0074 3084 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
16:48:34.0074 3084 SamSs - ok
16:48:34.0105 3084 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:48:34.0136 3084 sbp2port - ok
16:48:34.0167 3084 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:48:34.0183 3084 SCardSvr - ok
16:48:34.0198 3084 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:48:34.0214 3084 scfilter - ok
16:48:34.0245 3084 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
16:48:34.0261 3084 Schedule - ok
16:48:34.0292 3084 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:48:34.0292 3084 SCPolicySvc - ok
16:48:34.0308 3084 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:48:34.0323 3084 SDRSVC - ok
16:48:34.0370 3084 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:48:34.0386 3084 secdrv - ok
16:48:34.0432 3084 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:48:34.0432 3084 seclogon - ok
16:48:34.0479 3084 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:48:34.0479 3084 SENS - ok
16:48:34.0526 3084 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:48:34.0526 3084 SensrSvc - ok
16:48:34.0557 3084 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:48:34.0557 3084 Serenum - ok
16:48:34.0588 3084 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
16:48:34.0604 3084 Serial - ok
16:48:34.0620 3084 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:48:34.0620 3084 sermouse - ok
16:48:34.0666 3084 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
16:48:34.0666 3084 SessionEnv - ok
16:48:34.0666 3084 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:48:34.0682 3084 sffdisk - ok
16:48:34.0682 3084 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:48:34.0713 3084 sffp_mmc - ok
16:48:34.0729 3084 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:48:34.0744 3084 sffp_sd - ok
16:48:34.0760 3084 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:48:34.0776 3084 sfloppy - ok
16:48:34.0822 3084 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:48:34.0838 3084 SharedAccess - ok
16:48:34.0869 3084 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:48:34.0869 3084 ShellHWDetection - ok
16:48:34.0900 3084 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:48:34.0932 3084 sisagp - ok
16:48:34.0978 3084 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:48:35.0010 3084 SiSRaid2 - ok
16:48:35.0025 3084 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:48:35.0056 3084 SiSRaid4 - ok
16:48:35.0103 3084 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:48:35.0119 3084 SkypeUpdate - ok
16:48:35.0134 3084 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:48:35.0166 3084 Smb - ok
16:48:35.0212 3084 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:48:35.0228 3084 SNMPTRAP - ok
16:48:35.0353 3084 [ 869D33035D5CA4B5BC58777B8FD1F47F ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:48:35.0400 3084 SNP2UVC - ok
16:48:35.0431 3084 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:48:35.0431 3084 spldr - ok
16:48:35.0478 3084 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
16:48:35.0493 3084 Spooler - ok
16:48:35.0665 3084 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
16:48:35.0758 3084 sppsvc - ok
16:48:35.0774 3084 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:48:35.0790 3084 sppuinotify - ok
16:48:35.0821 3084 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:48:35.0821 3084 srv - ok
16:48:35.0852 3084 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:48:35.0852 3084 srv2 - ok
16:48:35.0868 3084 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:48:35.0883 3084 srvnet - ok
16:48:35.0914 3084 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:48:35.0914 3084 SSDPSRV - ok
16:48:35.0946 3084 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
16:48:35.0946 3084 ssmdrv - ok
16:48:35.0961 3084 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:48:35.0977 3084 SstpSvc - ok
16:48:36.0008 3084 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:48:36.0039 3084 stexstor - ok
16:48:36.0102 3084 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
16:48:36.0133 3084 StiSvc - ok
16:48:36.0164 3084 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:48:36.0164 3084 storflt - ok
16:48:36.0195 3084 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
16:48:36.0195 3084 StorSvc - ok
16:48:36.0226 3084 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:48:36.0258 3084 storvsc - ok
16:48:36.0289 3084 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:48:36.0320 3084 swenum - ok
16:48:36.0367 3084 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:48:36.0382 3084 swprv - ok
16:48:36.0476 3084 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:48:36.0616 3084 SynTP - ok
16:48:36.0694 3084 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
16:48:36.0710 3084 SysMain - ok
16:48:36.0741 3084 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:48:36.0741 3084 TabletInputService - ok
16:48:36.0772 3084 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
16:48:36.0772 3084 TapiSrv - ok
16:48:36.0788 3084 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:48:36.0804 3084 TBS - ok
16:48:36.0897 3084 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:48:36.0913 3084 Tcpip - ok
16:48:36.0960 3084 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:48:36.0960 3084 TCPIP6 - ok
16:48:37.0006 3084 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:48:37.0038 3084 tcpipreg - ok
16:48:37.0069 3084 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:48:37.0100 3084 TDPIPE - ok
16:48:37.0147 3084 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:48:37.0178 3084 TDTCP - ok
16:48:37.0194 3084 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:48:37.0209 3084 tdx - ok
16:48:37.0240 3084 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:48:37.0256 3084 TermDD - ok
16:48:37.0303 3084 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
16:48:37.0318 3084 TermService - ok
16:48:37.0350 3084 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:48:37.0350 3084 Themes - ok
16:48:37.0381 3084 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:48:37.0381 3084 THREADORDER - ok
16:48:37.0396 3084 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:48:37.0396 3084 TrkWks - ok
16:48:37.0459 3084 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:48:37.0459 3084 TrustedInstaller - ok
16:48:37.0521 3084 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:48:37.0537 3084 tssecsrv - ok
16:48:37.0552 3084 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:48:37.0584 3084 TsUsbFlt - ok
16:48:37.0615 3084 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:48:37.0630 3084 TsUsbGD - ok
16:48:37.0662 3084 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:48:37.0662 3084 tunnel - ok
16:48:37.0677 3084 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:48:37.0708 3084 uagp35 - ok
16:48:37.0755 3084 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:48:37.0771 3084 udfs - ok
16:48:37.0833 3084 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:48:37.0833 3084 UI0Detect - ok
16:48:37.0864 3084 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:48:37.0880 3084 uliagpkx - ok
16:48:37.0896 3084 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:48:37.0911 3084 umbus - ok
16:48:37.0942 3084 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
16:48:37.0942 3084 UmPass - ok
16:48:37.0974 3084 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
16:48:37.0974 3084 UmRdpService - ok
16:48:37.0989 3084 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:48:38.0005 3084 upnphost - ok
16:48:38.0020 3084 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
16:48:38.0036 3084 usbccgp - ok
16:48:38.0083 3084 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:48:38.0083 3084 usbcir - ok
16:48:38.0114 3084 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:48:38.0114 3084 usbehci - ok
16:48:38.0161 3084 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:48:38.0176 3084 usbhub - ok
16:48:38.0192 3084 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:48:38.0192 3084 usbohci - ok
16:48:38.0223 3084 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:48:38.0239 3084 usbprint - ok
16:48:38.0270 3084 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:48:38.0317 3084 USBSTOR - ok
16:48:38.0348 3084 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:48:38.0364 3084 usbuhci - ok
16:48:38.0426 3084 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:48:38.0473 3084 usbvideo - ok
16:48:38.0504 3084 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:48:38.0535 3084 UxSms - ok
16:48:38.0551 3084 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
16:48:38.0551 3084 VaultSvc - ok
16:48:38.0598 3084 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:48:38.0598 3084 vdrvroot - ok
16:48:38.0629 3084 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
16:48:38.0629 3084 vds - ok
16:48:38.0676 3084 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:48:38.0707 3084 vga - ok
16:48:38.0722 3084 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:48:38.0738 3084 VgaSave - ok
16:48:38.0769 3084 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:48:38.0816 3084 vhdmp - ok
16:48:38.0847 3084 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:48:38.0878 3084 viaagp - ok
16:48:38.0910 3084 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:48:38.0925 3084 ViaC7 - ok
16:48:38.0941 3084 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
16:48:38.0956 3084 viaide - ok
16:48:39.0003 3084 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:48:39.0034 3084 vmbus - ok
16:48:39.0066 3084 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:48:39.0081 3084 VMBusHID - ok
16:48:39.0112 3084 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:48:39.0112 3084 volmgr - ok
16:48:39.0144 3084 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:48:39.0144 3084 volmgrx - ok
16:48:39.0190 3084 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:48:39.0190 3084 volsnap - ok
16:48:39.0222 3084 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:48:39.0253 3084 vsmraid - ok
16:48:39.0331 3084 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
16:48:39.0362 3084 VSS - ok
16:48:39.0393 3084 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:48:39.0424 3084 vwifibus - ok
16:48:39.0471 3084 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:48:39.0487 3084 vwififlt - ok
16:48:39.0518 3084 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:48:39.0534 3084 W32Time - ok
16:48:39.0580 3084 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:48:39.0612 3084 WacomPen - ok
16:48:39.0643 3084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:48:39.0674 3084 WANARP - ok
16:48:39.0690 3084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:48:39.0690 3084 Wanarpv6 - ok
16:48:39.0799 3084 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:48:39.0892 3084 WatAdminSvc - ok
16:48:39.0986 3084 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
16:48:40.0017 3084 wbengine - ok
16:48:40.0033 3084 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:48:40.0048 3084 WbioSrvc - ok
16:48:40.0064 3084 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:48:40.0080 3084 wcncsvc - ok
16:48:40.0095 3084 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:48:40.0095 3084 WcsPlugInService - ok
16:48:40.0126 3084 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
16:48:40.0142 3084 Wd - ok
16:48:40.0173 3084 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:48:40.0189 3084 Wdf01000 - ok
16:48:40.0204 3084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:48:40.0220 3084 WdiServiceHost - ok
16:48:40.0220 3084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:48:40.0236 3084 WdiSystemHost - ok
16:48:40.0267 3084 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
16:48:40.0267 3084 WebClient - ok
16:48:40.0298 3084 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:48:40.0298 3084 Wecsvc - ok
16:48:40.0314 3084 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:48:40.0314 3084 wercplsupport - ok
16:48:40.0345 3084 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:48:40.0345 3084 WerSvc - ok
16:48:40.0376 3084 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:48:40.0376 3084 WfpLwf - ok
16:48:40.0392 3084 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:48:40.0423 3084 WIMMount - ok
16:48:40.0485 3084 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:48:40.0516 3084 WinDefend - ok
16:48:40.0532 3084 WinHttpAutoProxySvc - ok
16:48:40.0610 3084 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:48:40.0626 3084 Winmgmt - ok
16:48:40.0704 3084 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
16:48:40.0750 3084 WinRM - ok
16:48:40.0860 3084 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:48:40.0891 3084 WinUsb - ok
16:48:40.0969 3084 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:48:41.0000 3084 Wlansvc - ok
16:48:41.0031 3084 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:48:41.0031 3084 WmiAcpi - ok
16:48:41.0062 3084 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:48:41.0062 3084 wmiApSrv - ok
16:48:41.0156 3084 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:48:41.0187 3084 WMPNetworkSvc - ok
16:48:41.0218 3084 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:48:41.0218 3084 WPCSvc - ok
16:48:41.0250 3084 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:48:41.0250 3084 WPDBusEnum - ok
16:48:41.0265 3084 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:48:41.0281 3084 ws2ifsl - ok
16:48:41.0312 3084 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
16:48:41.0312 3084 wscsvc - ok
16:48:41.0312 3084 WSearch - ok
16:48:41.0421 3084 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:48:41.0484 3084 wuauserv - ok
16:48:41.0499 3084 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:48:41.0608 3084 WudfPf - ok
16:48:41.0764 3084 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:48:41.0780 3084 WUDFRd - ok
16:48:41.0827 3084 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:48:41.0827 3084 wudfsvc - ok
16:48:41.0858 3084 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:48:41.0858 3084 WwanSvc - ok
16:48:41.0905 3084 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
16:48:41.0920 3084 yukonw7 - ok
16:48:41.0936 3084 ================ Scan global ===============================
16:48:41.0967 3084 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
16:48:42.0014 3084 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
16:48:42.0030 3084 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
16:48:42.0076 3084 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:48:42.0123 3084 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:48:42.0139 3084 [Global] - ok
16:48:42.0139 3084 ================ Scan MBR ==================================
16:48:42.0154 3084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:48:42.0466 3084 \Device\Harddisk0\DR0 - ok
16:48:42.0466 3084 ================ Scan VBR ==================================
16:48:42.0482 3084 [ FF9812376572426F12855BD7C05BBC78 ] \Device\Harddisk0\DR0\Partition1
16:48:42.0482 3084 \Device\Harddisk0\DR0\Partition1 - ok
16:48:42.0529 3084 [ EC382FBAD475AEF5DB72ED39B7529169 ] \Device\Harddisk0\DR0\Partition2
16:48:42.0529 3084 \Device\Harddisk0\DR0\Partition2 - ok
16:48:42.0529 3084 ============================================================
16:48:42.0529 3084 Scan finished
16:48:42.0529 3084 ============================================================
16:48:42.0544 3684 Detected object count: 0
16:48:42.0544 3684 Actual detected object count: 0
16:49:51.0637 3436 Deinitialize success

Alt 25.10.2012, 19:40   #10
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Ok das ist sauber.

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.10.2012, 16:36   #11
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



hallo! hier der bericht:
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-10-26.01 - Mirjam 26.10.2012  16:08:45.1.2 - x86
Microsoft Windows 7 Professional N   6.1.7601.1.1252.49.1031.18.1789.1207 [GMT 2:00]
ausgeführt von:: c:\users\Mirjam\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-26 bis 2012-10-26  ))))))))))))))))))))))))))))))
.
.
2012-10-26 14:14 . 2012-10-26 14:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-22 14:48 . 2012-09-24 21:16	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-10 06:47 . 2012-09-14 18:28	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-10 06:47 . 2012-08-31 17:18	1211760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-10-10 06:47 . 2012-08-10 23:56	542208	----a-w-	c:\windows\system32\kerberos.dll
2012-10-10 06:47 . 2012-08-30 17:12	3968880	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-10-10 06:47 . 2012-08-30 17:12	3914096	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-09-26 17:11 . 2012-08-22 17:16	712048	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-26 17:11 . 2012-07-04 19:45	33280	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-26 17:11 . 2012-08-22 17:16	1292144	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-26 17:11 . 2012-08-22 17:16	240496	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-26 17:11 . 2012-08-22 17:16	187760	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-26 17:11 . 2012-08-21 20:12	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-09-26 17:11 . 2012-08-02 16:57	490496	----a-w-	c:\windows\system32\d3d10level9.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-03 13:24 . 2012-06-19 09:41	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-09-03 13:24 . 2011-06-24 10:32	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-07 08:14 . 2012-09-07 08:14	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-09 15:43	1519272	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Mirjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{338D137A-2141-4AA5-A7D5-B71F1BCAFE15}: NameServer = 136.199.8.101,136.199.8.129
FF - ProfilePath - c:\users\Mirjam\AppData\Roaming\Mozilla\Firefox\Profiles\bzzcq0f2.default\
FF - prefs.js: browser.search.selectedEngine - Ecosia
FF - prefs.js: browser.startup.homepage - www.gmx.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-26  16:16:57
ComboFix-quarantined-files.txt  2012-10-26 14:16
.
Vor Suchlauf: 6 Verzeichnis(se), 81.184.038.912 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 82.295.803.904 Bytes frei
.
- - End Of File - - C7806A151D3510241A2DE0A6EFD307A3
         
--- --- ---

lg m

äh, hab grad geantwortet, die antwort taucht aber nicht auf hier...also noch mal:
also hier der bericht:
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-10-26.01 - Mirjam 26.10.2012  16:08:45.1.2 - x86
Microsoft Windows 7 Professional N   6.1.7601.1.1252.49.1031.18.1789.1207 [GMT 2:00]
ausgeführt von:: c:\users\Mirjam\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-26 bis 2012-10-26  ))))))))))))))))))))))))))))))
.
.
2012-10-26 14:14 . 2012-10-26 14:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-22 14:48 . 2012-09-24 21:16	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-10 06:47 . 2012-09-14 18:28	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-10 06:47 . 2012-08-31 17:18	1211760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-10-10 06:47 . 2012-08-10 23:56	542208	----a-w-	c:\windows\system32\kerberos.dll
2012-10-10 06:47 . 2012-08-30 17:12	3968880	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-10-10 06:47 . 2012-08-30 17:12	3914096	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-09-26 17:11 . 2012-08-22 17:16	712048	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-26 17:11 . 2012-07-04 19:45	33280	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-26 17:11 . 2012-08-22 17:16	1292144	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-26 17:11 . 2012-08-22 17:16	240496	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-26 17:11 . 2012-08-22 17:16	187760	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-26 17:11 . 2012-08-21 20:12	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-09-26 17:11 . 2012-08-02 16:57	490496	----a-w-	c:\windows\system32\d3d10level9.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-03 13:24 . 2012-06-19 09:41	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-09-03 13:24 . 2011-06-24 10:32	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-07 08:14 . 2012-09-07 08:14	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-09 15:43	1519272	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Mirjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{338D137A-2141-4AA5-A7D5-B71F1BCAFE15}: NameServer = 136.199.8.101,136.199.8.129
FF - ProfilePath - c:\users\Mirjam\AppData\Roaming\Mozilla\Firefox\Profiles\bzzcq0f2.default\
FF - prefs.js: browser.search.selectedEngine - Ecosia
FF - prefs.js: browser.startup.homepage - GMX - E-Mail, FreeMail, De-Mail, Themen- & Shopping-Portal - kostenlos
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-26  16:16:57
ComboFix-quarantined-files.txt  2012-10-26 14:16
.
Vor Suchlauf: 6 Verzeichnis(se), 81.184.038.912 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 82.295.803.904 Bytes frei
.
- - End Of File - - C7806A151D3510241A2DE0A6EFD307A3
         
--- --- ---

lg m

o nä, es gibt SEITEN...chmchm.

Alt 26.10.2012, 16:46   #12
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Wie läuft der Rechner?



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.10.2012, 18:42   #13
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



also ich muss avira deaktivieren, während ich im netz bleibe (da ich das programm nicht installieren kann)? ist das gut bzw. richtig verstanden?

Alt 27.10.2012, 18:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



Während der Onlinescan läuft Avira ausmachen, und auf keinen anderen Seiten surfen .
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.10.2012, 19:52   #15
frau.mux
 
avira meldung EXP/08-5353.AJ - Standard

avira meldung EXP/08-5353.AJ



ok danke
hab mir grad von 2shared die smartinstaller.exe runtergeladen, da fand und meldete avira W23/Parite, was auch immer das ist. kann ich die exe jetzt (trotzdem) nutzen?

Antwort

Themen zu avira meldung EXP/08-5353.AJ
account, adresse, adressen, ahnung, avira, avira meldung, daten, eingehen, email, emails, exp/08-5353.aj, forum, frage, hinweis, keine ahnung, links, meldung, quarantäne, rechner, reich, risiko, schicke, schicken, verschickt, werbung, überhaupt



Ähnliche Themen: avira meldung EXP/08-5353.AJ


  1. Abstürzen einige Minuten nach Start, Bildschirm schwarz, kurzer Surrton, Avira Meldung: avira.systray.exe ungültiges Bild
    Plagegeister aller Art und deren Bekämpfung - 26.09.2015 (5)
  2. Malewarefund nach Meldung von Avira
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (20)
  3. Windows 7 Avira Meldung Bitguard
    Plagegeister aller Art und deren Bekämpfung - 26.01.2014 (16)
  4. AVIRA Meldung EXP/CVE-2010-4452
    Log-Analyse und Auswertung - 03.12.2013 (5)
  5. Avira-Meldung TR/Fakeadb.A
    Log-Analyse und Auswertung - 11.09.2013 (13)
  6. TR/Dropper.gen Meldung über Avira
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (15)
  7. Avira, Malware gefunden , Exploit EXP/CVE-2008-5353, GMER unterbrochen, Windows runtergefahren, Neustart erfolgreich
    Log-Analyse und Auswertung - 23.03.2013 (7)
  8. Avira-Quarantäneordner mit EXP/JAVA.Ternub.Gen und EXP/08-5353.AJ
    Log-Analyse und Auswertung - 28.09.2012 (9)
  9. Meldung von Avira über TR/ATRAPS.Gen
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (25)
  10. Avira Meldung: TR/Small.FI und TR/sirefef.ag.35
    Log-Analyse und Auswertung - 18.06.2012 (2)
  11. Avira Trojaner Meldung TR/PSW Z Bot.Y379
    Log-Analyse und Auswertung - 03.05.2012 (7)
  12. Avira Trojaner Meldung TR/PSW Z Bot.Y379
    Mülltonne - 01.05.2012 (1)
  13. Verwirrende Avira-Meldung -_-"?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  14. Avira Antivir Funde: I (EXP/CVE-2008-5353.AG), II (APPL/NirCmd.2)
    Log-Analyse und Auswertung - 20.02.2012 (19)
  15. Avira Meldung cryptnet32.dll
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (28)
  16. Avira Meldung
    Log-Analyse und Auswertung - 13.03.2009 (2)
  17. Trojaner-Meldung von Avira
    Log-Analyse und Auswertung - 20.11.2007 (1)

Zum Thema avira meldung EXP/08-5353.AJ - hallo! von meinem (auch für fb genuntzten) email account aus wurden vorgestern zu allen adressen links mit werbung verschickt, woraufhin ich meinen rechner sicherheitsgescannt habe mit avira, was die meldung - avira meldung EXP/08-5353.AJ...
Archiv
Du betrachtest: avira meldung EXP/08-5353.AJ auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.