Hatte GVU-Trojaner, angeblich entfernt, bin unsicher, ob mein System nun sauber ist

markusg · 08.01.2013, 23:39

Hi
poste erst mal nur otl.txt + malwarebytes log.

KokomikoM · 09.01.2013, 09:31

Hi, markusg,

hier nun die Logfiles von OTL und Malwarebytes. Wie schon erwähnt, wird von OTL nur eine OTL.txt erzeugt, keine Extras.txt

Ich habe mich als Admin angemeldet, um diese Tests zu machen, mein normales Benutzerkonto ist ein eingeschränktes Konto. Ist es okay, wenn ich die Tests als angemeldeter Admin mache?

Malwarebytes-Log:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.08.12

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Admin :: *** [Administrator]

08.01.2013 20:27:26
mbam-log-2013-01-08 (20-27-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 867260
Laufzeit: 3 Stunde(n), 58 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Hier kommt die OTL:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 08.01.2013 16:43:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 71,13% Memory free
6,99 Gb Paging File | 5,86 Gb Available in Paging File | 83,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,09 Gb Total Space | 28,64 Gb Free Space | 24,46% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 59,24 Mb Free Space | 59,24% Space Free | Partition Type: NTFS
Drive E: | 111,70 Gb Total Space | 111,50 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
Drive F: | 117,19 Gb Total Space | 40,91 Gb Free Space | 34,91% Space Free | Partition Type: NTFS
Drive G: | 231,39 Gb Total Space | 79,70 Gb Free Space | 34,45% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.08 15:45:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2012.12.15 09:43:52 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.15 09:43:17 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.12.15 09:43:16 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.12.15 09:43:07 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.12.15 09:43:05 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.15 09:43:05 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.15 09:43:04 | 000,656,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Programme\Avira\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- F:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- F:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- F:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.04 15:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.09.21 14:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.09.21 14:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.06.22 15:13:48 | 000,304,592 | ---- | M] () -- F:\Programme\XS Manager\WTGService.exe
PRC - [2007.09.07 09:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007.09.07 09:23:36 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\wdm\sttray.exe
PRC - [2007.08.29 12:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2006.11.03 17:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- F:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.08 14:41:12 | 000,093,696 | ---- | M] () -- F:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2006.11.03 17:46:24 | 000,126,976 | ---- | M] () -- F:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006.11.03 17:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.15 09:43:52 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Programme\Avira\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.15 09:43:17 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Programme\Avira\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.12.15 09:43:07 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Programme\Avira\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.12.15 09:43:05 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Programme\Avira\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.15 09:43:04 | 000,656,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Programme\Avira\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- F:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- F:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.07 22:01:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Programme\Microsoft Office 2010\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.01 05:36:46 | 000,310,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV - [2011.04.27 15:25:28 | 001,906,568 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.12.05 19:31:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.10.29 17:06:42 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Disabled | Stopped] -- C:\Windows\service4g.exe -- (XS Stick Service)
SRV - [2009.09.21 14:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.09.21 14:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009.06.22 15:13:48 | 000,304,592 | ---- | M] () [Auto | Running] -- F:\Programme\XS Manager\WTGService.exe -- (WTGService)
SRV - [2009.01.30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.01.28 11:23:14 | 000,143,360 | ---- | M] (Cybit AG) [verify-U]) [verify-U]-Service [Disabled | Stopped] -- F:\Programme\[verify-U] AVS\[verify-U]-Service.exe -- ([verify-U])
SRV - [2007.09.07 09:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.08.29 12:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\frmupgr.sys -- (DFUBTUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Admin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.12.15 09:44:17 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.12.15 09:44:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.12.15 09:44:16 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.12.15 09:44:15 | 000,112,584 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot)
DRV - [2012.12.15 09:44:15 | 000,092,008 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim)
DRV - [2012.12.15 09:44:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.09.09 12:10:18 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2011.09.09 12:10:18 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2011.09.09 11:10:19 | 000,035,944 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rsvcdwdr.sys -- (rsvcdwdr)
DRV - [2011.05.18 07:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.02.05 15:46:39 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2011.02.02 01:13:06 | 000,023,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2011.01.12 10:42:12 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2011.01.08 04:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.05 01:12:04 | 000,023,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DbusAudio.sys -- (DbusAudio)
DRV - [2010.11.20 13:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010.11.20 13:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010.11.20 11:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010.11.20 11:50:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcuxd.sys -- (vpcuxd)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.04.23 12:00:32 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2010.03.04 16:13:36 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009.12.05 19:47:17 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV - [2009.09.15 11:34:14 | 006,000,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (netw5v32)
DRV - [2009.09.10 15:31:48 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.08.28 19:42:44 | 000,017,408 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009.07.14 00:51:29 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTHPRINT.SYS -- (BTHprint)
DRV - [2008.10.31 15:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.11.07 15:21:18 | 000,016,128 | ---- | M] (Cybits AG) [verify-U]_System) [verify-U]_System [Kernel | System | Running] -- C:\Windows\System32\drivers\[verify-U]-driver.sys -- ([verify-U]_System)
DRV - [2007.10.10 17:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.09.27 11:53:00 | 000,062,464 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sxuptp.sys -- (sxuptp)
DRV - [2007.09.26 06:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.09.07 09:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.06.25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.03.05 10:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006.11.21 04:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006.11.15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.08.04 22:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Admin\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 61 03 14 2C 26 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: F:\Programme\Picasa\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: F:\Programme\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2013.01.06 23:14:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\Windows\System32\bgstb.dll (Broadgun Software)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Programme\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Programme\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: ([verify-U]_Add-on) - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - f:\Programme\Canon\EasyWeb\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\Windows\System32\bgstb.dll (Broadgun Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (pdfMachine) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - C:\Windows\System32\bgstb.dll (Broadgun Software)
O4 - HKLM..\Run: [avgnt] F:\Programme\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res:///105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - F:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://F:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - F:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - F:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: 123energie.de ([click] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1und1.de ([login] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bigpoint.com ([farmerama] http in Trusted sites)
O15 - HKCU\..Trusted Domains: dell.com ([support.euro] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ebay.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elkb.de ([webmail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elsteronline.de ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: gamesload.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([login] https in Trusted sites)
O15 - HKCU\..Trusted Domains: musicload.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: thesims3.com ([de.store] http in Trusted sites)
O15 - HKCU\..Trusted Domains: thesimsresource.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: thesimsresource.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.de ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: vernetzt-lernen.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: videoload.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: web.de ([freemailng5803] https in Trusted sites)
O15 - HKCU\..Trusted Domains: xsims.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260571563130 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E4CF4E86-D0DC-4864-8F0E-4F6EA2526334} https://img.ui-portal.de/1und1/smartdrive/activex/v1/web_de_osupload_2002.cab (UI File Upload Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B08C0D-6280-4B5B-9022-98842370F477}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7F98105-3B7B-4747-BA45-AB196CC6C798}: NameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Programme\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.04.12 16:42:11 | 000,153,484 | ---- | M] () - F:\AUTO.pat -- [ NTFS ]
O32 - AutoRun File - [2010.04.12 16:42:11 | 000,383,760 | ---- | M] () - F:\AUTO.pst -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.08 15:45:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.01.06 23:25:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2013.01.06 23:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.06 23:25:45 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.06 23:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.06 23:17:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.06 23:17:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp
[2013.01.06 22:58:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.06 22:58:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.06 22:58:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.06 22:58:08 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.06 22:56:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.06 22:56:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.06 22:34:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs
[2013.01.06 22:18:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\IO
[2013.01.06 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Avira
[2013.01.06 11:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.06 11:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.05 18:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.01.05 18:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.01.01 23:24:58 | 000,000,000 | ---D | C] -- C:\Crash
[2012.12.31 17:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012.12.30 19:07:25 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012.12.30 19:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2012.12.30 18:02:38 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012.12.15 09:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.15 09:57:31 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.15 09:57:30 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.15 09:57:30 | 000,112,584 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2012.12.15 09:57:30 | 000,092,008 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2012.12.15 09:57:30 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.15 09:57:30 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2009.12.06 01:28:15 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files\Common Files\keyhelp.ocx
[3 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.08 16:47:18 | 000,014,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.08 16:47:18 | 000,014,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.08 16:42:51 | 000,000,440 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2013.01.08 16:42:24 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.08 16:41:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.08 16:41:44 | 2817,032,192 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.08 16:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.08 16:03:06 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.08 15:45:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.01.08 15:44:57 | 000,000,000 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2013.01.08 15:44:29 | 000,050,477 | ---- | M] () -- C:\Users\Admin\Desktop\Defogger.exe
[2013.01.08 15:42:55 | 000,712,778 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.08 15:42:55 | 000,664,414 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.08 15:42:55 | 000,154,598 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.08 15:42:55 | 000,126,544 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.06 23:39:58 | 000,000,566 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013.01.06 23:14:13 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.06 22:30:20 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.21 23:16:23 | 002,443,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.15 09:44:17 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.15 09:44:16 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.15 09:44:16 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.15 09:44:15 | 000,112,584 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2012.12.15 09:44:15 | 000,092,008 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2012.12.15 09:44:15 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[3 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.08 15:44:57 | 000,000,000 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2013.01.08 15:44:29 | 000,050,477 | ---- | C] () -- C:\Users\Admin\Desktop\Defogger.exe
[2013.01.06 22:58:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.06 22:58:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.06 22:58:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.06 22:58:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.06 22:58:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.06 22:30:20 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.06 22:30:20 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.17 16:47:12 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011.09.06 11:56:31 | 000,006,760 | ---- | C] () -- C:\Windows\hppmdl13.dat.temp
[2011.09.06 11:31:09 | 000,195,294 | ---- | C] () -- C:\Windows\hppins13.dat.temp
[2011.09.06 11:27:49 | 000,000,619 | R--- | C] () -- C:\Windows\System32\hppapr13.dat
[2011.09.06 11:27:11 | 000,000,132 | ---- | C] () -- C:\Windows\System32\AddPort.ini
[2011.09.06 11:26:22 | 000,000,561 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2011.09.06 11:24:45 | 000,194,851 | ---- | C] () -- C:\Windows\hppins13.dat
[2011.06.25 12:45:53 | 001,456,640 | ---- | C] () -- C:\Program Files\Common Files\Falk Navi-Manager.msi
[2011.06.08 22:40:52 | 000,001,044 | RHS- | C] () -- C:\Users\Admin\ntuser.pol
[2011.06.07 10:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.06.07 10:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.06.07 10:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.06.07 10:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.06.05 21:41:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.27 15:54:31 | 000,217,232 | ---- | C] () -- C:\Windows\System32\bgsserv.exe
[2011.04.27 15:54:31 | 000,128,144 | ---- | C] () -- C:\Windows\System32\bgsreses.dll
[2011.04.27 15:54:31 | 000,127,120 | ---- | C] () -- C:\Windows\System32\bgsresfr.dll
[2011.04.27 15:54:31 | 000,120,464 | ---- | C] () -- C:\Windows\System32\bgsresde.dll
[2011.04.27 15:54:31 | 000,119,440 | ---- | C] () -- C:\Windows\System32\bgsresen.dll
[2011.04.27 15:54:31 | 000,062,096 | ---- | C] () -- C:\Windows\System32\bgspmnt.dll
[2011.03.17 07:41:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.03 22:36:51 | 000,385,024 | ---- | C] () -- C:\Windows\System32\GSService.exe
[2009.12.05 17:41:49 | 000,000,566 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.08.13 21:57:04 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.06.16 15:06:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Buhl Data Service
[2011.06.15 10:37:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NevoSoft
[2011.06.17 13:43:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NevoSoft Games
[2012.02.29 19:31:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Origin
[2011.06.14 12:21:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sahmon Games
[2012.09.16 23:53:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Samsung
[2011.06.08 23:35:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2011.06.15 10:51:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\World-Loom
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 252 bytes -> C:\ProgramData\TEMP:5A9F1AE5
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:C10635F6
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:A0921B2C
@Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:F0A06891
@Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:AC73CDCE
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:884C7316
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:6AF67671
@Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:61AF2B29
@Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:4F7FE589
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:3086B95F
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:0F8EA19A
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:5EF72D85
@Alternate Data Stream - 218 bytes -> C:\ProgramData\TEMP:DD04902E
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:89A5891E
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:6F55EB66
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:F41F8101
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:3C5ABDC7
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:D507B5A8
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:CEF2A14E
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:8D5A0C4E
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:6DA3BBF2
@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:ADDDF689
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:769BB147
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:91DEEE71
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:FDAF118C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C7973317
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:70188419
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B8384DB6
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:F5F96E70
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:3E988A0F
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:E2C9E369

< End of report >

--- --- ---
Nachtrag: Eigenartigerweise gibt es keine Log-Datei des letzten Suchlaufes von Avira?! Tut mir leid ...

markusg · 09.01.2013, 14:48

Sind das alle Malwarebytes logs? ich benötige die, mit funden.

KokomikoM · 09.01.2013, 15:07

Hi,
ich hatte nur die letzte Datei angeschaut und hochgeladen, aber hier kommt Schlimmes:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.06.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
*** :: *** [Administrator]

06.01.2013 13:55:33
mbam-log-2013-01-06 (13-55-33).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 879635
Laufzeit: 4 Stunde(n), 51 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
F:\Programmdownloads\iLividSetupV1.exe (Affiliate.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Noch eine:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6804

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 9.0.8112.16421

08.06.2011 06:55:53
mbam-log-2011-06-08 (06-55-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 650780
Laufzeit: 1 Stunde(n), 2 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Malware Protection (Trojan.FakeAlert) -> Value: Malware Protection -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Conny\AppData\Local\Temp\368B.tmp (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Conny\AppData\Local\Temp\ms0cfg32.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Conny\documents\EA Games\die sims 2\neighborhoods\F001\storytelling\thumbnail_00000004_746d8e48.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
f:\programmdownloads\pantsoff.exe (PUP.PSWFinder) -> Quarantined and deleted successfully.
c:\Users\Conny\AppData\Roaming\defender.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

markusg · 09.01.2013, 15:23

Hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

KokomikoM · 09.01.2013, 16:48

Hi, hat ein bisschen gedauert, es mussten erst Windows Updates installiert werden

16:43:52.0460 5156 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:43:52.0492 5156 ============================================================
16:43:52.0492 5156 Current date / time: 2013/01/09 16:43:52.0492
16:43:52.0492 5156 SystemInfo:
16:43:52.0492 5156
16:43:52.0492 5156 OS Version: 6.1.7601 ServicePack: 1.0
16:43:52.0492 5156 Product type: Workstation
16:43:52.0492 5156 ComputerName: ***
16:43:52.0492 5156 UserName: Admin
16:43:52.0492 5156 Windows directory: C:\Windows
16:43:52.0492 5156 System windows directory: C:\Windows
16:43:52.0492 5156 Processor architecture: Intel x86
16:43:52.0492 5156 Number of processors: 2
16:43:52.0492 5156 Page size: 0x1000
16:43:52.0492 5156 Boot type: Normal boot
16:43:52.0492 5156 ============================================================
16:43:55.0081 5156 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:43:55.0502 5156 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:43:55.0502 5156 ============================================================
16:43:55.0502 5156 \Device\Harddisk1\DR1:
16:43:55.0502 5156 MBR partitions:
16:43:55.0502 5156 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:43:55.0502 5156 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEA2D800
16:43:55.0502 5156 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xEA60000, BlocksNum 0xEA60000
16:43:55.0502 5156 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x1D4C0000, BlocksNum 0x1CEC5800
16:43:55.0502 5156 \Device\Harddisk0\DR0:
16:43:55.0502 5156 MBR partitions:
16:43:55.0502 5156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B800, BlocksNum 0xDF68800
16:43:55.0502 5156 ============================================================
16:43:55.0534 5156 C: <-> \Device\Harddisk1\DR1\Partition2
16:43:55.0580 5156 F: <-> \Device\Harddisk1\DR1\Partition3
16:43:55.0690 5156 G: <-> \Device\Harddisk1\DR1\Partition4
16:43:55.0736 5156 D: <-> \Device\Harddisk1\DR1\Partition1
16:43:55.0783 5156 E: <-> \Device\Harddisk0\DR0\Partition1
16:43:55.0783 5156 ============================================================
16:43:55.0783 5156 Initialize success
16:43:55.0783 5156 ============================================================
16:44:06.0643 5472 ============================================================
16:44:06.0643 5472 Scan started
16:44:06.0643 5472 Mode: Manual; SigCheck; TDLFS;
16:44:06.0643 5472 ============================================================
16:44:08.0827 5472 ================ Scan system memory ========================
16:44:08.0827 5472 System memory - ok
16:44:08.0827 5472 ================ Scan services =============================
16:44:08.0983 5472 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:44:09.0139 5472 1394ohci - ok
16:44:09.0186 5472 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\Windows\system32\drivers\ACEDRV07.sys
16:44:09.0217 5472 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
16:44:09.0217 5472 ACEDRV07 - detected UnsignedFile.Multi.Generic (1)
16:44:09.0248 5472 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:44:09.0264 5472 ACPI - ok
16:44:09.0295 5472 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:44:09.0357 5472 AcpiPmi - ok
16:44:09.0466 5472 [ F105722FBFB17F190D641CC80C39EC76 ] AcronisAgent C:\Program Files\Common Files\Acronis\Agent\agent.exe
16:44:09.0529 5472 AcronisAgent - ok
16:44:09.0560 5472 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
16:44:09.0576 5472 adfs - ok
16:44:09.0638 5472 [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
16:44:09.0669 5472 Adobe Version Cue CS4 - ok
16:44:09.0763 5472 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:44:09.0778 5472 AdobeARMservice - ok
16:44:09.0888 5472 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:44:09.0903 5472 AdobeFlashPlayerUpdateSvc - ok
16:44:09.0966 5472 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:44:09.0997 5472 adp94xx - ok
16:44:10.0012 5472 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:44:10.0044 5472 adpahci - ok
16:44:10.0059 5472 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:44:10.0075 5472 adpu320 - ok
16:44:10.0122 5472 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:44:10.0168 5472 AeLookupSvc - ok
16:44:10.0215 5472 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
16:44:10.0278 5472 AESTFilters - ok
16:44:10.0387 5472 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
16:44:10.0449 5472 AFD - ok
16:44:10.0496 5472 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:44:10.0512 5472 agp440 - ok
16:44:10.0558 5472 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:44:10.0574 5472 aic78xx - ok
16:44:10.0605 5472 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:44:10.0668 5472 ALG - ok
16:44:10.0683 5472 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:44:10.0699 5472 aliide - ok
16:44:10.0699 5472 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:44:10.0714 5472 amdagp - ok
16:44:10.0730 5472 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:44:10.0746 5472 amdide - ok
16:44:10.0777 5472 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:44:10.0824 5472 AmdK8 - ok
16:44:10.0839 5472 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:44:10.0855 5472 AmdPPM - ok
16:44:10.0902 5472 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:44:10.0917 5472 amdsata - ok
16:44:10.0933 5472 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:44:10.0964 5472 amdsbs - ok
16:44:10.0964 5472 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:44:10.0980 5472 amdxata - ok
16:44:11.0120 5472 [ BCD725206E7CBBF253F326202244A125 ] AntiVirFirewallService F:\Programme\Avira\Avira\AntiVir Desktop\avfwsvc.exe
16:44:11.0151 5472 AntiVirFirewallService - ok
16:44:11.0229 5472 [ FCAE7984609FD0662B48D64603D1DAFF ] AntiVirMailService F:\Programme\Avira\Avira\AntiVir Desktop\avmailc.exe
16:44:11.0245 5472 AntiVirMailService - ok
16:44:11.0323 5472 [ FBF39613CA267F851186F93180AE2ED4 ] AntiVirSchedulerService F:\Programme\Avira\Avira\AntiVir Desktop\sched.exe
16:44:11.0338 5472 AntiVirSchedulerService - ok
16:44:11.0401 5472 [ 476750076D102DC5F5B45ECE3C676853 ] AntiVirService F:\Programme\Avira\Avira\AntiVir Desktop\avguard.exe
16:44:11.0416 5472 AntiVirService - ok
16:44:11.0448 5472 [ E95B3655198C4DD65A7031EF8358CEF8 ] AntiVirWebService F:\Programme\Avira\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:44:11.0463 5472 AntiVirWebService - ok
16:44:11.0510 5472 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
16:44:11.0557 5472 ApfiltrService - ok
16:44:11.0604 5472 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
16:44:11.0713 5472 AppID - ok
16:44:11.0760 5472 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:44:11.0806 5472 AppIDSvc - ok
16:44:11.0838 5472 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
16:44:11.0884 5472 Appinfo - ok
16:44:11.0962 5472 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:44:11.0978 5472 Apple Mobile Device - ok
16:44:12.0009 5472 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:44:12.0056 5472 AppMgmt - ok
16:44:12.0087 5472 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:44:12.0103 5472 arc - ok
16:44:12.0118 5472 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:44:12.0134 5472 arcsas - ok
16:44:12.0274 5472 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:44:12.0290 5472 aspnet_state - ok
16:44:12.0306 5472 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:44:12.0415 5472 AsyncMac - ok
16:44:12.0446 5472 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:44:12.0462 5472 atapi - ok
16:44:12.0524 5472 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:44:12.0555 5472 AudioEndpointBuilder - ok
16:44:12.0571 5472 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:44:12.0618 5472 Audiosrv - ok
16:44:12.0711 5472 [ 0CC858D7AC36411E786ED0E0E69A4301 ] avfwim C:\Windows\system32\DRIVERS\avfwim.sys
16:44:12.0727 5472 avfwim - ok
16:44:12.0820 5472 [ 76AD8733C1AA8AEA4CD678DCE886D701 ] avfwot C:\Windows\system32\DRIVERS\avfwot.sys
16:44:12.0836 5472 avfwot - ok
16:44:12.0883 5472 [ 2060DAAC61CC3F65B6517CE840E4F6DA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:44:12.0898 5472 avgntflt - ok
16:44:12.0961 5472 [ F3AF2B17AE92A378979ADD8D6981E818 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:44:12.0976 5472 avipbb - ok
16:44:13.0023 5472 [ 793C820F0199C2964A908C9F0748E99D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:44:13.0023 5472 avkmgr - ok
16:44:13.0086 5472 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
16:44:13.0117 5472 avmaudio - ok
16:44:13.0148 5472 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
16:44:13.0164 5472 avmaura - ok
16:44:13.0210 5472 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:44:13.0304 5472 AxInstSV - ok
16:44:13.0335 5472 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:44:13.0382 5472 b06bdrv - ok
16:44:13.0429 5472 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:44:13.0444 5472 b57nd60x - ok
16:44:13.0476 5472 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
16:44:13.0522 5472 bcm4sbxp - ok
16:44:13.0569 5472 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:44:13.0600 5472 BDESVC - ok
16:44:13.0616 5472 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:44:13.0647 5472 Beep - ok
16:44:13.0694 5472 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
16:44:13.0756 5472 BFE - ok
16:44:13.0819 5472 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
16:44:13.0866 5472 BITS - ok
16:44:13.0881 5472 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:44:13.0912 5472 blbdrive - ok
16:44:13.0990 5472 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:44:14.0006 5472 Bonjour Service - ok
16:44:14.0053 5472 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:44:14.0100 5472 bowser - ok
16:44:14.0115 5472 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:44:14.0193 5472 BrFiltLo - ok
16:44:14.0209 5472 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:44:14.0240 5472 BrFiltUp - ok
16:44:14.0302 5472 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:44:14.0349 5472 BridgeMP - ok
16:44:14.0396 5472 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
16:44:14.0443 5472 Browser - ok
16:44:14.0462 5472 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:44:14.0509 5472 Brserid - ok
16:44:14.0525 5472 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:44:14.0540 5472 BrSerWdm - ok
16:44:14.0556 5472 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:44:14.0587 5472 BrUsbMdm - ok
16:44:14.0618 5472 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:44:14.0634 5472 BrUsbSer - ok
16:44:14.0665 5472 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:44:14.0728 5472 BthEnum - ok
16:44:14.0743 5472 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:44:14.0774 5472 BTHMODEM - ok
16:44:14.0806 5472 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:44:14.0821 5472 BthPan - ok
16:44:14.0852 5472 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:44:14.0899 5472 BTHPORT - ok
16:44:14.0946 5472 [ F185DF7DEC1777686E43C8C8C66F7883 ] BTHprint C:\Windows\system32\DRIVERS\bthprint.sys
16:44:14.0977 5472 BTHprint - ok
16:44:15.0008 5472 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:44:15.0055 5472 bthserv - ok
16:44:15.0071 5472 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:44:15.0102 5472 BTHUSB - ok
16:44:15.0133 5472 [ 4A28E7BD365377D0512B7EF8C7596D2C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:44:15.0149 5472 btwaudio - ok
16:44:15.0180 5472 [ 5FFDE57253D665067B0886612817EB11 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:44:15.0196 5472 btwavdt - ok
16:44:15.0211 5472 [ AB07DC8B05C31A4F95FC73019BE9DB15 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:44:15.0227 5472 btwrchid - ok
16:44:15.0445 5472 catchme - ok
16:44:15.0461 5472 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:44:15.0508 5472 cdfs - ok
16:44:15.0570 5472 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:44:15.0601 5472 cdrom - ok
16:44:15.0664 5472 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
16:44:15.0742 5472 CertPropSvc - ok
16:44:15.0773 5472 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:44:15.0788 5472 circlass - ok
16:44:15.0820 5472 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:44:15.0851 5472 CLFS - ok
16:44:15.0913 5472 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:44:15.0929 5472 clr_optimization_v2.0.50727_32 - ok
16:44:15.0991 5472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:44:16.0007 5472 clr_optimization_v4.0.30319_32 - ok
16:44:16.0022 5472 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:44:16.0069 5472 CmBatt - ok
16:44:16.0132 5472 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:44:16.0147 5472 cmdide - ok
16:44:16.0537 5472 [ 675D67423980FC1784B93AA47D350A31 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
16:44:16.0834 5472 cmnsusbser - ok
16:44:16.0880 5472 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
16:44:16.0912 5472 CNG - ok
16:44:16.0958 5472 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:44:16.0974 5472 Compbatt - ok
16:44:17.0021 5472 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:44:17.0068 5472 CompositeBus - ok
16:44:17.0083 5472 COMSysApp - ok
16:44:17.0099 5472 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:44:17.0114 5472 crcdisk - ok
16:44:17.0177 5472 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:44:17.0208 5472 CryptSvc - ok
16:44:17.0255 5472 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
16:44:17.0317 5472 CSC - ok
16:44:17.0348 5472 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
16:44:17.0380 5472 CscService - ok
16:44:17.0411 5472 [ 6B6CB09BBE72D408CEC9EC9D448463DC ] DbusAudio C:\Windows\system32\drivers\DbusAudio.sys
16:44:17.0426 5472 DbusAudio - ok
16:44:17.0489 5472 [ 7CAAF4AF453EF3582FEF65DD72CAA0AA ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:44:17.0536 5472 dc3d - ok
16:44:17.0598 5472 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:44:17.0660 5472 DcomLaunch - ok
16:44:17.0707 5472 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:44:17.0754 5472 defragsvc - ok
16:44:17.0801 5472 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:44:17.0879 5472 DfsC - ok
16:44:17.0879 5472 DFUBTUSB - ok
16:44:17.0910 5472 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:44:17.0941 5472 Dhcp - ok
16:44:17.0972 5472 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:44:18.0019 5472 discache - ok
16:44:18.0035 5472 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:44:18.0050 5472 Disk - ok
16:44:18.0097 5472 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:44:18.0128 5472 Dnscache - ok
16:44:18.0175 5472 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
16:44:18.0222 5472 dot3svc - ok
16:44:18.0253 5472 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
16:44:18.0316 5472 DPS - ok
16:44:18.0362 5472 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:44:18.0378 5472 drmkaud - ok
16:44:18.0440 5472 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:44:18.0456 5472 DXGKrnl - ok
16:44:18.0472 5472 EagleNT - ok
16:44:18.0503 5472 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:44:18.0550 5472 EapHost - ok
16:44:18.0690 5472 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:44:18.0799 5472 ebdrv - ok
16:44:18.0846 5472 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
16:44:18.0908 5472 EFS - ok
16:44:19.0002 5472 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:44:19.0064 5472 ehRecvr - ok
16:44:19.0096 5472 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:44:19.0142 5472 ehSched - ok
16:44:19.0174 5472 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:44:19.0205 5472 elxstor - ok
16:44:19.0252 5472 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:44:19.0267 5472 ErrDev - ok
16:44:19.0345 5472 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:44:19.0392 5472 EventSystem - ok
16:44:19.0486 5472 [ A57BE3307ADA2FC086B5B43135735283 ] EvtEng C:\Intel\WiFi\bin\EvtEng.exe
16:44:19.0501 5472 EvtEng - ok
16:44:19.0548 5472 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:44:19.0595 5472 exfat - ok
16:44:19.0610 5472 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:44:19.0657 5472 fastfat - ok
16:44:19.0704 5472 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
16:44:19.0751 5472 Fax - ok
16:44:19.0782 5472 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:44:19.0813 5472 fdc - ok
16:44:19.0844 5472 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:44:19.0891 5472 fdPHost - ok
16:44:19.0907 5472 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:44:19.0954 5472 FDResPub - ok
16:44:19.0985 5472 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:44:20.0000 5472 FileInfo - ok
16:44:20.0016 5472 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:44:20.0047 5472 Filetrace - ok
16:44:20.0094 5472 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:44:20.0125 5472 FLEXnet Licensing Service - ok
16:44:20.0156 5472 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:44:20.0172 5472 flpydisk - ok
16:44:20.0203 5472 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:44:20.0219 5472 FltMgr - ok
16:44:20.0266 5472 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
16:44:20.0328 5472 FontCache - ok
16:44:20.0406 5472 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:44:20.0422 5472 FontCache3.0.0.0 - ok
16:44:20.0453 5472 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:44:20.0468 5472 FsDepends - ok
16:44:20.0515 5472 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:44:20.0531 5472 Fs_Rec - ok
16:44:20.0593 5472 [ 8AE9EDBBC50D07F05F38C5EA6191C3FA ] ftpsvc C:\Windows\system32\inetsrv\ftpsvc.dll
16:44:20.0640 5472 ftpsvc - ok
16:44:20.0687 5472 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:44:20.0718 5472 fvevol - ok
16:44:20.0749 5472 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:44:20.0765 5472 gagp30kx - ok
16:44:20.0796 5472 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:44:20.0812 5472 GEARAspiWDM - ok
16:44:20.0858 5472 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
16:44:20.0905 5472 gpsvc - ok
16:44:20.0983 5472 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:44:20.0999 5472 gupdate - ok
16:44:20.0999 5472 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:44:21.0014 5472 gupdatem - ok
16:44:21.0108 5472 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:44:21.0124 5472 gusvc - ok
16:44:21.0155 5472 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:44:21.0186 5472 hcw85cir - ok
16:44:21.0233 5472 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:44:21.0264 5472 HdAudAddService - ok
16:44:21.0295 5472 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:44:21.0326 5472 HDAudBus - ok
16:44:21.0342 5472 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:44:21.0358 5472 HidBatt - ok
16:44:21.0389 5472 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:44:21.0420 5472 HidBth - ok
16:44:21.0436 5472 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:44:21.0467 5472 HidIr - ok
16:44:21.0498 5472 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
16:44:21.0529 5472 hidserv - ok
16:44:21.0576 5472 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:44:21.0592 5472 HidUsb - ok
16:44:21.0638 5472 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:44:21.0685 5472 hkmsvc - ok
16:44:21.0732 5472 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:44:21.0779 5472 HomeGroupListener - ok
16:44:21.0826 5472 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:44:21.0872 5472 HomeGroupProvider - ok
16:44:21.0888 5472 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:44:21.0904 5472 HpSAMD - ok
16:44:21.0950 5472 [ E9E589C9AB799F52E18F057635A2B362 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
16:44:21.0997 5472 HSF_DPV - ok
16:44:22.0028 5472 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
16:44:22.0044 5472 HSXHWAZL - ok
16:44:22.0091 5472 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:44:22.0153 5472 HTTP - ok
16:44:22.0200 5472 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:44:22.0231 5472 hwdatacard - ok
16:44:22.0278 5472 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:44:22.0294 5472 hwpolicy - ok
16:44:22.0356 5472 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:44:22.0387 5472 i8042prt - ok
16:44:22.0434 5472 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:44:22.0450 5472 iaStorV - ok
16:44:22.0528 5472 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:44:22.0543 5472 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:44:22.0543 5472 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:44:22.0621 5472 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:44:22.0668 5472 idsvc - ok
16:44:22.0684 5472 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:44:22.0699 5472 iirsp - ok
16:44:22.0777 5472 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
16:44:22.0824 5472 IKEEXT - ok
16:44:22.0871 5472 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:44:22.0886 5472 intelide - ok
16:44:22.0902 5472 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:44:22.0933 5472 intelppm - ok
16:44:22.0964 5472 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:44:23.0011 5472 IPBusEnum - ok
16:44:23.0027 5472 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:44:23.0074 5472 IpFilterDriver - ok
16:44:23.0120 5472 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:44:23.0183 5472 iphlpsvc - ok
16:44:23.0230 5472 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:44:23.0245 5472 IPMIDRV - ok
16:44:23.0276 5472 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:44:23.0323 5472 IPNAT - ok
16:44:23.0401 5472 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:44:23.0432 5472 iPod Service - ok
16:44:23.0464 5472 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:44:23.0510 5472 IRENUM - ok
16:44:23.0526 5472 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:44:23.0542 5472 isapnp - ok
16:44:23.0588 5472 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:44:23.0604 5472 iScsiPrt - ok
16:44:23.0666 5472 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:44:23.0682 5472 kbdclass - ok
16:44:23.0698 5472 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:44:23.0713 5472 kbdhid - ok
16:44:23.0744 5472 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
16:44:23.0760 5472 KeyIso - ok
16:44:23.0807 5472 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:44:23.0822 5472 KSecDD - ok
16:44:23.0838 5472 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:44:23.0854 5472 KSecPkg - ok
16:44:23.0900 5472 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:44:23.0947 5472 KtmRm - ok
16:44:24.0010 5472 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
16:44:24.0056 5472 LanmanServer - ok
16:44:24.0103 5472 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:44:24.0150 5472 LanmanWorkstation - ok
16:44:24.0197 5472 Lavasoft Kernexplorer - ok
16:44:24.0259 5472 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:44:24.0306 5472 lltdio - ok
16:44:24.0337 5472 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:44:24.0384 5472 lltdsvc - ok
16:44:24.0415 5472 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:44:24.0462 5472 lmhosts - ok
16:44:24.0493 5472 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:44:24.0509 5472 LSI_FC - ok
16:44:24.0540 5472 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:44:24.0556 5472 LSI_SAS - ok
16:44:24.0571 5472 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:44:24.0587 5472 LSI_SAS2 - ok
16:44:24.0602 5472 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:44:24.0618 5472 LSI_SCSI - ok
16:44:24.0634 5472 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:44:24.0680 5472 luafv - ok
16:44:24.0774 5472 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:44:24.0790 5472 MBAMProtector - ok
16:44:24.0868 5472 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:44:24.0883 5472 MBAMScheduler - ok
16:44:24.0930 5472 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:44:24.0961 5472 MBAMService - ok
16:44:24.0992 5472 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:44:25.0008 5472 Mcx2Svc - ok
16:44:25.0070 5472 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:44:25.0102 5472 MDM ( UnsignedFile.Multi.Generic ) - warning
16:44:25.0102 5472 MDM - detected UnsignedFile.Multi.Generic (1)
16:44:25.0133 5472 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:44:25.0164 5472 mdmxsdk - ok
16:44:25.0195 5472 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:44:25.0211 5472 megasas - ok
16:44:25.0242 5472 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:44:25.0258 5472 MegaSR - ok
16:44:25.0336 5472 Microsoft SharePoint Workspace Audit Service - ok
16:44:25.0367 5472 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:44:25.0414 5472 MMCSS - ok
16:44:25.0445 5472 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:44:25.0492 5472 Modem - ok
16:44:25.0507 5472 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:44:25.0538 5472 monitor - ok
16:44:25.0554 5472 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:44:25.0570 5472 mouclass - ok
16:44:25.0585 5472 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:44:25.0616 5472 mouhid - ok
16:44:25.0663 5472 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:44:25.0679 5472 mountmgr - ok
16:44:25.0726 5472 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
16:44:25.0741 5472 mpio - ok
16:44:25.0788 5472 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:44:25.0819 5472 mpsdrv - ok
16:44:25.0882 5472 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:44:25.0928 5472 MpsSvc - ok
16:44:25.0975 5472 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:44:26.0022 5472 MRxDAV - ok
16:44:26.0069 5472 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:44:26.0116 5472 mrxsmb - ok
16:44:26.0162 5472 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:44:26.0178 5472 mrxsmb10 - ok
16:44:26.0194 5472 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:44:26.0225 5472 mrxsmb20 - ok
16:44:26.0256 5472 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
16:44:26.0272 5472 msahci - ok
16:44:26.0318 5472 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:44:26.0334 5472 msdsm - ok
16:44:26.0350 5472 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:44:26.0381 5472 MSDTC - ok
16:44:26.0443 5472 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:44:26.0474 5472 Msfs - ok
16:44:26.0490 5472 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:44:26.0537 5472 mshidkmdf - ok
16:44:26.0552 5472 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:44:26.0568 5472 msisadrv - ok
16:44:26.0615 5472 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:44:26.0662 5472 MSiSCSI - ok
16:44:26.0662 5472 msiserver - ok
16:44:26.0693 5472 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:44:26.0724 5472 MSKSSRV - ok
16:44:26.0755 5472 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:44:26.0802 5472 MSPCLOCK - ok
16:44:26.0802 5472 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:44:26.0849 5472 MSPQM - ok
16:44:26.0864 5472 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:44:26.0880 5472 MsRPC - ok
16:44:26.0927 5472 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:44:26.0942 5472 mssmbios - ok
16:44:26.0974 5472 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:44:27.0005 5472 MSTEE - ok
16:44:27.0020 5472 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:44:27.0036 5472 MTConfig - ok
16:44:27.0052 5472 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:44:27.0067 5472 Mup - ok
16:44:27.0130 5472 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
16:44:27.0161 5472 napagent - ok
16:44:27.0192 5472 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:44:27.0208 5472 NativeWifiP - ok
16:44:27.0270 5472 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:44:27.0301 5472 NDIS - ok
16:44:27.0317 5472 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:44:27.0364 5472 NdisCap - ok
16:44:27.0395 5472 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:44:27.0442 5472 NdisTapi - ok
16:44:27.0473 5472 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:44:27.0520 5472 Ndisuio - ok
16:44:27.0551 5472 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:44:27.0598 5472 NdisWan - ok
16:44:27.0644 5472 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:44:27.0676 5472 NDProxy - ok
16:44:27.0707 5472 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:44:27.0738 5472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:44:27.0738 5472 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:44:27.0769 5472 [ 29C45722E20572B6440B57E3359E73EE ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
16:44:27.0769 5472 Netaapl ( UnsignedFile.Multi.Generic ) - warning
16:44:27.0769 5472 Netaapl - detected UnsignedFile.Multi.Generic (1)
16:44:27.0816 5472 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:44:27.0863 5472 NetBIOS - ok
16:44:27.0925 5472 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:44:27.0972 5472 NetBT - ok
16:44:27.0988 5472 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
16:44:28.0003 5472 Netlogon - ok
16:44:28.0050 5472 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:44:28.0097 5472 Netman - ok
16:44:28.0144 5472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:44:28.0159 5472 NetMsmqActivator - ok
16:44:28.0190 5472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:44:28.0206 5472 NetPipeActivator - ok
16:44:28.0331 5472 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:44:28.0424 5472 netprofm - ok
16:44:28.0487 5472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:44:28.0502 5472 NetTcpActivator - ok
16:44:28.0565 5472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:44:28.0580 5472 NetTcpPortSharing - ok
16:44:29.0111 5472 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
16:44:29.0282 5472 NETw4v32 - ok
16:44:29.0470 5472 [ 39CBA1AE2A400EF99C3DEC9F9F601876 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
16:44:29.0719 5472 netw5v32 - ok
16:44:29.0750 5472 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:44:29.0766 5472 nfrd960 - ok
16:44:29.0813 5472 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:44:29.0828 5472 NlaSvc - ok
16:44:29.0860 5472 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:44:29.0891 5472 Npfs - ok
16:44:29.0922 5472 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:44:29.0953 5472 nsi - ok
16:44:29.0984 5472 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:44:30.0031 5472 nsiproxy - ok
16:44:30.0109 5472 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:44:30.0156 5472 Ntfs - ok
16:44:30.0172 5472 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:44:30.0203 5472 Null - ok
16:44:30.0437 5472 [ 73A70F1D89C942EEDD99A3F10459B051 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:44:30.0640 5472 nvlddmkm - ok
16:44:30.0702 5472 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:44:30.0718 5472 nvraid - ok
16:44:30.0733 5472 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:44:30.0749 5472 nvstor - ok
16:44:30.0811 5472 [ 538A52E480C816D1990579A8FAAFFA20 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:44:30.0827 5472 nvsvc - ok
16:44:30.0874 5472 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:44:30.0889 5472 nv_agp - ok
16:44:30.0967 5472 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:44:30.0983 5472 odserv - ok
16:44:31.0030 5472 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
16:44:31.0092 5472 OEM02Dev - ok
16:44:31.0139 5472 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
16:44:31.0170 5472 OEM02Vfx - ok
16:44:31.0201 5472 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:44:31.0248 5472 ohci1394 - ok
16:44:31.0310 5472 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:31.0326 5472 ose - ok
16:44:31.0498 5472 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:44:31.0700 5472 osppsvc - ok
16:44:31.0763 5472 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:44:31.0810 5472 p2pimsvc - ok
16:44:31.0841 5472 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:44:31.0872 5472 p2psvc - ok
16:44:31.0903 5472 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:44:31.0934 5472 Parport - ok
16:44:31.0981 5472 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:44:31.0997 5472 partmgr - ok
16:44:32.0028 5472 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:44:32.0059 5472 Parvdm - ok
16:44:32.0075 5472 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:44:32.0106 5472 PcaSvc - ok
16:44:32.0137 5472 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
16:44:32.0168 5472 pccsmcfd - ok
16:44:32.0184 5472 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
16:44:32.0200 5472 pci - ok
16:44:32.0246 5472 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:44:32.0262 5472 pciide - ok
16:44:32.0278 5472 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:44:32.0293 5472 pcmcia - ok
16:44:32.0309 5472 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:44:32.0324 5472 pcw - ok
16:44:32.0356 5472 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:44:32.0418 5472 PEAUTH - ok
16:44:32.0465 5472 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:44:32.0512 5472 PeerDistSvc - ok
16:44:32.0636 5472 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
16:44:32.0699 5472 pla - ok
16:44:32.0761 5472 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:44:32.0808 5472 PlugPlay - ok
16:44:32.0839 5472 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:44:32.0839 5472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:44:32.0839 5472 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:44:32.0886 5472 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:44:32.0917 5472 PNRPAutoReg - ok
16:44:32.0933 5472 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:44:32.0948 5472 PNRPsvc - ok
16:44:33.0011 5472 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
16:44:33.0026 5472 Point32 - ok
16:44:33.0073 5472 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:44:33.0120 5472 PolicyAgent - ok
16:44:33.0182 5472 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
16:44:33.0214 5472 Power - ok
16:44:33.0245 5472 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:44:33.0276 5472 PptpMiniport - ok
16:44:33.0307 5472 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:44:33.0323 5472 Processor - ok
16:44:33.0385 5472 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
16:44:33.0416 5472 ProfSvc - ok
16:44:33.0448 5472 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:44:33.0463 5472 ProtectedStorage - ok
16:44:33.0494 5472 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:44:33.0526 5472 Psched - ok
16:44:33.0572 5472 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:44:33.0619 5472 ql2300 - ok
16:44:33.0650 5472 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:44:33.0666 5472 ql40xx - ok
16:44:33.0713 5472 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:44:33.0744 5472 QWAVE - ok
16:44:33.0760 5472 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:44:33.0791 5472 QWAVEdrv - ok
16:44:33.0853 5472 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:44:33.0869 5472 RapiMgr - ok
16:44:33.0884 5472 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:44:33.0931 5472 RasAcd - ok
16:44:33.0978 5472 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:44:34.0025 5472 RasAgileVpn - ok
16:44:34.0040 5472 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:44:34.0087 5472 RasAuto - ok
16:44:34.0103 5472 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:44:34.0150 5472 Rasl2tp - ok
16:44:34.0212 5472 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
16:44:34.0259 5472 RasMan - ok
16:44:34.0274 5472 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:44:34.0337 5472 RasPppoe - ok
16:44:34.0352 5472 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:44:34.0384 5472 RasSstp - ok
16:44:34.0430 5472 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:44:34.0477 5472 rdbss - ok
16:44:34.0508 5472 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:44:34.0524 5472 rdpbus - ok
16:44:34.0571 5472 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:44:34.0618 5472 RDPCDD - ok
16:44:34.0649 5472 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:44:34.0680 5472 RDPDR - ok
16:44:34.0711 5472 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:44:34.0758 5472 RDPENCDD - ok
16:44:34.0789 5472 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:44:34.0820 5472 RDPREFMP - ok
16:44:34.0930 5472 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:44:34.0976 5472 RdpVideoMiniport - ok
16:44:35.0039 5472 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:44:35.0070 5472 RDPWD - ok
16:44:35.0117 5472 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:44:35.0132 5472 rdyboost - ok
16:44:35.0226 5472 [ A171029D6B6C2D93C22861A347F43C2A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:44:35.0242 5472 RegSrvc - ok
16:44:35.0273 5472 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:44:35.0335 5472 RemoteAccess - ok
16:44:35.0366 5472 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:44:35.0413 5472 RemoteRegistry - ok
16:44:35.0444 5472 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:44:35.0476 5472 RFCOMM - ok
16:44:35.0507 5472 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
16:44:35.0538 5472 rimmptsk - ok
16:44:35.0554 5472 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
16:44:35.0585 5472 rimsptsk - ok
16:44:35.0616 5472 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
16:44:35.0632 5472 rismxdp - ok
16:44:35.0663 5472 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:44:35.0694 5472 RpcEptMapper - ok
16:44:35.0741 5472 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:44:35.0772 5472 RpcLocator - ok
16:44:35.0819 5472 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
16:44:35.0866 5472 RpcSs - ok
16:44:35.0944 5472 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
16:44:35.0959 5472 RRNetCap - ok
16:44:35.0959 5472 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
16:44:35.0975 5472 RRNetCapMP - ok
16:44:36.0022 5472 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:44:36.0053 5472 rspndr - ok
16:44:36.0100 5472 [ 8CF8C5899EE66B7B1A8FB0AE131B5092 ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys
16:44:36.0115 5472 rsvcdwdr - ok
16:44:36.0162 5472 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:44:36.0193 5472 s3cap - ok
16:44:36.0209 5472 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
16:44:36.0224 5472 SamSs - ok
16:44:36.0271 5472 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:44:36.0287 5472 sbp2port - ok
16:44:36.0318 5472 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:44:36.0365 5472 SCardSvr - ok
16:44:36.0396 5472 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:44:36.0443 5472 scfilter - ok
16:44:36.0505 5472 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
16:44:36.0552 5472 Schedule - ok
16:44:36.0599 5472 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:44:36.0630 5472 SCPolicySvc - ok
16:44:36.0677 5472 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:44:36.0692 5472 sdbus - ok
16:44:36.0739 5472 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:44:36.0786 5472 SDRSVC - ok
16:44:36.0817 5472 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:44:36.0848 5472 secdrv - ok
16:44:36.0895 5472 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:44:36.0926 5472 seclogon - ok
16:44:36.0958 5472 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
16:44:36.0989 5472 SENS - ok
16:44:37.0036 5472 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:44:37.0067 5472 SensrSvc - ok
16:44:37.0098 5472 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:44:37.0129 5472 Serenum - ok
16:44:37.0160 5472 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:44:37.0192 5472 Serial - ok
16:44:37.0223 5472 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:44:37.0238 5472 sermouse - ok
16:44:37.0316 5472 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
16:44:37.0348 5472 SessionEnv - ok
16:44:37.0410 5472 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:44:37.0441 5472 sffdisk - ok
16:44:37.0457 5472 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:44:37.0488 5472 sffp_mmc - ok
16:44:37.0504 5472 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:44:37.0519 5472 sffp_sd - ok
16:44:37.0550 5472 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:44:37.0582 5472 sfloppy - ok
16:44:37.0644 5472 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:44:37.0691 5472 SharedAccess - ok
16:44:37.0738 5472 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:44:37.0784 5472 ShellHWDetection - ok
16:44:37.0816 5472 [ F5AAA8CDDA25B6387AF590D676D25BAD ] simptcp C:\Windows\System32\tcpsvcs.exe
16:44:37.0831 5472 simptcp - ok
16:44:37.0878 5472 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:44:37.0894 5472 sisagp - ok
16:44:37.0925 5472 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:44:37.0940 5472 SiSRaid2 - ok
16:44:37.0972 5472 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:44:37.0987 5472 SiSRaid4 - ok
16:44:38.0050 5472 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:44:38.0081 5472 SkypeUpdate - ok
16:44:38.0096 5472 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:44:38.0128 5472 Smb - ok
16:44:38.0206 5472 [ 31DFE6D6800A3E82FC06BB64D779E711 ] SndTAudio C:\Windows\system32\drivers\SndTAudio.sys
16:44:38.0206 5472 SndTAudio - ok
16:44:38.0252 5472 [ 8F5171C837E64FF0AC48F0A29DD9E180 ] SNMP C:\Windows\System32\snmp.exe
16:44:38.0346 5472 SNMP - ok
16:44:38.0440 5472 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:44:38.0455 5472 SNMPTRAP - ok
16:44:38.0596 5472 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:44:38.0611 5472 spldr - ok
16:44:38.0658 5472 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
16:44:38.0705 5472 Spooler - ok
16:44:38.0845 5472 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
16:44:38.0923 5472 sppsvc - ok
16:44:38.0986 5472 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:44:39.0017 5472 sppuinotify - ok
16:44:39.0079 5472 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
16:44:39.0095 5472 sprtsvc_DellSupportCenter - ok
16:44:39.0173 5472 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:44:39.0251 5472 srv - ok
16:44:39.0282 5472 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:44:39.0313 5472 srv2 - ok
16:44:39.0391 5472 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:44:39.0422 5472 SrvHsfHDA - ok
16:44:39.0469 5472 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:44:39.0500 5472 SrvHsfV92 - ok
16:44:39.0547 5472 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:44:39.0578 5472 SrvHsfWinac - ok
16:44:39.0610 5472 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:44:39.0641 5472 srvnet - ok
16:44:39.0688 5472 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:44:39.0734 5472 SSDPSRV - ok
16:44:39.0797 5472 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
16:44:39.0812 5472 ssmdrv - ok
16:44:39.0828 5472 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:44:39.0859 5472 SstpSvc - ok
16:44:39.0922 5472 [ 799AA3E04879B3FED31ECEA02B1CAA9A ] STacSV C:\Windows\system32\STacSV.exe
16:44:39.0968 5472 STacSV - ok
16:44:40.0046 5472 [ 8C37C35FB2D9692DDA0EDDBCA58BFE18 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:44:40.0062 5472 Stereo Service - ok
16:44:40.0109 5472 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:44:40.0124 5472 stexstor - ok
16:44:40.0187 5472 [ 5AF135B2E2097D4494B9067CE84E2665 ] STHDA C:\Windows\system32\drivers\stwrt.sys
16:44:40.0218 5472 STHDA - ok
16:44:40.0280 5472 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:44:40.0312 5472 StillCam - ok
16:44:40.0390 5472 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
16:44:40.0468 5472 StiSvc - ok
16:44:40.0514 5472 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:44:40.0530 5472 storflt - ok
16:44:40.0624 5472 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
16:44:40.0639 5472 StorSvc - ok
16:44:40.0686 5472 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:44:40.0702 5472 storvsc - ok
16:44:40.0748 5472 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
16:44:40.0764 5472 swenum - ok
16:44:40.0811 5472 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:44:40.0842 5472 swprv - ok
16:44:40.0889 5472 [ 9B5CC1B6DF186564F4CFCCA04C19E1F8 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
16:44:40.0936 5472 sxuptp - ok
16:44:40.0998 5472 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
16:44:41.0045 5472 SysMain - ok
16:44:41.0107 5472 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:44:41.0138 5472 TabletInputService - ok
16:44:41.0185 5472 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
16:44:41.0232 5472 TapiSrv - ok
16:44:41.0294 5472 [ 77BD6143C6DCE0A1BF7B5571BED860DC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
16:44:41.0310 5472 tbhsd - ok
16:44:41.0372 5472 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:44:41.0435 5472 TBS - ok
16:44:41.0497 5472 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:44:41.0544 5472 Tcpip - ok
16:44:41.0575 5472 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:44:41.0606 5472 TCPIP6 - ok
16:44:41.0700 5472 [ BB7F39C31C4A4417FD318E7CD184E225 ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
16:44:41.0731 5472 tcpipBM - ok
16:44:41.0762 5472 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:44:41.0794 5472 tcpipreg - ok
16:44:41.0856 5472 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:44:41.0903 5472 TDPIPE - ok
16:44:41.0965 5472 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:44:41.0981 5472 TDTCP - ok
16:44:42.0012 5472 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:44:42.0043 5472 tdx - ok
16:44:42.0199 5472 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
16:44:42.0293 5472 TeamViewer7 - ok
16:44:42.0340 5472 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
16:44:42.0371 5472 teamviewervpn ( UnsignedFile.Multi.Generic ) - warning
16:44:42.0371 5472 teamviewervpn - detected UnsignedFile.Multi.Generic (1)
16:44:42.0402 5472 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:44:42.0418 5472 TermDD - ok
16:44:42.0496 5472 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
16:44:42.0542 5472 TermService - ok
16:44:42.0589 5472 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:44:42.0605 5472 Themes - ok
16:44:42.0636 5472 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:44:42.0667 5472 THREADORDER - ok
16:44:42.0698 5472 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:44:42.0745 5472 TrkWks - ok
16:44:42.0808 5472 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:44:42.0854 5472 TrustedInstaller - ok
16:44:42.0901 5472 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:44:42.0932 5472 tssecsrv - ok
16:44:42.0979 5472 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:44:43.0010 5472 TsUsbFlt - ok
16:44:43.0057 5472 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:44:43.0104 5472 tunnel - ok
16:44:43.0151 5472 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:44:43.0166 5472 uagp35 - ok
16:44:43.0198 5472 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:44:43.0260 5472 udfs - ok
16:44:43.0322 5472 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:44:43.0369 5472 UI0Detect - ok
16:44:43.0400 5472 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:44:43.0416 5472 uliagpkx - ok
16:44:43.0463 5472 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
16:44:43.0510 5472 umbus - ok
16:44:43.0572 5472 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:44:43.0634 5472 UmPass - ok
16:44:43.0712 5472 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
16:44:43.0759 5472 UmRdpService - ok
16:44:43.0837 5472 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:44:43.0868 5472 upnphost - ok
16:44:43.0931 5472 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:44:43.0993 5472 USBAAPL - ok
16:44:44.0056 5472 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:44:44.0071 5472 usbaudio - ok
16:44:44.0118 5472 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:44:44.0165 5472 usbccgp - ok
16:44:44.0212 5472 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:44:44.0243 5472 usbcir - ok
16:44:44.0305 5472 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:44:44.0321 5472 usbehci - ok
16:44:44.0414 5472 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:44:44.0446 5472 usbhub - ok
16:44:44.0477 5472 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:44:44.0508 5472 usbohci - ok
16:44:44.0555 5472 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:44:44.0570 5472 usbprint - ok
16:44:44.0617 5472 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:44:44.0648 5472 usbscan - ok
16:44:44.0664 5472 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:44:44.0711 5472 USBSTOR - ok
16:44:44.0742 5472 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:44:44.0758 5472 usbuhci - ok
16:44:44.0820 5472 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:44:44.0867 5472 usbvideo - ok
16:44:44.0914 5472 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:44:44.0945 5472 UxSms - ok
16:44:44.0976 5472 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
16:44:44.0992 5472 VaultSvc - ok
16:44:45.0054 5472 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:44:45.0101 5472 vdrvroot - ok
16:44:45.0116 5472 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
16:44:45.0179 5472 vds - ok
16:44:45.0210 5472 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:44:45.0241 5472 vga - ok
16:44:45.0257 5472 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:44:45.0304 5472 VgaSave - ok
16:44:45.0350 5472 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:44:45.0382 5472 vhdmp - ok
16:44:45.0397 5472 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:44:45.0413 5472 viaagp - ok
16:44:45.0428 5472 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:44:45.0475 5472 ViaC7 - ok
16:44:45.0522 5472 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
16:44:45.0538 5472 viaide - ok
16:44:45.0631 5472 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:44:45.0662 5472 vmbus - ok
16:44:45.0709 5472 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:44:45.0756 5472 VMBusHID - ok
16:44:45.0772 5472 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:44:45.0787 5472 volmgr - ok
16:44:45.0834 5472 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:44:45.0850 5472 volmgrx - ok
16:44:45.0881 5472 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:44:45.0896 5472 volsnap - ok
16:44:45.0928 5472 [ B26536ADD1D748CDA104D856C979AE79 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
16:44:45.0943 5472 vpcbus - ok
16:44:45.0990 5472 [ A0F7E923A6261760130F22B85DF9040E ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:44:46.0037 5472 vpcnfltr - ok
16:44:46.0068 5472 [ 5F4B55E91CE7E2523C9E1E0ECE858869 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
16:44:46.0084 5472 vpcusb - ok
16:44:46.0099 5472 [ C35C2C888AFF276E95AD3DB3B7A8D003 ] vpcuxd C:\Windows\system32\DRIVERS\vpcuxd.sys
16:44:46.0130 5472 vpcuxd - ok
16:44:46.0224 5472 [ B487191FE18D6863381A1AC55482469A ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
16:44:46.0240 5472 vpcvmm - ok
16:44:46.0302 5472 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:44:46.0333 5472 vsmraid - ok
16:44:46.0520 5472 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
16:44:46.0598 5472 VSS - ok
16:44:46.0630 5472 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:44:46.0692 5472 vwifibus - ok
16:44:46.0754 5472 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:44:46.0801 5472 W32Time - ok
16:44:46.0864 5472 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:44:46.0895 5472 WacomPen - ok
16:44:46.0926 5472 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:44:46.0957 5472 WANARP - ok
16:44:46.0973 5472 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:44:47.0004 5472 Wanarpv6 - ok
16:44:47.0160 5472 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
16:44:47.0222 5472 wbengine - ok
16:44:47.0254 5472 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:44:47.0285 5472 WbioSrvc - ok
16:44:47.0363 5472 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
16:44:47.0394 5472 WcesComm - ok
16:44:47.0488 5472 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:44:47.0534 5472 wcncsvc - ok
16:44:47.0566 5472 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:44:47.0597 5472 WcsPlugInService - ok
16:44:47.0628 5472 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:44:47.0644 5472 Wd - ok
16:44:47.0706 5472 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:44:47.0753 5472 Wdf01000 - ok
16:44:47.0784 5472 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:44:47.0846 5472 WdiServiceHost - ok
16:44:47.0862 5472 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:44:47.0893 5472 WdiSystemHost - ok
16:44:47.0956 5472 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
16:44:47.0987 5472 WebClient - ok
16:44:48.0065 5472 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:44:48.0112 5472 Wecsvc - ok
16:44:48.0143 5472 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:44:48.0174 5472 wercplsupport - ok
16:44:48.0221 5472 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:44:48.0268 5472 WerSvc - ok
16:44:48.0314 5472 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:44:48.0346 5472 WfpLwf - ok
16:44:48.0392 5472 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:44:48.0424 5472 WIMMount - ok
16:44:48.0470 5472 [ 4DACA8F07537D4D7E3534BB99294AA26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
16:44:48.0502 5472 winachsf - ok
16:44:48.0658 5472 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:44:48.0704 5472 WinDefend - ok
16:44:48.0751 5472 WinHttpAutoProxySvc - ok
16:44:48.0892 5472 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:44:48.0954 5472 Winmgmt - ok
16:44:49.0001 5472 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
16:44:49.0079 5472 WinRM - ok
16:44:49.0157 5472 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:44:49.0188 5472 WinUsb - ok
16:44:49.0250 5472 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:44:49.0313 5472 Wlansvc - ok
16:44:49.0578 5472 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:44:49.0625 5472 wlidsvc - ok
16:44:49.0687 5472 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:44:49.0734 5472 WmiAcpi - ok
16:44:49.0812 5472 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:44:49.0890 5472 wmiApSrv - ok
16:44:50.0171 5472 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:44:50.0249 5472 WMPNetworkSvc - ok
16:44:50.0311 5472 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:44:50.0389 5472 WPCSvc - ok
16:44:50.0452 5472 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:44:50.0483 5472 WPDBusEnum - ok
16:44:50.0514 5472 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:44:50.0576 5472 ws2ifsl - ok
16:44:50.0623 5472 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
16:44:50.0654 5472 wscsvc - ok
16:44:50.0670 5472 WSearch - ok
16:44:50.0810 5472 [ 54A75991B4D2DC8DB8C1116B7A98538C ] WTGService F:\Programme\XS Manager\WTGService.exe
16:44:50.0826 5472 WTGService - ok
16:44:51.0247 5472 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:44:51.0294 5472 wuauserv - ok
16:44:51.0388 5472 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:44:51.0419 5472 WudfPf - ok
16:44:51.0481 5472 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:44:51.0528 5472 WUDFRd - ok
16:44:51.0575 5472 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:44:51.0606 5472 wudfsvc - ok
16:44:51.0668 5472 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:44:51.0700 5472 WwanSvc - ok
16:44:51.0746 5472 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
16:44:51.0778 5472 XAudio - ok
16:44:51.0824 5472 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
16:44:51.0856 5472 XAudioService - ok
16:44:51.0902 5472 [ 82BC584EFBD7502B3EE95A1E70743F9F ] XS Stick Service C:\Windows\service4g.exe
16:44:51.0934 5472 XS Stick Service - ok
16:44:51.0996 5472 [ 4CAA1637520365C50331B454469DF58C ] [verify-U] F:\Programme\[verify-U] AVS\[verify-U]-Service.exe
16:44:51.0996 5472 [verify-U] ( UnsignedFile.Multi.Generic ) - warning
16:44:51.0996 5472 [verify-U] - detected UnsignedFile.Multi.Generic (1)
16:44:52.0058 5472 [ A505FF145D2C056BE52BFA7670D09525 ] [verify-U]_System C:\Windows\system32\drivers\[verify-U]-driver.sys
16:44:52.0074 5472 [verify-U]_System ( UnsignedFile.Multi.Generic ) - warning
16:44:52.0074 5472 [verify-U]_System - detected UnsignedFile.Multi.Generic (1)
16:44:52.0121 5472 ================ Scan global ===============================
16:44:52.0183 5472 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
16:44:52.0230 5472 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
16:44:52.0230 5472 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
16:44:52.0292 5472 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:44:52.0370 5472 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:44:52.0370 5472 [Global] - ok
16:44:52.0370 5472 ================ Scan MBR ==================================
16:44:52.0402 5472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:44:57.0846 5472 \Device\Harddisk1\DR1 - ok
16:44:58.0267 5472 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
16:44:58.0330 5472 \Device\Harddisk0\DR0 - ok
16:44:58.0330 5472 ================ Scan VBR ==================================
16:44:58.0376 5472 [ 6101D20B7DA5400B0416E17EA29FD800 ] \Device\Harddisk1\DR1\Partition1
16:44:58.0423 5472 \Device\Harddisk1\DR1\Partition1 - ok
16:44:58.0454 5472 [ D145221ECC970830E83C29C60C871083 ] \Device\Harddisk1\DR1\Partition2
16:44:58.0517 5472 \Device\Harddisk1\DR1\Partition2 - ok
16:44:58.0532 5472 [ B98AECC0F827E44F802EAD31426AA2A2 ] \Device\Harddisk1\DR1\Partition3
16:44:58.0564 5472 \Device\Harddisk1\DR1\Partition3 - ok
16:44:58.0579 5472 [ 20908DBA9D26C359F2EB9C468E6C66CB ] \Device\Harddisk1\DR1\Partition4
16:44:58.0610 5472 \Device\Harddisk1\DR1\Partition4 - ok
16:44:58.0657 5472 [ 24B2322E75C3B070B877D8C5D3FB2DE2 ] \Device\Harddisk0\DR0\Partition1
16:44:58.0657 5472 \Device\Harddisk0\DR0\Partition1 - ok
16:44:58.0657 5472 ============================================================
16:44:58.0657 5472 Scan finished
16:44:58.0657 5472 ============================================================
16:44:58.0673 5464 Detected object count: 9
16:44:58.0673 5464 Actual detected object count: 9
16:45:01.0450 5464 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0450 5464 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0450 5464 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0450 5464 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0450 5464 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0450 5464 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0450 5464 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0450 5464 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0450 5464 Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0450 5464 Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0465 5464 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0465 5464 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0465 5464 teamviewervpn ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0465 5464 teamviewervpn ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0465 5464 [verify-U] ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0465 5464 [verify-U] ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:45:01.0465 5464 [verify-U]_System ( UnsignedFile.Multi.Generic ) - skipped by user
16:45:01.0465 5464 [verify-U]_System ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 09.01.2013, 16:50

Hi
noch probleme festzustellen?

KokomikoM · 09.01.2013, 17:03

Hm, ich weiß nicht, ob die Zeiten meine Notebooks normal sind:

46 sek beim Hochfahren, bis nur die Anmeldemaske erscheint,
1:53 bis man etwas arbeiten kann, aber das schnellste war mein Notebook noch nie.

Sind die Sachen, die oben gefunden wurden, nicht "gefährlich"?

Zum großen PC:
Alles läuft einwandfrei. Mein Mann meint, er wäre langsamer als früher, aber er ist deutlich schneller als mein Notebook vom Hochfahren bis zum einsatz. Er kann durchaus etwas langsamer sein, da ja jetzt mit den softwareupdatern zwei weitere Programme im Autostart sind.

markusg · 09.01.2013, 17:31

hi, wir schaun mal noch weiter:
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

KokomikoM · 09.01.2013, 18:18

Hier ist die Liste

4 Elements II 29.12.2011 - Notwendig (Spiel)
7-Zip 4.65 06.12.2009 - Notwendig
[verify-U] AVS 2.1.9 :cybits: GmbH 30.01.2010 2.1.9
[verify-U]_AVS_IE_Add-on cybits AG 30.01.2010 1.0.0.3
Acrobat.com Adobe Systems Incorporated 05.12.2009 1.2.443 - Notwendig
Acronis License Server Acronis 06.09.2011 21,7MB 10.0.13545 - nicht notwendig
Adobe AIR Adobe Systems Inc. 04.09.2010 2.0.3.13070 - Notwendig
Adobe Creative Suite 4 Design Standard Adobe Systems Incorporated 05.12.2009 4,29GB 4.0 - Notwendig
Adobe Dreamweaver CS3 Adobe Systems Incorporated 06.12.2009 9.0 - nicht notwendig
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 11.12.2012 6,00MB 11.5.502.135 - Notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 11.12.2012 6,00MB 11.5.502.135 - Notwendig
Adobe Reader XI - Deutsch Adobe Systems Incorporated 06.01.2013 127MB 11.0.00 - Notwendig
Advanced Audio FX Engine 05.12.2009 - Notwendig
Advanced Video FX Engine 05.12.2009 - Notwendig
Apple Application Support Apple Inc. 15.09.2012 64,4MB 2.2.2 - Notwendig
Apple Mobile Device Support Apple Inc. 15.09.2012 23,1MB 6.0.0.59 - Notwendig
Apple Software Update Apple Inc. 26.06.2011 2,25MB 2.1.3.127 - Notwendig
Ashampoo Snap 5 v.5.1.5 Ashampoo GmbH & Co. KG 01.09.2012 42,9MB 5.1.5 - Notwendig
Audials RapidSolution Software AG 08.01.2012 292MB 8.0.54900.0 - nicht notwendig
Audials TV RapidSolution Software AG 08.01.2012 2,07MB 1.3.10803.300 - nicht notwendig
Audible Download Manager Audible, Inc. 21.03.2010 6.6.0.12 - Notwendig
AudibleManager Audible, Inc. 03.02.2011 2004104506.48.56.7081194 - Notwendig
Avira Internet Security Avira 15.12.2012 161MB 13.0.0.2890 - wird ersetzt durch emisoft
Belkin Netzwerk USB-Hub Kontrollzentrum Belkin International, Inc. 05.12.2009 1.4.0 - Notwendig
Big Fish Games: Game Manager 29.12.2011 3.0.1.60 - Notwendig (Spiel)
Bonjour Apple Inc. 14.10.2011 749KB 3.0.0.10 - Notwendig (gehört zu Apple wegen iPhone und iPad)
Broadcom 440x 10/100 Integrated Controller Broadcom Corporation 05.12.2009 144KB 10.04.01 - Notwendig
Broadcom Management Programs Broadcom Corporation 05.12.2009 4,34MB 10.15.03 - Notwendig
CCleaner Piriform 19.12.2012 3.26 - Notwendig
Chuzzle Deluxe 07.12.2009 - Notwendig (Spiel)
Conexant HDA D330 MDC V.92 Modem 05.12.2009 - ist ein Treiber von Dell
Dell Driver Download Manager Dell Inc. 24.08.2011 2.1.0.0 - Notwendig
Dell Resource CD Ihr Firmenname 05.12.2009 2,99MB 1.00.0000 - Notwendig
Dell Support Center (Support Software) Dell 07.12.2009 100MB 2.2.08100 - Notwendig
Dell Touchpad Alps Electric 05.12.2009 7.1.102.7 - Notwendig
DELL Webcam Center 05.12.2009 - Notwendig
DELL Webcam Manager 05.12.2009 - Notwendig
Demo Builder 5 Tanida Software 06.12.2009 - Notwendig
Die Sims™ 3 Electronic Arts 02.11.2012 1.42.130 - Notwendig (Spiel)
Die Sims™ 3 Einfach tierisch Electronic Arts 19.10.2011 10.0.96 - Notwendig (Spiel)
Die Sims™ 3 Einfach tierisch: Erstelle ein Tier-Demo Electronic Arts 25.09.2011 1.0.19 - Notwendig (Spiel)
Die Sims™ 3 Erstelle ein Muster-Tool Electronic Arts 04.07.2010 1.0.0 - Notwendig (Spiel)
Die Sims™ 3 Luxus-Accessoires Electronic Arts 16.06.2010 3.0.38 - Notwendig (Spiel)
Die Sims™ 3 Reiseabenteuer Electronic Arts 13.06.2010 2.7.7 - Notwendig (Spiel)
Die Sims™ 3 Traumkarrieren Electronic Arts 25.09.2011 4.10.1 - Notwendig (Spiel)
Die*Sims*Mittelalter Electronic Arts 21.05.2011 1.3.13 - Notwendig (Spiel)
Easy2Sync für Dateien 02.10.2010 - Notwendig
Falk Navi-Manager Falk Navigation GmbH 06.11.2011 2.7.0 - Notwendig
Feedback Tool Microsoft Corporation 13.03.2011 2,27MB 1.2.0 - kenne ich eigentlich nicht, kam mit Windows update
FileZilla Client 3.5.3 FileZilla Project 28.03.2012 16,5MB 3.5.3 - Notwendig (damit lade ich Dateien in meine Homepages hoch, ist kein Programm zum Dateien teilen)
FlashLAB NETGUI 06.12.2009 1,98MB 1.1.1 - Notwendig für meine Lerneinheiten
FreeMind 06.12.2009 0.8.1 - Notwendig (Mindmapper)
Google Chrome Google Inc. 27.10.2012 23.0.1271.97 - Notwendig
Google Earth Plug-in Google 17.11.2011 40,8MB 6.1.0.5001 - nicht notwendig
HotPotatoes v 6.3.0.3 HalfBaked 06.12.2009 - Notwendig für Lerneinheiten
HP Customer Participation Program 10.0 HP 06.09.2011 10.0 - Notwendig
HP LaserJet P2050 Series 6.0 HP 06.09.2011 6.0 - Notwendig
HP Officejet Pro 8600 - Grundlegende Software für das Gerät Hewlett-Packard Co. 17.11.2012 163MB 25.0.619.0 - Notwendig
HP Officejet Pro 8600 Hilfe Hewlett Packard 17.11.2012 22,5MB 140.0.2.2 - Notwendig
HP Update Hewlett-Packard 17.11.2012 3,98MB 5.003.000.004 - Notwendig
I.R.I.S. OCR HP 17.11.2012 68,9MB 12.3.4.0 - Notwendig, Teil von HP-software
iCloud Apple Inc. 21.09.2012 47,4MB 2.0.2.187 - Notwendig
In A Flash 3 NETGUI 06.12.2009 17,5MB 3.2.0 - Notwendig, gehört zu Flashlab
Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 06.01.2011 95,2MB 13.00.0000 - Notwendig
Internet Explorer Toolbar 4.6 by SweetPacks 05.01.2013 - nicht notwendig, aber ich kriege das Ding nicht los! Ich weiß nicht mehr, mit welchem anderen Programm es kam
iPhoneBrowser Cranium Consulting and Custom Software 27.02.2010 424KB 1.9.3 - nicht notwendig
iTunes Apple Inc. 15.09.2012 180MB 10.7.0.21 - Notwendig
Java 7 Update 10 Oracle 06.01.2013 128MB 7.0.100 - Notwendig, müsste aktuell sein, habe ich erst vor kurzem aktualisiert
JavaFX 2.1.1 Oracle Corporation 16.07.2012 20,8MB 2.1.1 - Notwendig, anscheinend braucht man beides, wenn man IE und Firefox nutzt, ich möchte nur noch Chrome nutzen, was kann ich löschen?
Laptop Integrated Webcam Driver (1.04.01.1011) 09.10.2010 - Notwendig
Live! Cam Avatar Creative 05.12.2009 1.0 - Notwendig (ist von Dell für die integrierte Kamera)
Live! Cam Avatar Creator Creative 05.12.2009 4.5.2722.1 - Notwendig - Notwendig
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 08.01.2013 18,4MB 1.70.0.1100 - ?
Microsoft .NET Framework 1.1 Microsoft 15.12.2009 34,8MB 1.1.4322 - ? keine Ahnung, ob ich alle brauche?
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 20.01.2012 38,8MB 4.0.30320 - ? keine Ahnung, ob ich alle brauche?
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 20.01.2012 2,93MB 4.0.30320 - ? keine Ahnung, ob ich alle brauche?
Microsoft .NET Framework 4 Extended Microsoft Corporation 20.01.2012 51,9MB 4.0.30320 - ? keine Ahnung, ob ich alle brauche?
Microsoft Expression Web Microsoft Corporation 07.12.2009 12.0.6215.1000 - Notwendig
Microsoft IntelliPoint 8.2 Microsoft Corporation 10.11.2012 8.20.468.0 - Notwendig
Microsoft Office Live Add-in 1.5 Microsoft Corporation 26.05.2010 508KB 2.0.4024.1 - Notwendig
Microsoft Office Outlook Connector Microsoft Corporation 18.10.2011 3,36MB 14.0.5118.5000 - Notwendig
Microsoft Office Professional Plus 2010 Microsoft Corporation 07.09.2011 14.0.6029.1000 - Notwendig
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Corporation 18.10.2011 1,38MB 14.0.5120.5000 - Notwendig, hm, ist halt Bestandteil von Office 2010, kann ich nicht einzeln deinstallieren
Microsoft Silverlight Microsoft Corporation 09.05.2012 232MB 5.1.10411.0 - siehe vorigen Eintrag
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 07.12.2009 250KB 8.0.50727.4053 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 300KB 8.0.56336 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 05.12.2009 200KB 9.0.30729.4148 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Corporation 05.04.2010 232KB 9.0.21022.218 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 05.12.2009 596KB 9.0.30729 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 30.05.2010 594KB 9.0.30729.4148 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 600KB 9.0.30729.6161 - ? keine Ahnung, ob ich alle brauche?
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 17.02.2012 12,2MB 10.0.40219 - ? keine Ahnung, ob ich alle brauche?
Microsoft WSE 3.0 Runtime Microsoft Corp. 06.12.2009 942KB 3.0.5305.0 - unbekannt
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme Microsoft Corporation 01.01.2010 128KB 12.0.4518.1014 - Notwendig, Bestandteil von Office 2010
MobileMe Control Panel Apple Inc. 18.11.2011 12,2MB 3.1.8.0 - scheint zu den iTunes und iPhone-Sachen zu gehören
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 13.07.2011 1,27MB 4.20.9870.0 - kenne ich nicht, ist aber von Microsoft, braucht anscheinend Office lt. Google
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 13.07.2011 1,33MB 4.20.9876.0 - dito
NVIDIA 3D Vision Treiber 266.58 NVIDIA Corporation 18.03.2011 266.58 - Notwendig
NVIDIA Grafiktreiber 266.58 NVIDIA Corporation 18.03.2011 266.58 - Notwendig
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 18.03.2011 9.10.0514 - Notwendig, Bestandteil von Office 2010
OpenOffice.org 3.3 OpenOffice.org 14.05.2011 432MB 3.3.9567 - Notwendig für meine Lerneinheiten
Origin Electronic Arts, Inc. 06.01.2013 9.1.3.2637 - Notwendig (für Sims 3)
PixiePack Codec Pack None 14.03.2010 17,2MB 1.1.1200.0 - unbekannt
PowerFlash NETGUI 06.12.2009 3,91MB 1.0.0 - Notwendig, gehört zu Flashlab
PSPad editor Jan Fiala 09.01.2013 12,4MB - Notwendig
QuickSet Dell Inc. 05.12.2009 8,29MB 8.2.20 - Notwendig
RoboForm 7-8-5-7 (All Users) Siber Systems 08.01.2013 20,0MB 7-8-5-7 - Notwendig
s3pe - Sims3 Package Editor Peter L Jones 12.08.2012 1,74MB 12-0317-0944 - Notwendig
SigmaTel Audio SigmaTel 19.08.2011 5.10.5207.0 - Notwendig
Sims2Pack Clean Installer 09.10.2010 - Notwendig
Skype™ 5.10 Skype Technologies S.A. 06.09.2012 19,4MB 5.10.116 - Notwendig
SmartTools Publishing • Excel Jahreskalender SmartTools Publishing 22.12.2012 v4.01 - Notwendig
t@x 2012 Buhl Data Service GmbH 24.12.2011 19.00.7303 - Notwendig
Visual Studio Tools for the Office system 3.0 Runtime Microsoft Corporation 12.12.2009 - Notwendig
web 'n' walk Manager T-Mobile 11.01.2010 1.00.0000 - Notwendig
web'n'walk Manager Huawei Technologies Co.,Ltd 11.01.2010 11.002.07.22.55 - Notwendig
WIDCOMM Bluetooth Software 6.0.1.3100 Dell 05.12.2009 33,3MB 6.0.1.3100 - Notwendig
Windows Live Essentials Microsoft Corporation 18.10.2011 15.4.3538.0513 - Notwendig, hier ist nur noch Windows Live Mail wegen meiner Lerneinheiten installiert
Windows Media Encoder 9 Series 06.12.2009 - unbekannt
Windows Media Player Firefox Plugin Microsoft Corp 14.03.2010 296KB 1.0.0.8 - unbekannt
Windows Mobile-Gerätecenter Microsoft Corporation 22.02.2010 27,4MB 6.1.6965.0 - Notwendig
Windows Mobile-Gerätecenter: Treiberupdate Microsoft Corporation 22.02.2010 42,4MB 6.1.6965.0 - Notwendig
Windows XP Mode Microsoft Corporation 04.01.2010 1,13GB 1.3.7600.16422 - Notwendig
XnView 1.93.6 Gougelet Pierre-e 04.06.2012 1.93.6 - Notwendig
XSManager XSManager 29.10.2011 3.0 - Notwendig

Kann ich noch was fragen? Ich habe gerade gesehen, dass ich um 16:50 Uhr eine E-Mail bekommen habe mit einem Beitrag, den du hier geschrieben hast, der Beitrag ist aber hier nicht zu finden. Soll ich - wie in der Mail steht - Combofix holen und ausführen? Hier finde ich den genannten Beitrag leider nicht, darum meine Nachfrage.

markusg · 09.01.2013, 18:49

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Internet Explorer Toolbar
JavaFX
PixiePack

nein, kein CF, hatte editirt.

Öffne CCleaner, analysieren, starten, PC neustarten.
Öffne CCleaner, extras, autostartliste, inhalt posten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste
mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

KokomikoM · 09.01.2013, 20:04

startup.txt

Ja HKCU:Run RoboForm Siber Systems "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
Ja HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Ja HKLM:Run avgnt Avira Operations GmbH & Co. KG "F:\Programme\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
Ja HKLM:Run SigmatelSysTrayApp IDT, Inc. %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
Ja HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Ja HKLM:RunOnce "C:\Windows\system32\cmd.exe" Microsoft Corporation "C:\Windows\system32\cmd.exe" /c "rmdir /s /q "F:\Programme\Smarttools""
Ja Startup Common BTTray.lnk Broadcom Corporation. F:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
Ja Startup User Belkin Network USB Hub Control Center.lnk Belkin International, Inc. F:\Programme\Belkin\Connect.exe

adware.txt
# AdwCleaner v2.105 - Datei am 09/01/2013 um 20:01:58 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Admin - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R3].txt - [1241 octets] - [09/01/2013 20:01:58]

########## EOF - \AdwCleaner[R3].txt - [1301 octets] ##########

markusg · 09.01.2013, 20:07

Hi,
alle haken raus außer:
RoboForm
avgnt
Startup können auch alle raus.
wenn was fehlt, wieder anhaken.

ist bei Malwarebytes der Hintergrundwächter aktiv, dann ausschalten.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe
alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein
Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den
Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x = fortlaufende Nummer)

Neustarten bitte, testen, wie PC + Programme laufen, auch den Internetexplorer mit testen.

KokomikoM · 09.01.2013, 20:11

Sorry, dass ich dir doppelte Arbeit mache, ich hatte beim adwarescan vergessen, vorher die Avira Software zu deaktivieren und die Internetverbindung zu unterbrechen. Jetzt hat Adware doch etwas gefunden:

# AdwCleaner v2.105 - Datei am 09/01/2013 um 20:01:58 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Admin - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R3].txt - [1241 octets] - [09/01/2013 20:01:58]

########## EOF - \AdwCleaner[R3].txt - [1301 octets] ##########

markusg · 09.01.2013, 20:13

dann bitte nun, wie oben beschrieben, löschen

09.01.2013, 14:48	#33
markusg /// Malware-holic	Hatte GVU-Trojaner, angeblich entfernt, bin unsicher, ob mein System nun sauber ist Sind das alle Malwarebytes logs? ich benötige die, mit funden. __________________ __________________

Hatte GVU-Trojaner, angeblich entfernt, bin unsicher, ob mein System nun sauber ist

Plagegeister aller Art und deren Bekämpfung: Hatte GVU-Trojaner, angeblich entfernt, bin unsicher, ob mein System nun sauber ist