Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
System repair Virus Windows 7 Starter

System repair Virus Windows 7 Starter


Plagegeister aller Art und deren Bekämpfung: System repair Virus Windows 7 Starter

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 25.02.2013, 14:06   #1
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Hallo,
ich habe seit gestern den Virus " system repair " auf meinem Rechner.
Nach den Tips hier habe ich im abgesicherten Modus gestartet und mit Malwarebytes einen scan gemacht.
Zwei Funde liegen vor.
Diese lassen sich auch nicht entfernen.
Der Text in der Logdatei lautet untenstehend.
Wer kann mir helfen?
Vielen Dank und Grüße.

Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.25.05

Windows 7 Service Pack 1 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Falk :: FALK-EEEPC [Administrator]

Schutz: Deaktiviert

25.02.2013 13:54:02
MBAM-log-2013-02-25 (13-59-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210501
Laufzeit: 5 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Daten: C:\Users\Falk\LOCALS~1\Temp\msvlhm.cmd -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Daten: C:\Users\Falk\LOCALS~1\Temp\msvlhm.cmd -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Alt 25.02.2013, 14:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________
Alt 25.02.2013, 14:45   #3
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Vielen Dank für die schnelle Hilfe!
I
ch habe jetzt das Program und den von OTL genutzt und den scan wie beschrieben durchgeführt.

Text der Logdatei ist sehr lang:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.02.2013 14:27:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Falk\Desktop
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 69,84% Memory free
3,98 Gb Paging File | 3,49 Gb Available in Paging File | 87,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 9,33 Gb Free Space | 9,33% Space Free | Partition Type: NTFS
Drive D: | 98,34 Gb Total Space | 50,48 Gb Free Space | 51,33% Space Free | Partition Type: NTFS
 
Computer Name: FALK-EEEPC | User Name: Falk | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Falk\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Citrix\ICA Client\ssonsvr.exe (Citrix Systems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\PROGRA~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe ()
SRV - (HFGService) -- C:\Windows\System32\HFGService.dll (CSR, plc)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (UDisk Monitor) -- C:\Program Files\Visafone Wireless Terminal\bin\MonServiceUDisk.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (PnSson) --  File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (ctxusbm) -- C:\Windows\System32\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (BthAudioHF) -- C:\Windows\System32\drivers\BthAudioHF.sys (CSR, plc)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (azvusb) -- C:\Windows\System32\drivers\azvusb.sys (AzureWave Technologies, Inc.)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (ztemtusbser) -- C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys (ZTEMT Incorporated)
DRV - (csr_a2dp) -- C:\Windows\System32\drivers\bthav.sys (CSR, plc)
DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LITEON)
DRV - (Ltn_stkrc) -- C:\Windows\System32\drivers\Ltn_stkrc.sys (LITEON)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\..\SearchScopes\{2E51F52B-02CE-491C-ACFC-FD7BC5FC65EE}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=BFF392C4-79C7-4AB7-BCF3-21CD7D74D0D5&apn_sauid=F0392549-C34B-431D-BE61-2C1736E394D1&
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.25 20:59:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.25 21:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.25 21:00:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.25 20:59:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.25 21:00:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.25 21:00:04 | 000,000,000 | ---D | M]
 
[2011.07.18 10:01:27 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Extensions
[2011.07.18 10:01:27 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.10.25 18:47:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\jt2uqs14.default\extensions
[2013.02.25 20:42:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.02.25 21:00:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.02 16:14:50 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.25 00:58:10 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2011.04.25 01:00:08 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2011.04.25 00:59:06 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2011.04.25 00:58:38 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012.02.29 20:16:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.04.25 01:49:00 | 000,485,288 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2011.04.25 01:00:04 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012.06.07 19:44:26 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.07 19:44:26 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.07 19:44:26 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.07 19:44:26 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.07 19:44:26 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.07 19:44:26 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.02.14 17:21:08 | 000,000,849 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 192.168.0.113 NPI3A772D
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [EEESplendidAR] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HP Color LaserJet CM1312 MFP Series Fax] C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKU\S-1-5-21-291956970-2086752177-2648855092-1000..\Run: []  File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
F3 - HKU\S-1-5-21-291956970-2086752177-2648855092-1000 WinNT: Load - (C:\Users\Falk\LOCALS~1\Temp\msvlhm.cmd) -  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-291956970-2086752177-2648855092-1000\..Trusted Domains: lht-portal.de ([seccustomer] https in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.248.7.1 80.248.7.2 165.21.83.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08B0C0E4-3354-40B7-81F5-70F9BC22D92A}: DhcpNameServer = 80.248.7.1 80.248.7.2 165.21.83.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6AB71594-7E93-4B1C-9BCC-51B99B42CE23}: DhcpNameServer = 80.248.7.1 80.248.7.2 165.21.83.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CEB75ED-5532-45CB-80E9-C3A2E37437B3}: NameServer = 172.24.8.50 141.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA6342C5-025A-462B-A9F5-39D721745D35}: NameServer = 172.24.8.50 141.1.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{091edb79-1db4-11e1-af33-f46d04481b2b}\Shell - "" = AutoRun
O33 - MountPoints2\{091edb79-1db4-11e1-af33-f46d04481b2b}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{64da0a17-ab16-11e0-9dc4-f46d04481b2b}\Shell - "" = AutoRun
O33 - MountPoints2\{64da0a17-ab16-11e0-9dc4-f46d04481b2b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6561bbba-2b2b-11e1-bc6b-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{6561bbba-2b2b-11e1-bc6b-001e101f82a7}\Shell\AutoRun\command - "" = E:\Setup.exe /Auto
O33 - MountPoints2\{fde10862-a70a-11e0-ac2f-f46d04481b2b}\Shell - "" = AutoRun
O33 - MountPoints2\{fde10862-a70a-11e0-ac2f-f46d04481b2b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fde10879-a70a-11e0-ac2f-f46d04481b2b}\Shell - "" = AutoRun
O33 - MountPoints2\{fde10879-a70a-11e0-ac2f-f46d04481b2b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.25 14:15:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2013.02.25 14:08:59 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013.02.25 13:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.25 13:51:18 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013.02.25 13:45:09 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Falk\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.25 09:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\falkili
[2013.02.25 09:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\falkspecial
[2013.02.25 00:50:31 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Roaming\Malwarebytes
[2013.02.25 00:50:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2013.02.25 00:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.25 00:49:52 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\Programs
[2013.02.24 22:36:31 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.02.24 22:36:29 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.02.24 22:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.02.24 20:31:08 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{EDB6BBC3-269B-42BF-BAB1-EC6581948DC0}
[2013.02.24 20:26:52 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{E9736B9A-BD75-4ED9-B087-0CA13693735E}
[2013.02.23 10:26:44 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{17B62879-D327-40EC-BAFB-8E9067E1D113}
[2013.02.22 09:23:49 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{804C3AD9-1EDA-4F69-8BF0-8EE2664A5AE4}
[2013.02.21 09:17:07 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{D0FDE89D-3DD2-462C-991A-76881A71ADE4}
[2013.02.20 14:24:55 | 000,000,000 | -H-D | C] -- C:\Users\Falk\Desktop\Bilder Steuer Arbeitsplatz 2009
[2013.02.20 14:05:59 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{15FC1275-EE45-443D-A090-CE0B9C64EC6A}
[2013.02.19 08:56:19 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{212D61F2-9956-46A8-BC04-FF98CEFDBCB5}
[2013.02.18 11:24:19 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{9557AD7B-EE54-498D-8552-463711FA3F86}
[2013.02.17 21:13:37 | 000,000,000 | -H-D | C] -- C:\Users\Falk\Desktop\nulli
[2013.02.17 18:07:01 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{538D5817-7DFD-49FA-8DC7-C2ABEB79257E}
[2013.02.16 12:54:08 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{6C9C2340-71B4-4600-B3EF-B02D730804FC}
[2013.02.16 11:18:13 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{3DD0C790-7519-4348-BC55-0BB9D3FF2F36}
[2013.02.15 18:29:51 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{2121B358-431F-465D-A11C-C311C88CAF70}
[2013.02.14 17:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013.02.14 17:24:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\HP
[2013.02.14 17:23:53 | 000,013,929 | ---- | C] (Hewlett-Packard Company) -- C:\windows\System32\hppfaxprintermon5.dll
[2013.02.14 17:23:53 | 000,009,451 | ---- | C] (Hewlett-Packard Company) -- C:\windows\System32\hppfaxprintermonui5.dll
[2013.02.14 17:21:27 | 000,161,280 | ---- | C] (Hewlett-Packard Corporation) -- C:\windows\System32\hpcpn093.dll
[2013.02.14 17:21:26 | 000,059,928 | ---- | C] (Hewlett-Packard) -- C:\windows\System32\fxcompchannel.dll
[2013.02.14 16:45:36 | 000,000,000 | -H-D | C] -- C:\Users\Falk\Documents\My Scans
[2013.02.14 05:26:56 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{4AEE2D94-9496-4DC4-8CA6-0C712C9B6951}
[2013.02.13 20:30:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Yahoo! Companion
[2013.02.13 20:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013.02.13 16:28:18 | 000,761,856 | ---- | C] (Hewlett-Packard) -- C:\windows\System32\hpxp1312.dll
[2013.02.13 16:28:17 | 000,770,048 | ---- | C] (Hewlett-Packard) -- C:\windows\System32\hpptsp04.dll
[2013.02.13 16:28:17 | 000,450,560 | ---- | C] (Hewlett-Packard) -- C:\windows\System32\hppasc11.dll
[2013.02.13 16:28:17 | 000,331,776 | ---- | C] (Hewlett-Packard) -- C:\windows\System32\hppcpr11.dll
[2013.02.13 14:39:09 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{3B8F6A27-F7C4-46B8-9849-043AA6054CAA}
[2013.02.13 06:34:05 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{790A5603-4A24-4097-9D7B-170FA455418F}
[2013.02.12 17:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2013.02.12 17:49:47 | 000,000,000 | ---D | C] -- C:\CM1312_Full_Solution_Win7_5_1_AM-EMEA1
[2013.02.12 16:57:04 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{9F53B4F2-8C5B-4E1E-AD0F-CF6D787EB9B0}
[2013.02.12 11:33:07 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{050420B6-E64D-4A83-B53F-5BE931FF54B7}
[2013.02.11 23:32:40 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{300BC72C-D5FA-461D-8DD9-5D4D556A0C02}
[2013.02.11 11:32:01 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{296180BC-B700-4838-8C53-5BF8B1429A9D}
[2013.02.10 23:31:35 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{F1CB0D8C-E158-40B4-BB1B-8B2DD0E82600}
[2013.02.10 11:48:57 | 000,000,000 | -H-D | C] -- C:\Users\Falk\Desktop\BCN
[2013.02.10 11:31:23 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{79944562-E1B0-4736-B726-828D4832C3FF}
[2013.02.09 20:57:46 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{1B318D4E-9688-409D-8B83-DC78790AC8A5}
[2013.02.08 22:52:45 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{01FCC537-3841-4F83-A70E-B71C2FC7EF8B}
[2013.02.08 10:11:50 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{32276B32-5369-4B37-805A-67D90AC8A9EA}
[2013.02.07 09:56:16 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{701884B0-7821-4956-9D45-32BAA2380440}
[2013.02.06 21:55:50 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{0AEB2119-0A3D-4785-8EAF-AE44547ACB5A}
[2013.02.06 09:19:58 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{2F8197F5-A56D-410A-A9B9-603D94F01518}
[2013.02.06 09:16:55 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{7B667C4F-1F46-4411-952D-9E91ECE18723}
[2013.02.05 16:10:13 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{8014590E-1C41-48E4-A2E4-FFF0943B131A}
[2013.02.04 23:37:17 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{569C7A2F-6D58-4014-BC4A-6D65F4C4F4D6}
[2013.02.04 08:59:39 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{223D97E1-5C79-4FC7-B9F5-7B9CE354D612}
[2013.01.31 22:42:55 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{93F542E1-1F29-42BF-B4A4-540D7C6AE0CE}
[2013.01.31 08:33:04 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{ADFFD25F-8979-4E5B-9560-3A53AEA8FBEF}
[2013.01.29 22:50:46 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{4076BD1A-DD15-4AA6-A481-A7FF3E6F28DA}
[2013.01.29 08:13:13 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{33AF2D69-09C8-403D-966A-92AF716118E3}
[2013.01.28 15:26:57 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2013.01.28 15:21:34 | 000,000,000 | ---D | C] -- C:\windows\System32\directx
[2013.01.28 14:14:38 | 000,000,000 | ---D | C] -- C:\ESD
[2013.01.28 13:25:27 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{780397B7-E6AA-4CBF-96CD-BE6C4FF962F4}
[2013.01.27 17:08:55 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{4E482153-5EE5-46A6-B258-D400FC000331}
[2013.01.27 10:53:35 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{61A1EB2C-530D-46D7-B7E2-4AC516CE0E34}
[2013.01.26 21:40:34 | 000,000,000 | -H-D | C] -- C:\Users\Falk\AppData\Local\{A6874B9D-F64F-4970-A02B-C4E9C06C5E7D}
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.25 14:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2013.02.25 14:08:59 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013.02.25 14:07:48 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.02.25 14:07:41 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.25 13:51:22 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.25 13:50:43 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Falk\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.25 09:57:45 | 000,000,152 | -H-- | M] () -- C:\ProgramData\-KqqAuLXXXiuQHkW
[2013.02.25 09:57:38 | 000,000,088 | -H-- | M] () -- C:\ProgramData\KqqAuLXXXiuQHkW
[2013.02.25 09:13:04 | 000,000,168 | -H-- | M] () -- C:\ProgramData\-KqqAuLXXXiuQHkWr
[2013.02.25 07:40:59 | 000,000,054 | RH-- | M] () -- C:\Users\Falk\Desktop\Stinger1020997.opt
[2013.02.15 18:50:26 | 000,042,334 | -H-- | M] () -- C:\Users\Falk\Desktop\Verlustmeldung.pdf
[2013.02.15 18:39:18 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.15 18:39:05 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 18:27:54 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.02.14 18:02:43 | 000,202,453 | ---- | M] () -- C:\windows\hpoins18.dat
[2013.02.14 18:02:43 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\Add a Device - All-In-One Series.lnk
[2013.02.14 17:55:08 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 17:55:07 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 17:46:45 | 000,356,448 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.02.14 17:42:20 | 000,062,214 | ---- | M] () -- C:\windows\hpqins01.dat
[2013.02.14 17:41:31 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.02.14 17:39:28 | 000,077,620 | ---- | M] () -- C:\windows\hpqins05.dat
[2013.02.14 17:38:28 | 000,001,273 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2013.02.14 17:26:27 | 000,176,744 | ---- | M] () -- C:\windows\hppins11.dat
[2013.02.14 17:23:53 | 000,000,608 | -HS- | M] () -- C:\windows\System32\winzvprt5.sys
[2013.02.14 17:23:53 | 000,000,222 | ---- | M] () -- C:\windows\System32\hppfaxprinter5.ini
[2013.02.14 17:21:08 | 000,000,849 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013.02.14 17:20:10 | 000,000,224 | ---- | M] () -- C:\windows\System32\AddPort.ini
[2013.02.14 17:20:07 | 000,000,749 | ---- | M] () -- C:\windows\hpntwksetup.ini
[2013.02.13 20:39:48 | 000,202,702 | ---- | M] () -- C:\windows\hpoins18.dat.temp
[2013.02.13 12:14:20 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013.02.13 12:14:20 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013.02.06 09:18:58 | 000,207,918 | -H-- | M] () -- C:\Users\Falk\Desktop\IMG_1942 - Kopie.JPG
[2013.02.06 09:08:16 | 002,670,958 | -H-- | M] () -- C:\Users\Falk\Desktop\IMG_1942.JPG
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.25 13:51:22 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.25 07:40:59 | 000,000,054 | RH-- | C] () -- C:\Users\Falk\Desktop\Stinger1020997.opt
[2013.02.24 21:17:22 | 000,000,168 | -H-- | C] () -- C:\ProgramData\-KqqAuLXXXiuQHkWr
[2013.02.24 21:17:21 | 000,000,152 | -H-- | C] () -- C:\ProgramData\-KqqAuLXXXiuQHkW
[2013.02.24 21:17:17 | 000,000,088 | -H-- | C] () -- C:\ProgramData\KqqAuLXXXiuQHkW
[2013.02.15 18:50:18 | 000,042,334 | -H-- | C] () -- C:\Users\Falk\Desktop\Verlustmeldung.pdf
[2013.02.14 18:02:43 | 000,002,281 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - All-In-One Series.lnk
[2013.02.14 17:55:41 | 000,202,453 | ---- | C] () -- C:\windows\hpoins18.dat
[2013.02.14 17:55:41 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2013.02.14 17:42:40 | 000,202,702 | ---- | C] () -- C:\windows\hpoins18.dat.temp
[2013.02.14 17:39:43 | 000,062,214 | ---- | C] () -- C:\windows\hpqins01.dat
[2013.02.14 17:38:28 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2013.02.14 17:36:42 | 000,077,620 | ---- | C] () -- C:\windows\hpqins05.dat
[2013.02.14 17:24:46 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.02.14 17:23:53 | 000,000,222 | ---- | C] () -- C:\windows\System32\hppfaxprinter5.ini
[2013.02.14 17:09:31 | 000,176,744 | ---- | C] () -- C:\windows\hppins11.dat
[2013.02.14 17:09:31 | 000,005,707 | ---- | C] () -- C:\windows\hppmdl11.dat
[2013.02.13 20:29:10 | 000,001,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2013.02.13 16:45:00 | 000,000,608 | -HS- | C] () -- C:\windows\System32\winzvprt5.sys
[2013.02.13 16:40:04 | 000,000,224 | ---- | C] () -- C:\windows\System32\AddPort.ini
[2013.02.13 16:39:28 | 000,000,749 | ---- | C] () -- C:\windows\hpntwksetup.ini
[2013.02.12 17:52:32 | 000,003,212 | ---- | C] () -- C:\windows\System32\hppls1312.spf
[2013.02.12 17:52:30 | 000,000,665 | ---- | C] () -- C:\windows\System32\hppapr11.dat
[2013.02.06 09:16:19 | 000,207,918 | -H-- | C] () -- C:\Users\Falk\Desktop\IMG_1942 - Kopie.JPG
[2013.02.06 09:16:09 | 002,670,958 | -H-- | C] () -- C:\Users\Falk\Desktop\IMG_1942.JPG
[2013.01.25 16:42:04 | 000,037,774 | -H-- | C] () -- C:\Users\Falk\Windows 8-Upgrade-Assistent.html
[2012.05.21 14:31:09 | 000,007,597 | -H-- | C] () -- C:\Users\Falk\AppData\Local\Resmon.ResmonCfg
[2012.02.04 19:47:03 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2012.01.08 14:52:55 | 000,000,017 | ---- | C] () -- C:\windows\System32\shortcut_ex.dat
[2011.12.27 13:07:42 | 000,014,428 | ---- | C] () -- C:\Users\Falk\NETGEARNEU.cfg
[2011.11.13 22:18:26 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
[2011.11.13 22:18:26 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
[2011.10.23 06:56:16 | 004,738,560 | ---- | C] () -- C:\windows\System32\x264vfw.dll
[2011.10.21 15:43:18 | 000,000,094 | ---- | C] () -- C:\windows\ParrotFlashWiz.INI
[2011.09.25 16:56:26 | 000,216,064 | ---- | C] ( ) -- C:\windows\System32\lagarith.dll
[2011.07.18 11:04:20 | 000,000,147 | ---- | C] () -- C:\windows\ODBC.INI
[2011.07.12 15:56:50 | 000,074,752 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2011.07.07 20:46:53 | 000,009,216 | ---- | C] () -- C:\Users\Falk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.06 16:00:20 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat.temp
[2011.07.04 08:58:09 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini
[2011.07.04 08:51:37 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011.07.04 08:51:37 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2011.05.13 09:03:16 | 000,303,104 | ---- | C] () -- C:\windows\System32\dnt27VC8.dll
[2011.05.13 09:01:22 | 000,143,360 | ---- | C] () -- C:\windows\System32\dntvmc27VC8.dll
[2011.05.13 09:01:00 | 000,086,016 | ---- | C] () -- C:\windows\System32\dntvm27VC8.dll
[2011.04.02 03:53:06 | 000,224,680 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2011.04.02 03:53:06 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2011.04.02 03:49:57 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.04.02 03:48:13 | 000,011,832 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2011.04.02 03:48:12 | 000,011,456 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys
[2011.04.02 03:47:53 | 000,000,702 | ---- | C] () -- C:\windows\Reboot.ini
[2011.04.02 03:43:20 | 000,451,072 | ---- | C] () -- C:\windows\System32\ISSRemoveSP.exe
[2011.04.02 03:42:53 | 000,014,051 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---
__________________
Alt 25.02.2013, 15:09   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.02.2013, 16:45   #5
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Habe das GMER Tool verwendet.
Hier die Logfiles.
Jetzt versuche ich es noch mit dem Mbar.
Gruß

GMER Logfile:
Code:
ATTFilter
GMER 2.1.19081 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-02-25 16:26:19
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.ESBO 232,89GB
Running: gmer_2.1.19081.exe; Driver: C:\Users\Falk\AppData\Local\Temp\kwdyyfoc.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                                            82290A49 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              822CA4D2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!EnableWindow                                        764C8D02 5 Bytes  JMP 70A79EB4 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!DialogBoxParamW                                     764E3B9B 5 Bytes  JMP 709D1893 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!DialogBoxIndirectParamW                             764F3B7F 5 Bytes  JMP 70BC8FB6 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!DialogBoxParamA                                     7650CF42 5 Bytes  JMP 70BC8F51 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!DialogBoxIndirectParamA                             7650D274 5 Bytes  JMP 70BC901B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!MessageBoxIndirectA                                 7651E869 5 Bytes  JMP 70BC8ED8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!MessageBoxIndirectW                                 7651E963 5 Bytes  JMP 70BC8E5F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!MessageBoxExA                                       7651E9C9 5 Bytes  JMP 70BC8DFB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[580] USER32.dll!MessageBoxExW                                       7651E9ED 5 Bytes  JMP 70BC8D97 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] kernel32.dll!CreateThread                                     76B8DCC2 5 Bytes  JMP 70A375DB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!EnableWindow                                       764C8D02 5 Bytes  JMP 70A79EB4 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!CallNextHookEx                                     764CABE1 5 Bytes  JMP 70A97FDF C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!UnhookWindowsHookEx                                764CADF9 5 Bytes  JMP 70ABED00 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DefWindowProcA                                     764CBB1C 7 Bytes  JMP 70A39805 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!CreateWindowExA                                    764CBF40 5 Bytes  JMP 70A4363B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!SetWindowsHookExW                                  764CE30C 5 Bytes  JMP 70A725AC C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!CreateWindowExW                                    764CEC7C 5 Bytes  JMP 70AA03CF C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DefWindowProcW                                     764D507D 7 Bytes  JMP 70A98042 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DialogBoxParamW                                    764E3B9B 5 Bytes  JMP 709D1893 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DialogBoxIndirectParamW                            764F3B7F 5 Bytes  JMP 70BC8FB6 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DialogBoxParamA                                    7650CF42 5 Bytes  JMP 70BC8F51 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!DialogBoxIndirectParamA                            7650D274 5 Bytes  JMP 70BC901B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!MessageBoxIndirectA                                7651E869 5 Bytes  JMP 70BC8ED8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!MessageBoxIndirectW                                7651E963 5 Bytes  JMP 70BC8E5F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!MessageBoxExA                                      7651E9C9 5 Bytes  JMP 70BC8DFB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] USER32.dll!MessageBoxExW                                      7651E9ED 5 Bytes  JMP 70BC8D97 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1620] ole32.dll!OleLoadFromStream                                   76706143 5 Bytes  JMP 70BC9784 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] kernel32.dll!CreateThread                                     76B8DCC2 5 Bytes  JMP 70A375DB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!EnableWindow                                       764C8D02 5 Bytes  JMP 70A79EB4 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!CallNextHookEx                                     764CABE1 5 Bytes  JMP 70A97FDF C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!UnhookWindowsHookEx                                764CADF9 5 Bytes  JMP 70ABED00 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DefWindowProcA                                     764CBB1C 7 Bytes  JMP 70A39805 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!CreateWindowExA                                    764CBF40 5 Bytes  JMP 70A4363B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!SetWindowsHookExW                                  764CE30C 5 Bytes  JMP 70A725AC C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!CreateWindowExW                                    764CEC7C 5 Bytes  JMP 70AA03CF C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DefWindowProcW                                     764D507D 7 Bytes  JMP 70A98042 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DialogBoxParamW                                    764E3B9B 5 Bytes  JMP 709D1893 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DialogBoxIndirectParamW                            764F3B7F 5 Bytes  JMP 70BC8FB6 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DialogBoxParamA                                    7650CF42 5 Bytes  JMP 70BC8F51 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!DialogBoxIndirectParamA                            7650D274 5 Bytes  JMP 70BC901B C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!MessageBoxIndirectA                                7651E869 5 Bytes  JMP 70BC8ED8 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!MessageBoxIndirectW                                7651E963 5 Bytes  JMP 70BC8E5F C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!MessageBoxExA                                      7651E9C9 5 Bytes  JMP 70BC8DFB C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] USER32.dll!MessageBoxExW                                      7651E9ED 5 Bytes  JMP 70BC8D97 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[1972] ole32.dll!OleLoadFromStream                                   76706143 5 Bytes  JMP 70BC9784 C:\windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- User IAT/EAT - GMER 2.1 ----

IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                     [74B724CB] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                [74B5562E] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                               [74B556EC] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipFree]                                      [74B72546] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                            [74B685AA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                              [74B64D5E] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                             [74B65105] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                            [74B651DA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                   [74B66707] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                             [74B68301] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                        [74B68850] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                      [74B690B1] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                            [74B6E254] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\windows\Explorer.EXE[1528] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                [74B64C90] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 2.1 ----

Device          \FileSystem\fastfat \Fat                                                                                            B1030130

AttachedDevice  \FileSystem\fastfat \Fat                                                                                            fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25                                         
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@a87b394e65ce                            0x16 0xA9 0x8A 0x49 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@00121c4fef0d                            0xB6 0xBA 0x10 0xC3 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@a87b39ce4e65                            0xA1 0xC6 0x11 0x38 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@14dae903b3a6                            0x1F 0xAC 0x11 0x43 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@68a86de6acbf                            0xC2 0x81 0x78 0xC0 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@2c8158cabbd7                            0x61 0xC0 0x25 0x89 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272acea25@000d44a72c1f                            0xAA 0x69 0xEA 0xBB ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd508aff                                         
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd508aff@000d44a72c1f                            0xE4 0x2E 0xA4 0x3C ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd508aff@a87b39ce4e65                            0x3B 0x45 0x23 0x79 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd508aff@d45d4215bdfa                            0x07 0xF5 0xE6 0xDC ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                                         
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dbb854f                                         
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25 (not active ControlSet)                     
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@a87b394e65ce                                0x16 0xA9 0x8A 0x49 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@00121c4fef0d                                0xB6 0xBA 0x10 0xC3 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@a87b39ce4e65                                0xA1 0xC6 0x11 0x38 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@14dae903b3a6                                0x1F 0xAC 0x11 0x43 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@68a86de6acbf                                0xC2 0x81 0x78 0xC0 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@2c8158cabbd7                                0x61 0xC0 0x25 0x89 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000272acea25@000d44a72c1f                                0xAA 0x69 0xEA 0xBB ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd508aff (not active ControlSet)                     
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd508aff@000d44a72c1f                                0xE4 0x2E 0xA4 0x3C ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd508aff@a87b39ce4e65                                0x3B 0x45 0x23 0x79 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd508aff@d45d4215bdfa                                0x07 0xF5 0xE6 0xDC ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)                     
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dbb854f (not active ControlSet)                     
Reg             HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b  0xC8 0x28 0x51 0xAF ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b  0x6A 0x9C 0xD6 0x61 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016  0xFF 0x7C 0x85 0xE0 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48  0x86 0x8C 0x21 0x01 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472  0xCD 0x44 0xCD 0xB9 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d  0xDF 0x20 0x58 0x62 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b  0xFB 0xA7 0x78 0xE6 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d  0x83 0x6C 0x56 0x8B ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3  0x51 0xFA 0x6E 0x91 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b  0x3D 0xCE 0xEA 0x26 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6  0xE3 0x0E 0x66 0xD5 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32                                   
Reg             HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel                    Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@                                  C:\windows\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2  0x6C 0x43 0x2D 0x1E ...

---- EOF - GMER 2.1 ----
--- --- ---


Leider kann ich das Mbar nicht ausführen.
Beim klick auf scan steht es fehlt der DDA Driver was not istalled.
Dann wird gefragt ob der Driver beim reboot geladen werden soll.
Das geht leider auch nicht weil das Rootkit das verhindert.
Was wäre jetzt der richtige Schritt?

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1245216768

DDA Driver installation error.
Driver is not installed. Scan is aborted.
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1237655552

DDA Driver installation error.
Could not install driver on reboot
Downloaded database version: v2013.02.25.06
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1238216704

DDA Driver installation error.
Could not install driver on reboot
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1235820544

DDA Driver installation error.
Could not install driver on reboot


Alt 25.02.2013, 16:55   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Falsches Log von MBAR!
Bitte die Anleitugnen sorgfätiger lesen und umsetzen, außerdem sind die Logs in CODE-Tags zu posten!
__________________
--> System repair Virus Windows 7 Starter

Alt 25.02.2013, 17:28   #7
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Ich glaube es hat geklappt und hoffe das mit dem code-tag ist so richtig?

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1245216768

DDA Driver installation error.
Driver is not installed. Scan is aborted.
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1237655552

DDA Driver installation error.
Could not install driver on reboot
Downloaded database version: v2013.02.25.06
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1238216704

DDA Driver installation error.
Could not install driver on reboot
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1235820544

DDA Driver installation error.
Could not install driver on reboot
Driver is not installed. Scan is aborted.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.666000 GHz
Memory total: 2137186304, free: 1035710464

------------ Kernel report ------------
02/25/2013 16:58:41
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C62x86.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbfiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\framebuf.dll
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msctf.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\user32.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ole32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\iertutil.dll
\Windows\System32\urlmon.dll
\Windows\System32\sechost.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imm32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\setupapi.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff85a00030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff842aa028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85a00030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff859ff188, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85a00030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff84f603b8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff842aa028, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffff9ab76248, 0xffffffff85a00030, 0xffffffff8734aa78
Lower DeviceData: 0xffffffff9aa8f960, 0xffffffff842aa028, 0xffffffff8731b048
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2E08770B

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 209715200
Partition file system is NTFS
Partition is bootable

Partition 1 type is Other (0x1b)
Partition is NOT ACTIVE.
Partition starts at LBA: 209717248 Numsec = 31457280

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 241174528 Numsec = 206227456

Partition 3 type is Other (0xef)
Partition is NOT ACTIVE.
Partition starts at LBA: 488361984 Numsec = 32768

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488377168-488397168)...
Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [PUM.UserWLoad]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Ransom]
Done!
Scan finished
Creating System Restore point...
Could not create restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal successful. No system shutdown is required.
=======================================

Alt 26.02.2013, 00:09   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Sagmal, liest du die Anleitungen auch mal richtig?
Das ist immer noch das falsche Log und in CODE-Tags war das auch nicht!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.02.2013, 09:07   #9
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Komisch, das war Dein Text:

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Und diesen Ordener habe ich gewählt.

Der heisst so :

mbar-log-2013-02-25(17-19-11)

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.25.06

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Falk :: FALK-EEEPC [administrator]

25.02.2013 17:19:11
mbar-log-2013-02-25 (17-19-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29446
Time elapsed: 20 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (PUM.UserWLoad) -> Data: C:\Users\Falk\LOCALS~1\Temp\msvlhm.cmd -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Ransom) -> Data: C:\Users\Falk\LOCALS~1\Temp\msvlhm.cmd -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Alt 26.02.2013, 11:05   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Zitat:
Komisch, das war Dein Text:

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.
Ja meine ANleitung ist richtig, nur du hast die falsche Datei geöffnet!
Nicht das MBAR-Log sondern die System-Logdatei von MBAR! Im Artikel zu MBAR steht es doch auch eindeutig!




Weiter gehts:

aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.02.2013, 14:21   #11
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Ok hab ich gemacht. Danke!

Code:
ATTFilter
13:48:14.0115 2852  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:48:14.0302 2852  ============================================================
13:48:14.0302 2852  Current date / time: 2013/02/26 13:48:14.0302
13:48:14.0302 2852  SystemInfo:
13:48:14.0302 2852  
13:48:14.0302 2852  OS Version: 6.1.7601 ServicePack: 1.0
13:48:14.0302 2852  Product type: Workstation
13:48:14.0302 2852  ComputerName: FALK-EEEPC
13:48:14.0302 2852  UserName: Falk
13:48:14.0302 2852  Windows directory: C:\windows
13:48:14.0302 2852  System windows directory: C:\windows
13:48:14.0302 2852  Processor architecture: Intel x86
13:48:14.0302 2852  Number of processors: 2
13:48:14.0302 2852  Page size: 0x1000
13:48:14.0302 2852  Boot type: Normal boot
13:48:14.0302 2852  ============================================================
13:48:17.0017 2852  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:48:17.0064 2852  ============================================================
13:48:17.0064 2852  \Device\Harddisk0\DR0:
13:48:17.0095 2852  MBR partitions:
13:48:17.0095 2852  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE5FF800
13:48:17.0095 2852  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBC000
13:48:17.0095 2852  ============================================================
13:48:17.0142 2852  C: <-> \Device\Harddisk0\DR0\Partition1
13:48:17.0189 2852  D: <-> \Device\Harddisk0\DR0\Partition2
13:48:17.0220 2852  ============================================================
13:48:17.0220 2852  Initialize success
13:48:17.0220 2852  ============================================================
13:49:26.0188 1156  ============================================================
13:49:26.0188 1156  Scan started
13:49:26.0188 1156  Mode: Manual; SigCheck; TDLFS; 
13:49:26.0188 1156  ============================================================
13:49:26.0968 1156  ================ Scan system memory ========================
13:49:26.0968 1156  System memory - ok
13:49:26.0968 1156  ================ Scan services =============================
13:49:27.0701 1156  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
13:49:28.0200 1156  1394ohci - ok
13:49:28.0278 1156  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:49:28.0356 1156  ACPI - ok
13:49:28.0403 1156  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
13:49:28.0622 1156  AcpiPmi - ok
13:49:28.0824 1156  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:28.0887 1156  AdobeARMservice - ok
13:49:29.0277 1156  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:29.0386 1156  AdobeFlashPlayerUpdateSvc - ok
13:49:29.0464 1156  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:49:29.0604 1156  adp94xx - ok
13:49:29.0682 1156  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:49:29.0745 1156  adpahci - ok
13:49:29.0838 1156  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:49:29.0885 1156  adpu320 - ok
13:49:29.0963 1156  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:49:30.0525 1156  AeLookupSvc - ok
13:49:30.0712 1156  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
13:49:30.0930 1156  AFD - ok
13:49:30.0977 1156  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
13:49:31.0071 1156  agp440 - ok
13:49:31.0149 1156  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\drivers\djsvs.sys
13:49:31.0227 1156  aic78xx - ok
13:49:31.0367 1156  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
13:49:31.0492 1156  ALG - ok
13:49:31.0554 1156  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
13:49:31.0632 1156  aliide - ok
13:49:31.0695 1156  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
13:49:31.0757 1156  amdagp - ok
13:49:31.0851 1156  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
13:49:31.0913 1156  amdide - ok
13:49:31.0960 1156  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
13:49:32.0178 1156  AmdK8 - ok
13:49:32.0272 1156  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
13:49:32.0428 1156  AmdPPM - ok
13:49:32.0522 1156  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:49:32.0600 1156  amdsata - ok
13:49:32.0678 1156  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:49:32.0740 1156  amdsbs - ok
13:49:32.0771 1156  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:49:32.0818 1156  amdxata - ok
13:49:33.0052 1156  [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:49:33.0161 1156  AntiVirSchedulerService - ok
13:49:33.0255 1156  [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:49:33.0317 1156  AntiVirService - ok
13:49:33.0395 1156  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
13:49:33.0536 1156  AppID - ok
13:49:33.0614 1156  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:49:33.0817 1156  AppIDSvc - ok
13:49:33.0880 1156  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\windows\System32\appinfo.dll
13:49:34.0051 1156  Appinfo - ok
13:49:34.0176 1156  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:49:34.0270 1156  Apple Mobile Device - ok
13:49:34.0348 1156  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\drivers\arc.sys
13:49:34.0410 1156  arc - ok
13:49:34.0457 1156  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:49:34.0519 1156  arcsas - ok
13:49:34.0582 1156  [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO            C:\windows\system32\drivers\AsIO.sys
13:49:34.0691 1156  AsIO - ok
13:49:34.0817 1156  [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO          C:\windows\system32\drivers\AsUpIO.sys
13:49:34.0879 1156  AsUpIO - ok
13:49:34.0957 1156  [ BDEDD780A12E75AC5902CA6BB027EAB7 ] AsusService     C:\windows\system32\AsusService.exe
13:49:35.0051 1156  AsusService - ok
13:49:35.0129 1156  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:49:35.0566 1156  AsyncMac - ok
13:49:35.0722 1156  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
13:49:35.0784 1156  atapi - ok
13:49:36.0205 1156  [ B01751CC563AECAC09BBE36AAA21FBEF ] athr            C:\windows\system32\DRIVERS\athr.sys
13:49:36.0455 1156  athr - ok
13:49:36.0564 1156  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:49:36.0782 1156  AudioEndpointBuilder - ok
13:49:36.0845 1156  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:49:37.0063 1156  Audiosrv - ok
13:49:37.0188 1156  [ A5C175039B1D6D85D0E79F5855828E4D ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
13:49:37.0282 1156  avgntflt - ok
13:49:37.0391 1156  [ 37B854C7D1F477E66C5B49C7700C47CC ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
13:49:37.0453 1156  avipbb - ok
13:49:37.0531 1156  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
13:49:37.0578 1156  avkmgr - ok
13:49:37.0703 1156  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:49:37.0999 1156  AxInstSV - ok
13:49:38.0062 1156  [ 0A5E8178EFF1D8F109A95235AEB7D76F ] azvusb          C:\windows\system32\DRIVERS\azvusb.sys
13:49:38.0233 1156  azvusb - ok
13:49:38.0327 1156  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\drivers\bxvbdx.sys
13:49:38.0452 1156  b06bdrv - ok
13:49:38.0530 1156  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
13:49:38.0670 1156  b57nd60x - ok
13:49:38.0748 1156  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
13:49:38.0935 1156  BDESVC - ok
13:49:39.0060 1156  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
13:49:39.0263 1156  Beep - ok
13:49:39.0403 1156  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
13:49:39.0637 1156  BFE - ok
13:49:39.0731 1156  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
13:49:39.0934 1156  BITS - ok
13:49:39.0996 1156  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
13:49:40.0090 1156  blbdrive - ok
13:49:40.0246 1156  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:49:40.0355 1156  Bonjour Service - ok
13:49:40.0386 1156  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:49:40.0495 1156  bowser - ok
13:49:40.0573 1156  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
13:49:40.0729 1156  BrFiltLo - ok
13:49:40.0776 1156  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
13:49:40.0885 1156  BrFiltUp - ok
13:49:40.0932 1156  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
13:49:41.0057 1156  Browser - ok
13:49:41.0104 1156  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
13:49:41.0275 1156  Brserid - ok
13:49:41.0322 1156  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
13:49:41.0478 1156  BrSerWdm - ok
13:49:41.0525 1156  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
13:49:41.0696 1156  BrUsbMdm - ok
13:49:41.0743 1156  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
13:49:41.0837 1156  BrUsbSer - ok
13:49:41.0915 1156  [ E7E57FFB1DCC91AF000E28AAEC98AD61 ] BthAudioHF      C:\windows\system32\DRIVERS\BthAudioHF.sys
13:49:42.0040 1156  BthAudioHF - ok
13:49:42.0118 1156  [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp        C:\windows\system32\DRIVERS\BthAvrcp.sys
13:49:42.0227 1156  BthAvrcp - ok
13:49:42.0352 1156  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
13:49:42.0742 1156  BthEnum - ok
13:49:42.0804 1156  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
13:49:42.0898 1156  BTHMODEM - ok
13:49:42.0976 1156  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:49:43.0085 1156  BthPan - ok
13:49:43.0147 1156  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:49:43.0319 1156  BTHPORT - ok
13:49:43.0397 1156  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
13:49:43.0584 1156  bthserv - ok
13:49:43.0647 1156  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:49:43.0756 1156  BTHUSB - ok
13:49:43.0849 1156  [ 92C5B845803F3662637EB691AC0B250F ] btusbflt        C:\windows\system32\drivers\btusbflt.sys
13:49:43.0927 1156  btusbflt - ok
13:49:44.0021 1156  [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
13:49:44.0099 1156  btwaudio - ok
13:49:44.0193 1156  [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
13:49:44.0255 1156  btwavdt - ok
13:49:44.0489 1156  [ 7CAA4410C25026B9BEE85F6C7F86B19B ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:49:44.0583 1156  btwdins - ok
13:49:44.0661 1156  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
13:49:44.0707 1156  btwl2cap - ok
13:49:44.0801 1156  [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
13:49:44.0863 1156  btwrchid - ok
13:49:44.0973 1156  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:49:45.0144 1156  cdfs - ok
13:49:45.0207 1156  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
13:49:45.0331 1156  cdrom - ok
13:49:45.0425 1156  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
13:49:45.0581 1156  CertPropSvc - ok
13:49:45.0628 1156  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\drivers\circlass.sys
13:49:45.0737 1156  circlass - ok
13:49:45.0815 1156  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
13:49:45.0909 1156  CLFS - ok
13:49:46.0096 1156  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:46.0158 1156  clr_optimization_v2.0.50727_32 - ok
13:49:46.0330 1156  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:46.0377 1156  clr_optimization_v4.0.30319_32 - ok
13:49:46.0439 1156  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
13:49:46.0517 1156  CmBatt - ok
13:49:46.0548 1156  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
13:49:46.0611 1156  cmdide - ok
13:49:46.0642 1156  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\windows\system32\Drivers\cng.sys
13:49:46.0798 1156  CNG - ok
13:49:46.0860 1156  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\drivers\compbatt.sys
13:49:46.0923 1156  Compbatt - ok
13:49:46.0954 1156  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
13:49:47.0016 1156  CompositeBus - ok
13:49:47.0079 1156  COMSysApp - ok
13:49:47.0172 1156  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
13:49:47.0235 1156  crcdisk - ok
13:49:47.0344 1156  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:49:47.0469 1156  CryptSvc - ok
13:49:47.0547 1156  [ 971FFD6D2840701661931AAA1CA4376F ] csr_a2dp        C:\windows\system32\drivers\bthav.sys
13:49:47.0671 1156  csr_a2dp - ok
13:49:47.0749 1156  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys
13:49:47.0827 1156  ctxusbm - ok
13:49:48.0186 1156  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:49:48.0358 1156  cvhsvc - ok
13:49:48.0420 1156  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
13:49:48.0576 1156  DcomLaunch - ok
13:49:48.0748 1156  [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
13:49:48.0810 1156  DCService.exe ( UnsignedFile.Multi.Generic ) - warning
13:49:48.0810 1156  DCService.exe - detected UnsignedFile.Multi.Generic (1)
13:49:48.0904 1156  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
13:49:49.0247 1156  defragsvc - ok
13:49:49.0372 1156  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
13:49:49.0621 1156  DfsC - ok
13:49:49.0715 1156  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:49:49.0855 1156  Dhcp - ok
13:49:49.0902 1156  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
13:49:50.0058 1156  discache - ok
13:49:50.0121 1156  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\drivers\disk.sys
13:49:50.0167 1156  Disk - ok
13:49:50.0245 1156  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:49:50.0386 1156  Dnscache - ok
13:49:50.0464 1156  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
13:49:50.0776 1156  dot3svc - ok
13:49:50.0932 1156  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
13:49:51.0166 1156  Dot4 - ok
13:49:51.0213 1156  [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
13:49:51.0322 1156  Dot4Print - ok
13:49:51.0415 1156  [ CF491FF38D62143203C065260567E2F7 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
13:49:51.0509 1156  dot4usb - ok
13:49:51.0587 1156  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
13:49:51.0759 1156  DPS - ok
13:49:51.0868 1156  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:49:51.0946 1156  drmkaud - ok
13:49:52.0039 1156  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:49:52.0242 1156  DXGKrnl - ok
13:49:52.0336 1156  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
13:49:52.0507 1156  EapHost - ok
13:49:53.0163 1156  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\drivers\evbdx.sys
13:49:53.0506 1156  ebdrv - ok
13:49:53.0568 1156  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
13:49:53.0677 1156  EFS - ok
13:49:53.0787 1156  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\drivers\elxstor.sys
13:49:53.0880 1156  elxstor - ok
13:49:53.0896 1156  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
13:49:54.0005 1156  ErrDev - ok
13:49:54.0114 1156  [ 907C561D5F01133F247E4E2E74E20E30 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:49:54.0239 1156  ETD - ok
13:49:54.0348 1156  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
13:49:54.0535 1156  EventSystem - ok
13:49:54.0723 1156  [ 5B250A1BE34D4FDE35287EEC297104A7 ] ewusbnet        C:\windows\system32\DRIVERS\ewusbnet.sys
13:49:54.0879 1156  ewusbnet - ok
13:49:54.0988 1156  [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev     C:\windows\system32\DRIVERS\ew_hwusbdev.sys
13:49:55.0129 1156  ew_hwusbdev - ok
13:49:55.0238 1156  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
13:49:55.0426 1156  exfat - ok
13:49:55.0457 1156  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:49:55.0613 1156  fastfat - ok
13:49:55.0706 1156  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
13:49:55.0862 1156  Fax - ok
13:49:55.0909 1156  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\drivers\fdc.sys
13:49:55.0987 1156  fdc - ok
13:49:56.0034 1156  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
13:49:56.0221 1156  fdPHost - ok
13:49:56.0299 1156  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
13:49:56.0440 1156  FDResPub - ok
13:49:56.0471 1156  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:49:56.0518 1156  FileInfo - ok
13:49:56.0549 1156  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:49:56.0689 1156  Filetrace - ok
13:49:56.0720 1156  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
13:49:56.0798 1156  flpydisk - ok
13:49:56.0861 1156  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:49:56.0923 1156  FltMgr - ok
13:49:56.0986 1156  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\windows\system32\FntCache.dll
13:49:57.0142 1156  FontCache - ok
13:49:57.0204 1156  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:49:57.0251 1156  FontCache3.0.0.0 - ok
13:49:57.0329 1156  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:49:57.0391 1156  FsDepends - ok
13:49:57.0469 1156  [ B0082808A6856A252F7CDD939892CE50 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
13:49:57.0532 1156  fssfltr - ok
13:49:57.0922 1156  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:49:58.0171 1156  fsssvc - ok
13:49:58.0312 1156  [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk     C:\windows\system32\FsUsbExDisk.SYS
13:49:58.0343 1156  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
13:49:58.0343 1156  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
13:49:58.0390 1156  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:49:58.0483 1156  Fs_Rec - ok
13:49:58.0577 1156  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:49:58.0686 1156  fvevol - ok
13:49:58.0748 1156  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:49:58.0811 1156  gagp30kx - ok
13:49:58.0889 1156  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:49:58.0936 1156  GEARAspiWDM - ok
13:49:58.0998 1156  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
13:49:59.0170 1156  gpsvc - ok
13:49:59.0372 1156  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:59.0419 1156  gupdate - ok
13:49:59.0528 1156  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:59.0591 1156  gupdatem - ok
13:49:59.0638 1156  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
13:49:59.0794 1156  hcw85cir - ok
13:49:59.0918 1156  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:50:00.0074 1156  HdAudAddService - ok
13:50:00.0168 1156  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
13:50:00.0262 1156  HDAudBus - ok
13:50:00.0371 1156  [ B588EC54049DDC4B810FA83852232A44 ] HFGService      C:\windows\System32\HFGService.dll
13:50:00.0496 1156  HFGService - ok
13:50:00.0527 1156  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
13:50:00.0620 1156  HidBatt - ok
13:50:00.0636 1156  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\drivers\hidbth.sys
13:50:00.0745 1156  HidBth - ok
13:50:00.0808 1156  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\drivers\hidir.sys
13:50:00.0917 1156  HidIr - ok
13:50:00.0964 1156  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
13:50:01.0166 1156  hidserv - ok
13:50:01.0244 1156  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
13:50:01.0338 1156  HidUsb - ok
13:50:01.0369 1156  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:50:01.0556 1156  hkmsvc - ok
13:50:01.0619 1156  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:50:01.0759 1156  HomeGroupListener - ok
13:50:01.0790 1156  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:50:01.0915 1156  HomeGroupProvider - ok
13:50:02.0118 1156  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:50:02.0212 1156  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0212 1156  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:50:02.0290 1156  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:50:02.0336 1156  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0336 1156  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:50:02.0430 1156  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:50:02.0524 1156  HpSAMD - ok
13:50:02.0711 1156  [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
13:50:02.0820 1156  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0820 1156  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:50:02.0882 1156  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:50:03.0070 1156  HTTP - ok
13:50:03.0148 1156  [ 22A4B14530194FC57C1C849FB5AFEE17 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
13:50:03.0272 1156  huawei_enumerator - ok
13:50:03.0335 1156  [ 0B3957226EC94B1ECB7B9348BB535A23 ] hwdatacard      C:\windows\system32\DRIVERS\ewusbmdm.sys
13:50:03.0538 1156  hwdatacard - ok
13:50:03.0600 1156  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:50:03.0662 1156  hwpolicy - ok
13:50:03.0834 1156  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
13:50:03.0928 1156  i8042prt - ok
13:50:04.0052 1156  [ D80AA0907748D7CC8EFAB3773F32629B ] iaStor          C:\windows\system32\drivers\iaStor.sys
13:50:04.0162 1156  iaStor - ok
13:50:04.0240 1156  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:50:04.0349 1156  iaStorV - ok
13:50:04.0520 1156  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:50:04.0567 1156  IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:50:04.0567 1156  IDriverT - detected UnsignedFile.Multi.Generic (1)
13:50:04.0645 1156  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:50:04.0786 1156  idsvc - ok
13:50:05.0410 1156  [ 6A2A8E70C4FF9CD870869B025C6478E3 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
13:50:05.0971 1156  igfx - ok
13:50:06.0049 1156  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:50:06.0127 1156  iirsp - ok
13:50:06.0268 1156  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
13:50:06.0470 1156  IKEEXT - ok
13:50:06.0845 1156  [ BF9866875EDF86AAE24DD8BD9418DEFF ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
13:50:07.0266 1156  IntcAzAudAddService - ok
13:50:07.0313 1156  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
13:50:07.0375 1156  intelide - ok
13:50:07.0484 1156  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
13:50:07.0578 1156  intelppm - ok
13:50:07.0703 1156  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
13:50:07.0921 1156  IPBusEnum - ok
13:50:07.0968 1156  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:50:08.0186 1156  IpFilterDriver - ok
13:50:08.0280 1156  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:50:08.0452 1156  iphlpsvc - ok
13:50:08.0576 1156  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
13:50:08.0654 1156  IPMIDRV - ok
13:50:08.0717 1156  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:50:08.0904 1156  IPNAT - ok
13:50:09.0107 1156  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:50:09.0200 1156  iPod Service - ok
13:50:09.0278 1156  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:50:09.0606 1156  IRENUM - ok
13:50:09.0684 1156  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:50:09.0762 1156  isapnp - ok
13:50:09.0824 1156  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
13:50:09.0902 1156  iScsiPrt - ok
13:50:09.0996 1156  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
13:50:10.0058 1156  kbdclass - ok
13:50:10.0136 1156  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
13:50:10.0230 1156  kbdhid - ok
13:50:10.0339 1156  [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
13:50:10.0402 1156  kbfiltr - ok
13:50:10.0448 1156  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
13:50:10.0542 1156  KeyIso - ok
13:50:10.0604 1156  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:50:10.0651 1156  KSecDD - ok
13:50:10.0729 1156  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:50:10.0792 1156  KSecPkg - ok
13:50:10.0885 1156  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
13:50:11.0026 1156  KtmRm - ok
13:50:11.0150 1156  [ 1A91EAAD2D73758140B3B7B6AD736573 ] L1C             C:\windows\system32\DRIVERS\L1C62x86.sys
13:50:11.0228 1156  L1C - ok
13:50:11.0291 1156  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
13:50:11.0478 1156  LanmanServer - ok
13:50:11.0540 1156  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:50:11.0728 1156  LanmanWorkstation - ok
13:50:11.0821 1156  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:50:11.0977 1156  lltdio - ok
13:50:12.0024 1156  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:50:12.0196 1156  lltdsvc - ok
13:50:12.0242 1156  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
13:50:12.0367 1156  lmhosts - ok
13:50:12.0445 1156  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
13:50:12.0492 1156  LSI_FC - ok
13:50:12.0617 1156  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:50:12.0664 1156  LSI_SAS - ok
13:50:12.0726 1156  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:50:12.0773 1156  LSI_SAS2 - ok
13:50:12.0835 1156  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:50:12.0913 1156  LSI_SCSI - ok
13:50:12.0960 1156  [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P    C:\windows\system32\DRIVERS\Ltn_stk7070P.sys
13:50:13.0022 1156  Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - warning
13:50:13.0022 1156  Ltn_stk7070P - detected UnsignedFile.Multi.Generic (1)
13:50:13.0085 1156  [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc       C:\windows\system32\DRIVERS\Ltn_stkrc.sys
13:50:13.0132 1156  Ltn_stkrc ( UnsignedFile.Multi.Generic ) - warning
13:50:13.0132 1156  Ltn_stkrc - detected UnsignedFile.Multi.Generic (1)
13:50:13.0225 1156  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
13:50:13.0350 1156  luafv - ok
13:50:13.0459 1156  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
13:50:13.0553 1156  MBAMProtector - ok
13:50:13.0802 1156  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:50:13.0896 1156  MBAMScheduler - ok
13:50:13.0990 1156  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:50:14.0114 1156  MBAMService - ok
13:50:14.0177 1156  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\drivers\megasas.sys
13:50:14.0255 1156  megasas - ok
13:50:14.0380 1156  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:50:14.0473 1156  MegaSR - ok
13:50:14.0551 1156  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
13:50:14.0738 1156  MMCSS - ok
13:50:14.0785 1156  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
13:50:14.0941 1156  Modem - ok
13:50:15.0019 1156  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
13:50:15.0113 1156  monitor - ok
13:50:15.0238 1156  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
13:50:15.0316 1156  mouclass - ok
13:50:15.0394 1156  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
13:50:15.0503 1156  mouhid - ok
13:50:15.0596 1156  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:50:15.0659 1156  mountmgr - ok
13:50:15.0846 1156  [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:50:15.0955 1156  MozillaMaintenance - ok
13:50:16.0018 1156  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
13:50:16.0080 1156  mpio - ok
13:50:16.0111 1156  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:50:16.0345 1156  mpsdrv - ok
13:50:16.0470 1156  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:50:16.0673 1156  MpsSvc - ok
13:50:16.0751 1156  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:50:16.0891 1156  MRxDAV - ok
13:50:16.0954 1156  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:50:17.0156 1156  mrxsmb - ok
13:50:17.0219 1156  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:50:17.0312 1156  mrxsmb10 - ok
13:50:17.0437 1156  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:50:17.0515 1156  mrxsmb20 - ok
13:50:17.0546 1156  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
13:50:17.0609 1156  msahci - ok
13:50:17.0671 1156  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
13:50:17.0765 1156  msdsm - ok
13:50:17.0843 1156  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
13:50:17.0921 1156  MSDTC - ok
13:50:18.0014 1156  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:50:18.0186 1156  Msfs - ok
13:50:18.0233 1156  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:50:18.0404 1156  mshidkmdf - ok
13:50:18.0436 1156  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:50:18.0529 1156  msisadrv - ok
13:50:18.0638 1156  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:50:18.0763 1156  MSiSCSI - ok
13:50:18.0779 1156  msiserver - ok
13:50:18.0888 1156  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:50:19.0060 1156  MSKSSRV - ok
13:50:19.0153 1156  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:50:19.0372 1156  MSPCLOCK - ok
13:50:19.0434 1156  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:50:19.0591 1156  MSPQM - ok
13:50:19.0685 1156  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:50:19.0731 1156  MsRPC - ok
13:50:19.0841 1156  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
13:50:19.0903 1156  mssmbios - ok
13:50:19.0981 1156  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:50:20.0106 1156  MSTEE - ok
13:50:20.0153 1156  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
13:50:20.0215 1156  MTConfig - ok
13:50:20.0277 1156  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
13:50:20.0340 1156  Mup - ok
13:50:20.0433 1156  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
13:50:20.0589 1156  napagent - ok
13:50:20.0684 1156  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:50:20.0778 1156  NativeWifiP - ok
13:50:20.0902 1156  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:50:21.0043 1156  NDIS - ok
13:50:21.0136 1156  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:50:21.0308 1156  NdisCap - ok
13:50:21.0386 1156  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:50:21.0573 1156  NdisTapi - ok
13:50:21.0668 1156  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:50:21.0886 1156  Ndisuio - ok
13:50:21.0964 1156  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:50:22.0151 1156  NdisWan - ok
13:50:22.0198 1156  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:50:22.0323 1156  NDProxy - ok
13:50:22.0432 1156  [ F7C14F5077BF2BC476C348B88A7F74E2 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
13:50:22.0448 1156  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:22.0448 1156  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:22.0541 1156  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:50:22.0729 1156  NetBIOS - ok
13:50:22.0791 1156  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:50:23.0041 1156  NetBT - ok
13:50:23.0103 1156  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
13:50:23.0181 1156  Netlogon - ok
13:50:23.0290 1156  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
13:50:23.0462 1156  Netman - ok
13:50:23.0587 1156  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
13:50:23.0805 1156  netprofm - ok
13:50:23.0883 1156  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:50:23.0945 1156  NetTcpPortSharing - ok
13:50:24.0039 1156  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:50:24.0101 1156  nfrd960 - ok
13:50:24.0179 1156  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
13:50:24.0273 1156  NlaSvc - ok
13:50:24.0367 1156  [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd           C:\windows\system32\drivers\ccdcmb.sys
13:50:24.0632 1156  nmwcd - ok
13:50:24.0772 1156  [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc          C:\windows\system32\drivers\ccdcmbo.sys
13:50:25.0006 1156  nmwcdc - ok
13:50:25.0053 1156  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:50:25.0162 1156  Npfs - ok
13:50:25.0225 1156  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
13:50:25.0381 1156  nsi - ok
13:50:25.0412 1156  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:50:25.0552 1156  nsiproxy - ok
13:50:25.0646 1156  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:50:25.0786 1156  Ntfs - ok
13:50:25.0864 1156  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
13:50:26.0005 1156  Null - ok
13:50:26.0098 1156  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:50:26.0145 1156  nvraid - ok
13:50:26.0176 1156  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:50:26.0239 1156  nvstor - ok
13:50:26.0285 1156  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:50:26.0363 1156  nv_agp - ok
13:50:26.0395 1156  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
13:50:26.0488 1156  ohci1394 - ok
13:50:26.0582 1156  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:50:26.0644 1156  ose - ok
13:50:26.0987 1156  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:50:27.0424 1156  osppsvc - ok
13:50:27.0533 1156  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:50:27.0721 1156  p2pimsvc - ok
13:50:27.0830 1156  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
13:50:27.0939 1156  p2psvc - ok
13:50:28.0048 1156  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\drivers\parport.sys
13:50:28.0142 1156  Parport - ok
13:50:28.0235 1156  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:50:28.0329 1156  partmgr - ok
13:50:28.0391 1156  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\drivers\parvdm.sys
13:50:28.0485 1156  Parvdm - ok
13:50:28.0547 1156  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:50:28.0625 1156  PcaSvc - ok
13:50:28.0672 1156  [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd        C:\windows\system32\DRIVERS\pccsmcfd.sys
13:50:28.0813 1156  pccsmcfd - ok
13:50:28.0859 1156  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
13:50:28.0937 1156  pci - ok
13:50:29.0000 1156  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
13:50:29.0109 1156  pciide - ok
13:50:29.0187 1156  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:50:29.0265 1156  pcmcia - ok
13:50:29.0374 1156  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
13:50:29.0437 1156  pcw - ok
13:50:29.0483 1156  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:50:29.0686 1156  PEAUTH - ok
13:50:29.0920 1156  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
13:50:30.0154 1156  pla - ok
13:50:30.0279 1156  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:50:30.0388 1156  PlugPlay - ok
13:50:30.0482 1156  [ E638656001C52A1FAA34F92E6D3A086B ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
13:50:30.0544 1156  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:30.0544 1156  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:30.0622 1156  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:50:30.0731 1156  PNRPAutoReg - ok
13:50:30.0809 1156  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:50:30.0903 1156  PNRPsvc - ok
13:50:31.0012 1156  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:50:31.0234 1156  PolicyAgent - ok
13:50:31.0327 1156  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
13:50:31.0499 1156  Power - ok
13:50:31.0592 1156  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:50:31.0764 1156  PptpMiniport - ok
13:50:31.0811 1156  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\drivers\processr.sys
13:50:31.0873 1156  Processor - ok
13:50:31.0951 1156  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
13:50:32.0076 1156  ProfSvc - ok
13:50:32.0092 1156  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
13:50:32.0154 1156  ProtectedStorage - ok
13:50:32.0279 1156  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:50:32.0435 1156  Psched - ok
13:50:32.0528 1156  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\drivers\ql2300.sys
13:50:32.0747 1156  ql2300 - ok
13:50:32.0809 1156  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
13:50:32.0887 1156  ql40xx - ok
13:50:32.0950 1156  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
13:50:33.0074 1156  QWAVE - ok
13:50:33.0121 1156  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:50:33.0230 1156  QWAVEdrv - ok
13:50:33.0293 1156  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:50:33.0464 1156  RasAcd - ok
13:50:33.0605 1156  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:50:33.0808 1156  RasAgileVpn - ok
13:50:33.0886 1156  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
13:50:34.0042 1156  RasAuto - ok
13:50:34.0120 1156  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:50:34.0338 1156  Rasl2tp - ok
13:50:34.0447 1156  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
13:50:34.0619 1156  RasMan - ok
13:50:34.0697 1156  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:50:34.0806 1156  RasPppoe - ok
13:50:34.0915 1156  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:50:35.0071 1156  RasSstp - ok
13:50:35.0165 1156  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:50:35.0336 1156  rdbss - ok
13:50:35.0399 1156  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
13:50:35.0555 1156  rdpbus - ok
13:50:35.0617 1156  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
13:50:35.0726 1156  RDPCDD - ok
13:50:35.0804 1156  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
13:50:36.0007 1156  RDPENCDD - ok
13:50:36.0085 1156  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
13:50:36.0226 1156  RDPREFMP - ok
13:50:36.0288 1156  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:50:36.0397 1156  RDPWD - ok
13:50:36.0491 1156  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:50:36.0569 1156  rdyboost - ok
13:50:36.0725 1156  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
13:50:36.0865 1156  RemoteAccess - ok
13:50:36.0928 1156  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:50:37.0115 1156  RemoteRegistry - ok
13:50:37.0177 1156  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
13:50:37.0271 1156  RFCOMM - ok
13:50:37.0364 1156  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:50:37.0520 1156  RpcEptMapper - ok
13:50:37.0567 1156  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
13:50:37.0661 1156  RpcLocator - ok
13:50:37.0708 1156  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\system32\rpcss.dll
13:50:37.0864 1156  RpcSs - ok
13:50:37.0942 1156  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:50:38.0082 1156  rspndr - ok
13:50:38.0160 1156  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
13:50:38.0269 1156  SamSs - ok
13:50:38.0363 1156  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:50:38.0441 1156  sbp2port - ok
13:50:38.0581 1156  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:50:38.0831 1156  SCardSvr - ok
13:50:38.0878 1156  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:50:39.0034 1156  scfilter - ok
13:50:39.0112 1156  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
13:50:39.0283 1156  Schedule - ok
13:50:39.0361 1156  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
13:50:39.0470 1156  SCPolicySvc - ok
13:50:39.0517 1156  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:50:39.0658 1156  SDRSVC - ok
13:50:39.0689 1156  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:50:39.0923 1156  secdrv - ok
13:50:39.0985 1156  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
13:50:40.0204 1156  seclogon - ok
13:50:40.0391 1156  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
13:50:40.0531 1156  SENS - ok
13:50:40.0625 1156  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\drivers\serenum.sys
13:50:40.0906 1156  Serenum - ok
13:50:40.0984 1156  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\drivers\serial.sys
13:50:41.0124 1156  Serial - ok
13:50:41.0202 1156  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\drivers\sermouse.sys
13:50:41.0264 1156  sermouse - ok
13:50:41.0420 1156  [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:50:41.0545 1156  ServiceLayer - ok
13:50:41.0623 1156  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
13:50:41.0748 1156  SessionEnv - ok
13:50:41.0779 1156  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
13:50:41.0857 1156  sffdisk - ok
13:50:41.0920 1156  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
13:50:41.0998 1156  sffp_mmc - ok
13:50:42.0029 1156  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
13:50:42.0122 1156  sffp_sd - ok
13:50:42.0185 1156  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
13:50:42.0263 1156  sfloppy - ok
13:50:42.0356 1156  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
13:50:42.0434 1156  Sftfs - ok
13:50:42.0684 1156  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
13:50:42.0824 1156  sftlist - ok
13:50:42.0887 1156  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
13:50:42.0965 1156  Sftplay - ok
13:50:43.0058 1156  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
13:50:43.0152 1156  Sftredir - ok
13:50:43.0199 1156  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
13:50:43.0246 1156  Sftvol - ok
13:50:43.0324 1156  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
13:50:43.0386 1156  sftvsa - ok
13:50:43.0495 1156  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:50:43.0651 1156  SharedAccess - ok
13:50:43.0729 1156  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:50:43.0885 1156  ShellHWDetection - ok
13:50:43.0932 1156  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
13:50:43.0994 1156  sisagp - ok
13:50:44.0072 1156  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:50:44.0135 1156  SiSRaid2 - ok
13:50:44.0244 1156  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:50:44.0322 1156  SiSRaid4 - ok
13:50:44.0572 1156  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
13:50:44.0634 1156  SkypeUpdate - ok
13:50:44.0712 1156  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
13:50:44.0946 1156  Smb - ok
13:50:45.0102 1156  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:50:45.0196 1156  SNMPTRAP - ok
13:50:45.0242 1156  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
13:50:45.0320 1156  spldr - ok
13:50:45.0398 1156  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
13:50:45.0523 1156  Spooler - ok
13:50:45.0757 1156  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
13:50:46.0303 1156  sppsvc - ok
13:50:46.0397 1156  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
13:50:46.0537 1156  sppuinotify - ok
13:50:46.0600 1156  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
13:50:46.0740 1156  srv - ok
13:50:46.0802 1156  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:50:46.0974 1156  srv2 - ok
13:50:47.0036 1156  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:50:47.0114 1156  srvnet - ok
13:50:47.0192 1156  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:50:47.0364 1156  SSDPSRV - ok
13:50:47.0520 1156  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\windows\system32\DRIVERS\ssmdrv.sys
13:50:47.0551 1156  ssmdrv - ok
13:50:47.0645 1156  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:50:47.0848 1156  SstpSvc - ok
13:50:47.0926 1156  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:50:48.0019 1156  stexstor - ok
13:50:48.0097 1156  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
13:50:48.0191 1156  StillCam - ok
13:50:48.0316 1156  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
13:50:48.0487 1156  StiSvc - ok
13:50:48.0550 1156  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
13:50:48.0612 1156  swenum - ok
13:50:48.0659 1156  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
13:50:48.0924 1156  swprv - ok
13:50:49.0018 1156  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
13:50:49.0142 1156  SysMain - ok
13:50:49.0252 1156  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
13:50:49.0361 1156  TabletInputService - ok
13:50:49.0423 1156  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
13:50:49.0548 1156  TapiSrv - ok
13:50:49.0595 1156  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
13:50:49.0751 1156  TBS - ok
13:50:50.0063 1156  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:50:50.0297 1156  Tcpip - ok
13:50:50.0453 1156  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:50:50.0687 1156  TCPIP6 - ok
13:50:50.0796 1156  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:50:50.0874 1156  tcpipreg - ok
13:50:50.0999 1156  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
13:50:51.0155 1156  TDPIPE - ok
13:50:51.0233 1156  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
13:50:51.0326 1156  TDTCP - ok
13:50:51.0389 1156  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:50:51.0576 1156  tdx - ok
13:50:51.0638 1156  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
13:50:51.0701 1156  TermDD - ok
13:50:51.0810 1156  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
13:50:52.0028 1156  TermService - ok
13:50:52.0153 1156  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
13:50:52.0325 1156  Themes - ok
13:50:52.0372 1156  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
13:50:52.0512 1156  THREADORDER - ok
13:50:52.0652 1156  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
13:50:52.0886 1156  TrkWks - ok
13:50:53.0152 1156  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:50:53.0401 1156  TrustedInstaller - ok
13:50:53.0495 1156  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
13:50:53.0651 1156  tssecsrv - ok
13:50:53.0698 1156  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:50:53.0900 1156  TsUsbFlt - ok
13:50:53.0978 1156  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
13:50:54.0041 1156  TsUsbGD - ok
13:50:54.0072 1156  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:50:54.0259 1156  tunnel - ok
13:50:54.0290 1156  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:50:54.0353 1156  uagp35 - ok
13:50:54.0431 1156  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:50:54.0602 1156  udfs - ok
13:50:54.0805 1156  [ 85553E28331F9B7196B5080FE659B7F4 ] UDisk Monitor   C:\Program Files\Visafone Wireless Terminal\bin\MonServiceUDisk.exe
13:50:54.0852 1156  UDisk Monitor ( UnsignedFile.Multi.Generic ) - warning
13:50:54.0852 1156  UDisk Monitor - detected UnsignedFile.Multi.Generic (1)
13:50:54.0946 1156  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:50:55.0055 1156  UI0Detect - ok
13:50:55.0102 1156  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:50:55.0148 1156  uliagpkx - ok
13:50:55.0242 1156  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\DRIVERS\umbus.sys
13:50:55.0320 1156  umbus - ok
13:50:55.0382 1156  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\drivers\umpass.sys
13:50:55.0460 1156  UmPass - ok
13:50:55.0554 1156  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
13:50:55.0710 1156  upnphost - ok
13:50:55.0850 1156  [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev        C:\windows\system32\DRIVERS\usbser_lowerflt.sys
13:50:55.0960 1156  upperdev - ok
13:50:56.0022 1156  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
13:50:56.0069 1156  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
13:50:56.0069 1156  USBAAPL - detected UnsignedFile.Multi.Generic (1)
13:50:56.0240 1156  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
13:50:56.0334 1156  usbaudio - ok
13:50:56.0396 1156  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
13:50:56.0521 1156  usbccgp - ok
13:50:56.0552 1156  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
13:50:56.0693 1156  usbcir - ok
13:50:56.0786 1156  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\drivers\usbehci.sys
13:50:56.0942 1156  usbehci - ok
13:50:57.0020 1156  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
13:50:57.0145 1156  usbhub - ok
13:50:57.0270 1156  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\windows\system32\drivers\usbohci.sys
13:50:57.0410 1156  usbohci - ok
13:50:57.0504 1156  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
13:50:57.0598 1156  usbprint - ok
13:50:57.0676 1156  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
13:50:57.0972 1156  usbscan - ok
13:50:58.0034 1156  [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser          C:\windows\system32\drivers\usbser.sys
13:50:58.0237 1156  usbser - ok
13:50:58.0409 1156  [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt      C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
13:50:58.0580 1156  UsbserFilt - ok
13:50:58.0612 1156  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
13:50:58.0736 1156  USBSTOR - ok
13:50:58.0768 1156  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
13:50:58.0877 1156  usbuhci - ok
13:50:58.0939 1156  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
13:50:59.0173 1156  usbvideo - ok
13:50:59.0282 1156  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
13:50:59.0454 1156  UxSms - ok
13:50:59.0516 1156  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
13:50:59.0594 1156  VaultSvc - ok
13:50:59.0672 1156  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:50:59.0719 1156  vdrvroot - ok
13:50:59.0797 1156  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
13:50:59.0972 1156  vds - ok
13:51:00.0017 1156  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
13:51:00.0126 1156  vga - ok
13:51:00.0188 1156  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
13:51:00.0329 1156  VgaSave - ok
13:51:00.0376 1156  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
13:51:00.0422 1156  vhdmp - ok
13:51:00.0547 1156  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
13:51:00.0594 1156  viaagp - ok
13:51:00.0672 1156  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\drivers\viac7.sys
13:51:00.0766 1156  ViaC7 - ok
13:51:00.0812 1156  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
13:51:00.0875 1156  viaide - ok
13:51:00.0937 1156  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:51:01.0015 1156  volmgr - ok
13:51:01.0109 1156  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:51:01.0187 1156  volmgrx - ok
13:51:01.0265 1156  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:51:01.0343 1156  volsnap - ok
13:51:01.0390 1156  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:51:01.0452 1156  vsmraid - ok
13:51:01.0546 1156  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
13:51:01.0733 1156  VSS - ok
13:51:01.0780 1156  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
13:51:01.0873 1156  vwifibus - ok
13:51:01.0936 1156  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:51:02.0029 1156  vwififlt - ok
13:51:02.0107 1156  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:51:02.0216 1156  vwifimp - ok
13:51:02.0294 1156  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
13:51:02.0497 1156  W32Time - ok
13:51:02.0575 1156  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
13:51:02.0669 1156  WacomPen - ok
13:51:02.0747 1156  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
13:51:02.0887 1156  WANARP - ok
13:51:02.0934 1156  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:51:03.0043 1156  Wanarpv6 - ok
13:51:03.0152 1156  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
13:51:03.0371 1156  wbengine - ok
13:51:03.0464 1156  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:51:03.0574 1156  WbioSrvc - ok
13:51:03.0652 1156  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:51:03.0761 1156  wcncsvc - ok
13:51:03.0823 1156  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:51:03.0948 1156  WcsPlugInService - ok
13:51:04.0010 1156  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\drivers\wd.sys
13:51:04.0057 1156  Wd - ok
13:51:04.0151 1156  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:51:04.0260 1156  Wdf01000 - ok
13:51:04.0322 1156  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:51:04.0572 1156  WdiServiceHost - ok
13:51:04.0603 1156  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:51:04.0681 1156  WdiSystemHost - ok
13:51:04.0790 1156  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
13:51:04.0900 1156  WebClient - ok
13:51:04.0962 1156  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:51:05.0134 1156  Wecsvc - ok
13:51:05.0196 1156  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:51:05.0352 1156  wercplsupport - ok
13:51:05.0446 1156  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
13:51:05.0664 1156  WerSvc - ok
13:51:05.0742 1156  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
13:51:05.0882 1156  WfpLwf - ok
13:51:05.0929 1156  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:51:05.0976 1156  WIMMount - ok
13:51:06.0054 1156  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:51:06.0163 1156  WinDefend - ok
13:51:06.0226 1156  WinHttpAutoProxySvc - ok
13:51:06.0350 1156  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:51:06.0491 1156  Winmgmt - ok
13:51:06.0600 1156  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
13:51:06.0818 1156  WinRM - ok
13:51:06.0912 1156  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:51:06.0990 1156  WinUsb - ok
13:51:07.0084 1156  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
13:51:07.0271 1156  Wlansvc - ok
13:51:07.0520 1156  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:51:07.0614 1156  wlcrasvc - ok
13:51:07.0848 1156  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:51:08.0035 1156  wlidsvc - ok
13:51:08.0082 1156  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
13:51:08.0129 1156  WmiAcpi - ok
13:51:08.0207 1156  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:51:08.0300 1156  wmiApSrv - ok
13:51:08.0441 1156  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:51:08.0690 1156  WMPNetworkSvc - ok
13:51:08.0753 1156  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:51:08.0924 1156  WPCSvc - ok
13:51:08.0987 1156  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:51:09.0158 1156  WPDBusEnum - ok
13:51:09.0221 1156  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:51:09.0361 1156  ws2ifsl - ok
13:51:09.0408 1156  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
13:51:09.0502 1156  wscsvc - ok
13:51:09.0595 1156  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
13:51:09.0673 1156  WSDPrintDevice - ok
13:51:09.0720 1156  WSearch - ok
13:51:09.0923 1156  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
13:51:10.0126 1156  wuauserv - ok
13:51:10.0219 1156  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:51:10.0297 1156  WudfPf - ok
13:51:10.0391 1156  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
13:51:10.0516 1156  WUDFRd - ok
13:51:10.0547 1156  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:51:10.0656 1156  wudfsvc - ok
13:51:10.0734 1156  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:51:10.0859 1156  WwanSvc - ok
13:51:10.0952 1156  [ 20F4F87625EDDDB97B48DA66ACE7DC8D ] ztemtusbser     C:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys
13:51:11.0046 1156  ztemtusbser - ok
13:51:11.0264 1156  ================ Scan global ===============================
13:51:11.0342 1156  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
13:51:11.0420 1156  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
13:51:11.0467 1156  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
13:51:11.0576 1156  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
13:51:11.0623 1156  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
13:51:11.0654 1156  [Global] - ok
13:51:11.0654 1156  ================ Scan MBR ==================================
13:51:11.0686 1156  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:12.0949 1156  \Device\Harddisk0\DR0 - ok
13:51:12.0949 1156  ================ Scan VBR ==================================
13:51:12.0996 1156  [ 6F6CCB234A1537C783AE6FCD3DA33654 ] \Device\Harddisk0\DR0\Partition1
13:51:13.0012 1156  \Device\Harddisk0\DR0\Partition1 - ok
13:51:13.0058 1156  [ 2447DCD14A7A493F6170492508621296 ] \Device\Harddisk0\DR0\Partition2
13:51:13.0058 1156  \Device\Harddisk0\DR0\Partition2 - ok
13:51:13.0074 1156  ============================================================
13:51:13.0074 1156  Scan finished
13:51:13.0074 1156  ============================================================
13:51:13.0136 2984  Detected object count: 12
13:51:13.0136 2984  Actual detected object count: 12
und deraswMbr

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-26 13:02:46
-----------------------------
13:02:46.975    OS Version: Windows 6.1.7601 Service Pack 1
13:02:46.976    Number of processors: 2 586 0x1C0A
13:02:47.010    ComputerName: FALK-EEEPC  UserName: Falk
13:02:48.965    Initialize success
13:18:57.318    AVAST engine defs: 13022600
13:36:46.533    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:36:46.553    Disk 0 Vendor: Hitachi_ ESBO Size: 238475MB BusType: 3
13:36:46.590    Disk 0 MBR read successfully
13:36:46.603    Disk 0 MBR scan
13:36:46.695    Disk 0 Windows 7 default MBR code
13:36:46.735    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       117759 MB offset 2048
13:36:46.795    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       120696 MB offset 241174528
13:36:46.867    Disk 0 Partition 3 00     EF      EFI FAT                16 MB offset 488361984
13:36:46.937    Disk 0 scanning sectors +488394752
13:36:47.129    Disk 0 scanning C:\windows\system32\drivers
13:37:51.445    Service scanning
13:39:39.647    Modules scanning
13:40:18.135    Disk 0 trace - called modules:
13:40:18.151    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys 
13:40:18.167    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x869fc618]
13:40:18.167    3 CLASSPNP.SYS[88ba559e] -> nt!IofCallDriver -> [0x84b53650]
13:40:18.167    5 ACPI.sys[884c03d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84b60028]
13:40:23.549    AVAST engine scan C:\windows
13:40:31.879    AVAST engine scan C:\windows\system32
13:51:39.534    AVAST engine scan C:\windows\system32\drivers
13:52:14.790    AVAST engine scan C:\Users\Falk
14:13:59.788    AVAST engine scan C:\ProgramData
14:16:09.954    Scan finished successfully
14:16:34.384    Disk 0 MBR has been saved successfully to "C:\Users\Falk\Desktop\MBR.dat"
14:16:34.415    The log file has been saved successfully to "C:\Users\Falk\Desktop\aswMBR.txt"

Alt 26.02.2013, 14:23   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Log vom TDSS ist unvollständig, die untere Zusammenfassung fehlt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.02.2013, 14:29   #13
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Sorry

Code:
ATTFilter
13:48:14.0115 2852  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:48:14.0302 2852  ============================================================
13:48:14.0302 2852  Current date / time: 2013/02/26 13:48:14.0302
13:48:14.0302 2852  SystemInfo:
13:48:14.0302 2852  
13:48:14.0302 2852  OS Version: 6.1.7601 ServicePack: 1.0
13:48:14.0302 2852  Product type: Workstation
13:48:14.0302 2852  ComputerName: FALK-EEEPC
13:48:14.0302 2852  UserName: Falk
13:48:14.0302 2852  Windows directory: C:\windows
13:48:14.0302 2852  System windows directory: C:\windows
13:48:14.0302 2852  Processor architecture: Intel x86
13:48:14.0302 2852  Number of processors: 2
13:48:14.0302 2852  Page size: 0x1000
13:48:14.0302 2852  Boot type: Normal boot
13:48:14.0302 2852  ============================================================
13:48:17.0017 2852  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:48:17.0064 2852  ============================================================
13:48:17.0064 2852  \Device\Harddisk0\DR0:
13:48:17.0095 2852  MBR partitions:
13:48:17.0095 2852  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE5FF800
13:48:17.0095 2852  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBC000
13:48:17.0095 2852  ============================================================
13:48:17.0142 2852  C: <-> \Device\Harddisk0\DR0\Partition1
13:48:17.0189 2852  D: <-> \Device\Harddisk0\DR0\Partition2
13:48:17.0220 2852  ============================================================
13:48:17.0220 2852  Initialize success
13:48:17.0220 2852  ============================================================
13:49:26.0188 1156  ============================================================
13:49:26.0188 1156  Scan started
13:49:26.0188 1156  Mode: Manual; SigCheck; TDLFS; 
13:49:26.0188 1156  ============================================================
13:49:26.0968 1156  ================ Scan system memory ========================
13:49:26.0968 1156  System memory - ok
13:49:26.0968 1156  ================ Scan services =============================
13:49:27.0701 1156  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
13:49:28.0200 1156  1394ohci - ok
13:49:28.0278 1156  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:49:28.0356 1156  ACPI - ok
13:49:28.0403 1156  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
13:49:28.0622 1156  AcpiPmi - ok
13:49:28.0824 1156  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:28.0887 1156  AdobeARMservice - ok
13:49:29.0277 1156  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:29.0386 1156  AdobeFlashPlayerUpdateSvc - ok
13:49:29.0464 1156  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:49:29.0604 1156  adp94xx - ok
13:49:29.0682 1156  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:49:29.0745 1156  adpahci - ok
13:49:29.0838 1156  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:49:29.0885 1156  adpu320 - ok
13:49:29.0963 1156  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:49:30.0525 1156  AeLookupSvc - ok
13:49:30.0712 1156  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
13:49:30.0930 1156  AFD - ok
13:49:30.0977 1156  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
13:49:31.0071 1156  agp440 - ok
13:49:31.0149 1156  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\drivers\djsvs.sys
13:49:31.0227 1156  aic78xx - ok
13:49:31.0367 1156  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
13:49:31.0492 1156  ALG - ok
13:49:31.0554 1156  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
13:49:31.0632 1156  aliide - ok
13:49:31.0695 1156  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
13:49:31.0757 1156  amdagp - ok
13:49:31.0851 1156  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
13:49:31.0913 1156  amdide - ok
13:49:31.0960 1156  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
13:49:32.0178 1156  AmdK8 - ok
13:49:32.0272 1156  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
13:49:32.0428 1156  AmdPPM - ok
13:49:32.0522 1156  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:49:32.0600 1156  amdsata - ok
13:49:32.0678 1156  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:49:32.0740 1156  amdsbs - ok
13:49:32.0771 1156  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:49:32.0818 1156  amdxata - ok
13:49:33.0052 1156  [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:49:33.0161 1156  AntiVirSchedulerService - ok
13:49:33.0255 1156  [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:49:33.0317 1156  AntiVirService - ok
13:49:33.0395 1156  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
13:49:33.0536 1156  AppID - ok
13:49:33.0614 1156  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:49:33.0817 1156  AppIDSvc - ok
13:49:33.0880 1156  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\windows\System32\appinfo.dll
13:49:34.0051 1156  Appinfo - ok
13:49:34.0176 1156  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:49:34.0270 1156  Apple Mobile Device - ok
13:49:34.0348 1156  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\drivers\arc.sys
13:49:34.0410 1156  arc - ok
13:49:34.0457 1156  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:49:34.0519 1156  arcsas - ok
13:49:34.0582 1156  [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO            C:\windows\system32\drivers\AsIO.sys
13:49:34.0691 1156  AsIO - ok
13:49:34.0817 1156  [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO          C:\windows\system32\drivers\AsUpIO.sys
13:49:34.0879 1156  AsUpIO - ok
13:49:34.0957 1156  [ BDEDD780A12E75AC5902CA6BB027EAB7 ] AsusService     C:\windows\system32\AsusService.exe
13:49:35.0051 1156  AsusService - ok
13:49:35.0129 1156  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:49:35.0566 1156  AsyncMac - ok
13:49:35.0722 1156  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
13:49:35.0784 1156  atapi - ok
13:49:36.0205 1156  [ B01751CC563AECAC09BBE36AAA21FBEF ] athr            C:\windows\system32\DRIVERS\athr.sys
13:49:36.0455 1156  athr - ok
13:49:36.0564 1156  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:49:36.0782 1156  AudioEndpointBuilder - ok
13:49:36.0845 1156  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:49:37.0063 1156  Audiosrv - ok
13:49:37.0188 1156  [ A5C175039B1D6D85D0E79F5855828E4D ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
13:49:37.0282 1156  avgntflt - ok
13:49:37.0391 1156  [ 37B854C7D1F477E66C5B49C7700C47CC ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
13:49:37.0453 1156  avipbb - ok
13:49:37.0531 1156  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
13:49:37.0578 1156  avkmgr - ok
13:49:37.0703 1156  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:49:37.0999 1156  AxInstSV - ok
13:49:38.0062 1156  [ 0A5E8178EFF1D8F109A95235AEB7D76F ] azvusb          C:\windows\system32\DRIVERS\azvusb.sys
13:49:38.0233 1156  azvusb - ok
13:49:38.0327 1156  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\drivers\bxvbdx.sys
13:49:38.0452 1156  b06bdrv - ok
13:49:38.0530 1156  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
13:49:38.0670 1156  b57nd60x - ok
13:49:38.0748 1156  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
13:49:38.0935 1156  BDESVC - ok
13:49:39.0060 1156  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
13:49:39.0263 1156  Beep - ok
13:49:39.0403 1156  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
13:49:39.0637 1156  BFE - ok
13:49:39.0731 1156  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
13:49:39.0934 1156  BITS - ok
13:49:39.0996 1156  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
13:49:40.0090 1156  blbdrive - ok
13:49:40.0246 1156  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:49:40.0355 1156  Bonjour Service - ok
13:49:40.0386 1156  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:49:40.0495 1156  bowser - ok
13:49:40.0573 1156  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
13:49:40.0729 1156  BrFiltLo - ok
13:49:40.0776 1156  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
13:49:40.0885 1156  BrFiltUp - ok
13:49:40.0932 1156  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
13:49:41.0057 1156  Browser - ok
13:49:41.0104 1156  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
13:49:41.0275 1156  Brserid - ok
13:49:41.0322 1156  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
13:49:41.0478 1156  BrSerWdm - ok
13:49:41.0525 1156  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
13:49:41.0696 1156  BrUsbMdm - ok
13:49:41.0743 1156  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
13:49:41.0837 1156  BrUsbSer - ok
13:49:41.0915 1156  [ E7E57FFB1DCC91AF000E28AAEC98AD61 ] BthAudioHF      C:\windows\system32\DRIVERS\BthAudioHF.sys
13:49:42.0040 1156  BthAudioHF - ok
13:49:42.0118 1156  [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp        C:\windows\system32\DRIVERS\BthAvrcp.sys
13:49:42.0227 1156  BthAvrcp - ok
13:49:42.0352 1156  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
13:49:42.0742 1156  BthEnum - ok
13:49:42.0804 1156  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
13:49:42.0898 1156  BTHMODEM - ok
13:49:42.0976 1156  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:49:43.0085 1156  BthPan - ok
13:49:43.0147 1156  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:49:43.0319 1156  BTHPORT - ok
13:49:43.0397 1156  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
13:49:43.0584 1156  bthserv - ok
13:49:43.0647 1156  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:49:43.0756 1156  BTHUSB - ok
13:49:43.0849 1156  [ 92C5B845803F3662637EB691AC0B250F ] btusbflt        C:\windows\system32\drivers\btusbflt.sys
13:49:43.0927 1156  btusbflt - ok
13:49:44.0021 1156  [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
13:49:44.0099 1156  btwaudio - ok
13:49:44.0193 1156  [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
13:49:44.0255 1156  btwavdt - ok
13:49:44.0489 1156  [ 7CAA4410C25026B9BEE85F6C7F86B19B ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:49:44.0583 1156  btwdins - ok
13:49:44.0661 1156  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
13:49:44.0707 1156  btwl2cap - ok
13:49:44.0801 1156  [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
13:49:44.0863 1156  btwrchid - ok
13:49:44.0973 1156  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:49:45.0144 1156  cdfs - ok
13:49:45.0207 1156  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
13:49:45.0331 1156  cdrom - ok
13:49:45.0425 1156  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
13:49:45.0581 1156  CertPropSvc - ok
13:49:45.0628 1156  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\drivers\circlass.sys
13:49:45.0737 1156  circlass - ok
13:49:45.0815 1156  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
13:49:45.0909 1156  CLFS - ok
13:49:46.0096 1156  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:46.0158 1156  clr_optimization_v2.0.50727_32 - ok
13:49:46.0330 1156  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:46.0377 1156  clr_optimization_v4.0.30319_32 - ok
13:49:46.0439 1156  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
13:49:46.0517 1156  CmBatt - ok
13:49:46.0548 1156  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
13:49:46.0611 1156  cmdide - ok
13:49:46.0642 1156  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\windows\system32\Drivers\cng.sys
13:49:46.0798 1156  CNG - ok
13:49:46.0860 1156  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\drivers\compbatt.sys
13:49:46.0923 1156  Compbatt - ok
13:49:46.0954 1156  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
13:49:47.0016 1156  CompositeBus - ok
13:49:47.0079 1156  COMSysApp - ok
13:49:47.0172 1156  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
13:49:47.0235 1156  crcdisk - ok
13:49:47.0344 1156  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:49:47.0469 1156  CryptSvc - ok
13:49:47.0547 1156  [ 971FFD6D2840701661931AAA1CA4376F ] csr_a2dp        C:\windows\system32\drivers\bthav.sys
13:49:47.0671 1156  csr_a2dp - ok
13:49:47.0749 1156  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys
13:49:47.0827 1156  ctxusbm - ok
13:49:48.0186 1156  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:49:48.0358 1156  cvhsvc - ok
13:49:48.0420 1156  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
13:49:48.0576 1156  DcomLaunch - ok
13:49:48.0748 1156  [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
13:49:48.0810 1156  DCService.exe ( UnsignedFile.Multi.Generic ) - warning
13:49:48.0810 1156  DCService.exe - detected UnsignedFile.Multi.Generic (1)
13:49:48.0904 1156  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
13:49:49.0247 1156  defragsvc - ok
13:49:49.0372 1156  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
13:49:49.0621 1156  DfsC - ok
13:49:49.0715 1156  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:49:49.0855 1156  Dhcp - ok
13:49:49.0902 1156  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
13:49:50.0058 1156  discache - ok
13:49:50.0121 1156  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\drivers\disk.sys
13:49:50.0167 1156  Disk - ok
13:49:50.0245 1156  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:49:50.0386 1156  Dnscache - ok
13:49:50.0464 1156  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
13:49:50.0776 1156  dot3svc - ok
13:49:50.0932 1156  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
13:49:51.0166 1156  Dot4 - ok
13:49:51.0213 1156  [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
13:49:51.0322 1156  Dot4Print - ok
13:49:51.0415 1156  [ CF491FF38D62143203C065260567E2F7 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
13:49:51.0509 1156  dot4usb - ok
13:49:51.0587 1156  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
13:49:51.0759 1156  DPS - ok
13:49:51.0868 1156  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:49:51.0946 1156  drmkaud - ok
13:49:52.0039 1156  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:49:52.0242 1156  DXGKrnl - ok
13:49:52.0336 1156  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
13:49:52.0507 1156  EapHost - ok
13:49:53.0163 1156  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\drivers\evbdx.sys
13:49:53.0506 1156  ebdrv - ok
13:49:53.0568 1156  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
13:49:53.0677 1156  EFS - ok
13:49:53.0787 1156  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\drivers\elxstor.sys
13:49:53.0880 1156  elxstor - ok
13:49:53.0896 1156  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
13:49:54.0005 1156  ErrDev - ok
13:49:54.0114 1156  [ 907C561D5F01133F247E4E2E74E20E30 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:49:54.0239 1156  ETD - ok
13:49:54.0348 1156  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
13:49:54.0535 1156  EventSystem - ok
13:49:54.0723 1156  [ 5B250A1BE34D4FDE35287EEC297104A7 ] ewusbnet        C:\windows\system32\DRIVERS\ewusbnet.sys
13:49:54.0879 1156  ewusbnet - ok
13:49:54.0988 1156  [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev     C:\windows\system32\DRIVERS\ew_hwusbdev.sys
13:49:55.0129 1156  ew_hwusbdev - ok
13:49:55.0238 1156  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
13:49:55.0426 1156  exfat - ok
13:49:55.0457 1156  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:49:55.0613 1156  fastfat - ok
13:49:55.0706 1156  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
13:49:55.0862 1156  Fax - ok
13:49:55.0909 1156  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\drivers\fdc.sys
13:49:55.0987 1156  fdc - ok
13:49:56.0034 1156  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
13:49:56.0221 1156  fdPHost - ok
13:49:56.0299 1156  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
13:49:56.0440 1156  FDResPub - ok
13:49:56.0471 1156  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:49:56.0518 1156  FileInfo - ok
13:49:56.0549 1156  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:49:56.0689 1156  Filetrace - ok
13:49:56.0720 1156  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
13:49:56.0798 1156  flpydisk - ok
13:49:56.0861 1156  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:49:56.0923 1156  FltMgr - ok
13:49:56.0986 1156  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\windows\system32\FntCache.dll
13:49:57.0142 1156  FontCache - ok
13:49:57.0204 1156  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:49:57.0251 1156  FontCache3.0.0.0 - ok
13:49:57.0329 1156  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:49:57.0391 1156  FsDepends - ok
13:49:57.0469 1156  [ B0082808A6856A252F7CDD939892CE50 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
13:49:57.0532 1156  fssfltr - ok
13:49:57.0922 1156  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:49:58.0171 1156  fsssvc - ok
13:49:58.0312 1156  [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk     C:\windows\system32\FsUsbExDisk.SYS
13:49:58.0343 1156  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
13:49:58.0343 1156  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
13:49:58.0390 1156  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:49:58.0483 1156  Fs_Rec - ok
13:49:58.0577 1156  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:49:58.0686 1156  fvevol - ok
13:49:58.0748 1156  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:49:58.0811 1156  gagp30kx - ok
13:49:58.0889 1156  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:49:58.0936 1156  GEARAspiWDM - ok
13:49:58.0998 1156  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
13:49:59.0170 1156  gpsvc - ok
13:49:59.0372 1156  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:59.0419 1156  gupdate - ok
13:49:59.0528 1156  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:59.0591 1156  gupdatem - ok
13:49:59.0638 1156  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
13:49:59.0794 1156  hcw85cir - ok
13:49:59.0918 1156  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:50:00.0074 1156  HdAudAddService - ok
13:50:00.0168 1156  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
13:50:00.0262 1156  HDAudBus - ok
13:50:00.0371 1156  [ B588EC54049DDC4B810FA83852232A44 ] HFGService      C:\windows\System32\HFGService.dll
13:50:00.0496 1156  HFGService - ok
13:50:00.0527 1156  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
13:50:00.0620 1156  HidBatt - ok
13:50:00.0636 1156  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\drivers\hidbth.sys
13:50:00.0745 1156  HidBth - ok
13:50:00.0808 1156  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\drivers\hidir.sys
13:50:00.0917 1156  HidIr - ok
13:50:00.0964 1156  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
13:50:01.0166 1156  hidserv - ok
13:50:01.0244 1156  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
13:50:01.0338 1156  HidUsb - ok
13:50:01.0369 1156  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:50:01.0556 1156  hkmsvc - ok
13:50:01.0619 1156  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:50:01.0759 1156  HomeGroupListener - ok
13:50:01.0790 1156  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:50:01.0915 1156  HomeGroupProvider - ok
13:50:02.0118 1156  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:50:02.0212 1156  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0212 1156  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:50:02.0290 1156  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:50:02.0336 1156  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0336 1156  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:50:02.0430 1156  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:50:02.0524 1156  HpSAMD - ok
13:50:02.0711 1156  [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
13:50:02.0820 1156  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:50:02.0820 1156  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:50:02.0882 1156  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:50:03.0070 1156  HTTP - ok
13:50:03.0148 1156  [ 22A4B14530194FC57C1C849FB5AFEE17 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
13:50:03.0272 1156  huawei_enumerator - ok
13:50:03.0335 1156  [ 0B3957226EC94B1ECB7B9348BB535A23 ] hwdatacard      C:\windows\system32\DRIVERS\ewusbmdm.sys
13:50:03.0538 1156  hwdatacard - ok
13:50:03.0600 1156  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:50:03.0662 1156  hwpolicy - ok
13:50:03.0834 1156  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
13:50:03.0928 1156  i8042prt - ok
13:50:04.0052 1156  [ D80AA0907748D7CC8EFAB3773F32629B ] iaStor          C:\windows\system32\drivers\iaStor.sys
13:50:04.0162 1156  iaStor - ok
13:50:04.0240 1156  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:50:04.0349 1156  iaStorV - ok
13:50:04.0520 1156  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:50:04.0567 1156  IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:50:04.0567 1156  IDriverT - detected UnsignedFile.Multi.Generic (1)
13:50:04.0645 1156  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:50:04.0786 1156  idsvc - ok
13:50:05.0410 1156  [ 6A2A8E70C4FF9CD870869B025C6478E3 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
13:50:05.0971 1156  igfx - ok
13:50:06.0049 1156  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:50:06.0127 1156  iirsp - ok
13:50:06.0268 1156  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
13:50:06.0470 1156  IKEEXT - ok
13:50:06.0845 1156  [ BF9866875EDF86AAE24DD8BD9418DEFF ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
13:50:07.0266 1156  IntcAzAudAddService - ok
13:50:07.0313 1156  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
13:50:07.0375 1156  intelide - ok
13:50:07.0484 1156  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
13:50:07.0578 1156  intelppm - ok
13:50:07.0703 1156  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
13:50:07.0921 1156  IPBusEnum - ok
13:50:07.0968 1156  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:50:08.0186 1156  IpFilterDriver - ok
13:50:08.0280 1156  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:50:08.0452 1156  iphlpsvc - ok
13:50:08.0576 1156  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
13:50:08.0654 1156  IPMIDRV - ok
13:50:08.0717 1156  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:50:08.0904 1156  IPNAT - ok
13:50:09.0107 1156  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:50:09.0200 1156  iPod Service - ok
13:50:09.0278 1156  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:50:09.0606 1156  IRENUM - ok
13:50:09.0684 1156  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:50:09.0762 1156  isapnp - ok
13:50:09.0824 1156  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
13:50:09.0902 1156  iScsiPrt - ok
13:50:09.0996 1156  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
13:50:10.0058 1156  kbdclass - ok
13:50:10.0136 1156  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
13:50:10.0230 1156  kbdhid - ok
13:50:10.0339 1156  [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
13:50:10.0402 1156  kbfiltr - ok
13:50:10.0448 1156  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
13:50:10.0542 1156  KeyIso - ok
13:50:10.0604 1156  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:50:10.0651 1156  KSecDD - ok
13:50:10.0729 1156  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:50:10.0792 1156  KSecPkg - ok
13:50:10.0885 1156  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
13:50:11.0026 1156  KtmRm - ok
13:50:11.0150 1156  [ 1A91EAAD2D73758140B3B7B6AD736573 ] L1C             C:\windows\system32\DRIVERS\L1C62x86.sys
13:50:11.0228 1156  L1C - ok
13:50:11.0291 1156  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
13:50:11.0478 1156  LanmanServer - ok
13:50:11.0540 1156  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:50:11.0728 1156  LanmanWorkstation - ok
13:50:11.0821 1156  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:50:11.0977 1156  lltdio - ok
13:50:12.0024 1156  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:50:12.0196 1156  lltdsvc - ok
13:50:12.0242 1156  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
13:50:12.0367 1156  lmhosts - ok
13:50:12.0445 1156  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
13:50:12.0492 1156  LSI_FC - ok
13:50:12.0617 1156  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:50:12.0664 1156  LSI_SAS - ok
13:50:12.0726 1156  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:50:12.0773 1156  LSI_SAS2 - ok
13:50:12.0835 1156  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:50:12.0913 1156  LSI_SCSI - ok
13:50:12.0960 1156  [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P    C:\windows\system32\DRIVERS\Ltn_stk7070P.sys
13:50:13.0022 1156  Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - warning
13:50:13.0022 1156  Ltn_stk7070P - detected UnsignedFile.Multi.Generic (1)
13:50:13.0085 1156  [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc       C:\windows\system32\DRIVERS\Ltn_stkrc.sys
13:50:13.0132 1156  Ltn_stkrc ( UnsignedFile.Multi.Generic ) - warning
13:50:13.0132 1156  Ltn_stkrc - detected UnsignedFile.Multi.Generic (1)
13:50:13.0225 1156  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
13:50:13.0350 1156  luafv - ok
13:50:13.0459 1156  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
13:50:13.0553 1156  MBAMProtector - ok
13:50:13.0802 1156  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:50:13.0896 1156  MBAMScheduler - ok
13:50:13.0990 1156  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:50:14.0114 1156  MBAMService - ok
13:50:14.0177 1156  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\drivers\megasas.sys
13:50:14.0255 1156  megasas - ok
13:50:14.0380 1156  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:50:14.0473 1156  MegaSR - ok
13:50:14.0551 1156  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
13:50:14.0738 1156  MMCSS - ok
13:50:14.0785 1156  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
13:50:14.0941 1156  Modem - ok
13:50:15.0019 1156  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
13:50:15.0113 1156  monitor - ok
13:50:15.0238 1156  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
13:50:15.0316 1156  mouclass - ok
13:50:15.0394 1156  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
13:50:15.0503 1156  mouhid - ok
13:50:15.0596 1156  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:50:15.0659 1156  mountmgr - ok
13:50:15.0846 1156  [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:50:15.0955 1156  MozillaMaintenance - ok
13:50:16.0018 1156  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
13:50:16.0080 1156  mpio - ok
13:50:16.0111 1156  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:50:16.0345 1156  mpsdrv - ok
13:50:16.0470 1156  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:50:16.0673 1156  MpsSvc - ok
13:50:16.0751 1156  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:50:16.0891 1156  MRxDAV - ok
13:50:16.0954 1156  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:50:17.0156 1156  mrxsmb - ok
13:50:17.0219 1156  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:50:17.0312 1156  mrxsmb10 - ok
13:50:17.0437 1156  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:50:17.0515 1156  mrxsmb20 - ok
13:50:17.0546 1156  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
13:50:17.0609 1156  msahci - ok
13:50:17.0671 1156  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
13:50:17.0765 1156  msdsm - ok
13:50:17.0843 1156  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
13:50:17.0921 1156  MSDTC - ok
13:50:18.0014 1156  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:50:18.0186 1156  Msfs - ok
13:50:18.0233 1156  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:50:18.0404 1156  mshidkmdf - ok
13:50:18.0436 1156  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:50:18.0529 1156  msisadrv - ok
13:50:18.0638 1156  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:50:18.0763 1156  MSiSCSI - ok
13:50:18.0779 1156  msiserver - ok
13:50:18.0888 1156  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:50:19.0060 1156  MSKSSRV - ok
13:50:19.0153 1156  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:50:19.0372 1156  MSPCLOCK - ok
13:50:19.0434 1156  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:50:19.0591 1156  MSPQM - ok
13:50:19.0685 1156  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:50:19.0731 1156  MsRPC - ok
13:50:19.0841 1156  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
13:50:19.0903 1156  mssmbios - ok
13:50:19.0981 1156  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:50:20.0106 1156  MSTEE - ok
13:50:20.0153 1156  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
13:50:20.0215 1156  MTConfig - ok
13:50:20.0277 1156  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
13:50:20.0340 1156  Mup - ok
13:50:20.0433 1156  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
13:50:20.0589 1156  napagent - ok
13:50:20.0684 1156  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:50:20.0778 1156  NativeWifiP - ok
13:50:20.0902 1156  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:50:21.0043 1156  NDIS - ok
13:50:21.0136 1156  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:50:21.0308 1156  NdisCap - ok
13:50:21.0386 1156  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:50:21.0573 1156  NdisTapi - ok
13:50:21.0668 1156  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:50:21.0886 1156  Ndisuio - ok
13:50:21.0964 1156  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:50:22.0151 1156  NdisWan - ok
13:50:22.0198 1156  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:50:22.0323 1156  NDProxy - ok
13:50:22.0432 1156  [ F7C14F5077BF2BC476C348B88A7F74E2 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
13:50:22.0448 1156  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:22.0448 1156  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:22.0541 1156  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:50:22.0729 1156  NetBIOS - ok
13:50:22.0791 1156  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:50:23.0041 1156  NetBT - ok
13:50:23.0103 1156  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
13:50:23.0181 1156  Netlogon - ok
13:50:23.0290 1156  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
13:50:23.0462 1156  Netman - ok
13:50:23.0587 1156  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
13:50:23.0805 1156  netprofm - ok
13:50:23.0883 1156  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:50:23.0945 1156  NetTcpPortSharing - ok
13:50:24.0039 1156  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:50:24.0101 1156  nfrd960 - ok
13:50:24.0179 1156  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
13:50:24.0273 1156  NlaSvc - ok
13:50:24.0367 1156  [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd           C:\windows\system32\drivers\ccdcmb.sys
13:50:24.0632 1156  nmwcd - ok
13:50:24.0772 1156  [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc          C:\windows\system32\drivers\ccdcmbo.sys
13:50:25.0006 1156  nmwcdc - ok
13:50:25.0053 1156  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:50:25.0162 1156  Npfs - ok
13:50:25.0225 1156  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
13:50:25.0381 1156  nsi - ok
13:50:25.0412 1156  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:50:25.0552 1156  nsiproxy - ok
13:50:25.0646 1156  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:50:25.0786 1156  Ntfs - ok
13:50:25.0864 1156  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
13:50:26.0005 1156  Null - ok
13:50:26.0098 1156  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:50:26.0145 1156  nvraid - ok
13:50:26.0176 1156  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:50:26.0239 1156  nvstor - ok
13:50:26.0285 1156  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:50:26.0363 1156  nv_agp - ok
13:50:26.0395 1156  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
13:50:26.0488 1156  ohci1394 - ok
13:50:26.0582 1156  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:50:26.0644 1156  ose - ok
13:50:26.0987 1156  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:50:27.0424 1156  osppsvc - ok
13:50:27.0533 1156  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:50:27.0721 1156  p2pimsvc - ok
13:50:27.0830 1156  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
13:50:27.0939 1156  p2psvc - ok
13:50:28.0048 1156  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\drivers\parport.sys
13:50:28.0142 1156  Parport - ok
13:50:28.0235 1156  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:50:28.0329 1156  partmgr - ok
13:50:28.0391 1156  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\drivers\parvdm.sys
13:50:28.0485 1156  Parvdm - ok
13:50:28.0547 1156  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:50:28.0625 1156  PcaSvc - ok
13:50:28.0672 1156  [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd        C:\windows\system32\DRIVERS\pccsmcfd.sys
13:50:28.0813 1156  pccsmcfd - ok
13:50:28.0859 1156  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
13:50:28.0937 1156  pci - ok
13:50:29.0000 1156  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
13:50:29.0109 1156  pciide - ok
13:50:29.0187 1156  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:50:29.0265 1156  pcmcia - ok
13:50:29.0374 1156  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
13:50:29.0437 1156  pcw - ok
13:50:29.0483 1156  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:50:29.0686 1156  PEAUTH - ok
13:50:29.0920 1156  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
13:50:30.0154 1156  pla - ok
13:50:30.0279 1156  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:50:30.0388 1156  PlugPlay - ok
13:50:30.0482 1156  [ E638656001C52A1FAA34F92E6D3A086B ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
13:50:30.0544 1156  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:30.0544 1156  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:30.0622 1156  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:50:30.0731 1156  PNRPAutoReg - ok
13:50:30.0809 1156  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:50:30.0903 1156  PNRPsvc - ok
13:50:31.0012 1156  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:50:31.0234 1156  PolicyAgent - ok
13:50:31.0327 1156  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
13:50:31.0499 1156  Power - ok
13:50:31.0592 1156  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:50:31.0764 1156  PptpMiniport - ok
13:50:31.0811 1156  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\drivers\processr.sys
13:50:31.0873 1156  Processor - ok
13:50:31.0951 1156  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
13:50:32.0076 1156  ProfSvc - ok
13:50:32.0092 1156  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
13:50:32.0154 1156  ProtectedStorage - ok
13:50:32.0279 1156  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:50:32.0435 1156  Psched - ok
13:50:32.0528 1156  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\drivers\ql2300.sys
13:50:32.0747 1156  ql2300 - ok
13:50:32.0809 1156  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
13:50:32.0887 1156  ql40xx - ok
13:50:32.0950 1156  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
13:50:33.0074 1156  QWAVE - ok
13:50:33.0121 1156  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:50:33.0230 1156  QWAVEdrv - ok
13:50:33.0293 1156  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:50:33.0464 1156  RasAcd - ok
13:50:33.0605 1156  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:50:33.0808 1156  RasAgileVpn - ok
13:50:33.0886 1156  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
13:50:34.0042 1156  RasAuto - ok
13:50:34.0120 1156  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:50:34.0338 1156  Rasl2tp - ok
13:50:34.0447 1156  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
13:50:34.0619 1156  RasMan - ok
13:50:34.0697 1156  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:50:34.0806 1156  RasPppoe - ok
13:50:34.0915 1156  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:50:35.0071 1156  RasSstp - ok
13:50:35.0165 1156  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:50:35.0336 1156  rdbss - ok
13:50:35.0399 1156  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
13:50:35.0555 1156  rdpbus - ok
13:50:35.0617 1156  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
13:50:35.0726 1156  RDPCDD - ok
13:50:35.0804 1156  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
13:50:36.0007 1156  RDPENCDD - ok
13:50:36.0085 1156  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
13:50:36.0226 1156  RDPREFMP - ok
13:50:36.0288 1156  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:50:36.0397 1156  RDPWD - ok
13:50:36.0491 1156  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:50:36.0569 1156  rdyboost - ok
13:50:36.0725 1156  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
13:50:36.0865 1156  RemoteAccess - ok
13:50:36.0928 1156  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:50:37.0115 1156  RemoteRegistry - ok
13:50:37.0177 1156  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
13:50:37.0271 1156  RFCOMM - ok
13:50:37.0364 1156  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:50:37.0520 1156  RpcEptMapper - ok
13:50:37.0567 1156  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
13:50:37.0661 1156  RpcLocator - ok
13:50:37.0708 1156  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\system32\rpcss.dll
13:50:37.0864 1156  RpcSs - ok
13:50:37.0942 1156  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:50:38.0082 1156  rspndr - ok
13:50:38.0160 1156  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
13:50:38.0269 1156  SamSs - ok
13:50:38.0363 1156  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:50:38.0441 1156  sbp2port - ok
13:50:38.0581 1156  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:50:38.0831 1156  SCardSvr - ok
13:50:38.0878 1156  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:50:39.0034 1156  scfilter - ok
13:50:39.0112 1156  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
13:50:39.0283 1156  Schedule - ok
13:50:39.0361 1156  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
13:50:39.0470 1156  SCPolicySvc - ok
13:50:39.0517 1156  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:50:39.0658 1156  SDRSVC - ok
13:50:39.0689 1156  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:50:39.0923 1156  secdrv - ok
13:50:39.0985 1156  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
13:50:40.0204 1156  seclogon - ok
13:50:40.0391 1156  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
13:50:40.0531 1156  SENS - ok
13:50:40.0625 1156  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\drivers\serenum.sys
13:50:40.0906 1156  Serenum - ok
13:50:40.0984 1156  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\drivers\serial.sys
13:50:41.0124 1156  Serial - ok
13:50:41.0202 1156  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\drivers\sermouse.sys
13:50:41.0264 1156  sermouse - ok
13:50:41.0420 1156  [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:50:41.0545 1156  ServiceLayer - ok
13:50:41.0623 1156  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
13:50:41.0748 1156  SessionEnv - ok
13:50:41.0779 1156  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
13:50:41.0857 1156  sffdisk - ok
13:50:41.0920 1156  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
13:50:41.0998 1156  sffp_mmc - ok
13:50:42.0029 1156  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
13:50:42.0122 1156  sffp_sd - ok
13:50:42.0185 1156  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
13:50:42.0263 1156  sfloppy - ok
13:50:42.0356 1156  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
13:50:42.0434 1156  Sftfs - ok
13:50:42.0684 1156  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
13:50:42.0824 1156  sftlist - ok
13:50:42.0887 1156  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
13:50:42.0965 1156  Sftplay - ok
13:50:43.0058 1156  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
13:50:43.0152 1156  Sftredir - ok
13:50:43.0199 1156  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
13:50:43.0246 1156  Sftvol - ok
13:50:43.0324 1156  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
13:50:43.0386 1156  sftvsa - ok
13:50:43.0495 1156  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:50:43.0651 1156  SharedAccess - ok
13:50:43.0729 1156  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:50:43.0885 1156  ShellHWDetection - ok
13:50:43.0932 1156  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
13:50:43.0994 1156  sisagp - ok
13:50:44.0072 1156  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:50:44.0135 1156  SiSRaid2 - ok
13:50:44.0244 1156  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:50:44.0322 1156  SiSRaid4 - ok
13:50:44.0572 1156  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
13:50:44.0634 1156  SkypeUpdate - ok
13:50:44.0712 1156  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
13:50:44.0946 1156  Smb - ok
13:50:45.0102 1156  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:50:45.0196 1156  SNMPTRAP - ok
13:50:45.0242 1156  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
13:50:45.0320 1156  spldr - ok
13:50:45.0398 1156  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
13:50:45.0523 1156  Spooler - ok
13:50:45.0757 1156  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
13:50:46.0303 1156  sppsvc - ok
13:50:46.0397 1156  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
13:50:46.0537 1156  sppuinotify - ok
13:50:46.0600 1156  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
13:50:46.0740 1156  srv - ok
13:50:46.0802 1156  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:50:46.0974 1156  srv2 - ok
13:50:47.0036 1156  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:50:47.0114 1156  srvnet - ok
13:50:47.0192 1156  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:50:47.0364 1156  SSDPSRV - ok
13:50:47.0520 1156  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\windows\system32\DRIVERS\ssmdrv.sys
13:50:47.0551 1156  ssmdrv - ok
13:50:47.0645 1156  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:50:47.0848 1156  SstpSvc - ok
13:50:47.0926 1156  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:50:48.0019 1156  stexstor - ok
13:50:48.0097 1156  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
13:50:48.0191 1156  StillCam - ok
13:50:48.0316 1156  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
13:50:48.0487 1156  StiSvc - ok
13:50:48.0550 1156  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
13:50:48.0612 1156  swenum - ok
13:50:48.0659 1156  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
13:50:48.0924 1156  swprv - ok
13:50:49.0018 1156  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
13:50:49.0142 1156  SysMain - ok
13:50:49.0252 1156  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
13:50:49.0361 1156  TabletInputService - ok
13:50:49.0423 1156  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
13:50:49.0548 1156  TapiSrv - ok
13:50:49.0595 1156  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
13:50:49.0751 1156  TBS - ok
13:50:50.0063 1156  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:50:50.0297 1156  Tcpip - ok
13:50:50.0453 1156  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:50:50.0687 1156  TCPIP6 - ok
13:50:50.0796 1156  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:50:50.0874 1156  tcpipreg - ok
13:50:50.0999 1156  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
13:50:51.0155 1156  TDPIPE - ok
13:50:51.0233 1156  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
13:50:51.0326 1156  TDTCP - ok
13:50:51.0389 1156  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:50:51.0576 1156  tdx - ok
13:50:51.0638 1156  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
13:50:51.0701 1156  TermDD - ok
13:50:51.0810 1156  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
13:50:52.0028 1156  TermService - ok
13:50:52.0153 1156  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
13:50:52.0325 1156  Themes - ok
13:50:52.0372 1156  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
13:50:52.0512 1156  THREADORDER - ok
13:50:52.0652 1156  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
13:50:52.0886 1156  TrkWks - ok
13:50:53.0152 1156  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:50:53.0401 1156  TrustedInstaller - ok
13:50:53.0495 1156  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
13:50:53.0651 1156  tssecsrv - ok
13:50:53.0698 1156  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:50:53.0900 1156  TsUsbFlt - ok
13:50:53.0978 1156  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
13:50:54.0041 1156  TsUsbGD - ok
13:50:54.0072 1156  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:50:54.0259 1156  tunnel - ok
13:50:54.0290 1156  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:50:54.0353 1156  uagp35 - ok
13:50:54.0431 1156  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:50:54.0602 1156  udfs - ok
13:50:54.0805 1156  [ 85553E28331F9B7196B5080FE659B7F4 ] UDisk Monitor   C:\Program Files\Visafone Wireless Terminal\bin\MonServiceUDisk.exe
13:50:54.0852 1156  UDisk Monitor ( UnsignedFile.Multi.Generic ) - warning
13:50:54.0852 1156  UDisk Monitor - detected UnsignedFile.Multi.Generic (1)
13:50:54.0946 1156  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:50:55.0055 1156  UI0Detect - ok
13:50:55.0102 1156  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:50:55.0148 1156  uliagpkx - ok
13:50:55.0242 1156  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\DRIVERS\umbus.sys
13:50:55.0320 1156  umbus - ok
13:50:55.0382 1156  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\drivers\umpass.sys
13:50:55.0460 1156  UmPass - ok
13:50:55.0554 1156  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
13:50:55.0710 1156  upnphost - ok
13:50:55.0850 1156  [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev        C:\windows\system32\DRIVERS\usbser_lowerflt.sys
13:50:55.0960 1156  upperdev - ok
13:50:56.0022 1156  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
13:50:56.0069 1156  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
13:50:56.0069 1156  USBAAPL - detected UnsignedFile.Multi.Generic (1)
13:50:56.0240 1156  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
13:50:56.0334 1156  usbaudio - ok
13:50:56.0396 1156  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
13:50:56.0521 1156  usbccgp - ok
13:50:56.0552 1156  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
13:50:56.0693 1156  usbcir - ok
13:50:56.0786 1156  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\drivers\usbehci.sys
13:50:56.0942 1156  usbehci - ok
13:50:57.0020 1156  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
13:50:57.0145 1156  usbhub - ok
13:50:57.0270 1156  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\windows\system32\drivers\usbohci.sys
13:50:57.0410 1156  usbohci - ok
13:50:57.0504 1156  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
13:50:57.0598 1156  usbprint - ok
13:50:57.0676 1156  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
13:50:57.0972 1156  usbscan - ok
13:50:58.0034 1156  [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser          C:\windows\system32\drivers\usbser.sys
13:50:58.0237 1156  usbser - ok
13:50:58.0409 1156  [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt      C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
13:50:58.0580 1156  UsbserFilt - ok
13:50:58.0612 1156  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
13:50:58.0736 1156  USBSTOR - ok
13:50:58.0768 1156  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
13:50:58.0877 1156  usbuhci - ok
13:50:58.0939 1156  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
13:50:59.0173 1156  usbvideo - ok
13:50:59.0282 1156  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
13:50:59.0454 1156  UxSms - ok
13:50:59.0516 1156  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
13:50:59.0594 1156  VaultSvc - ok
13:50:59.0672 1156  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:50:59.0719 1156  vdrvroot - ok
13:50:59.0797 1156  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
13:50:59.0972 1156  vds - ok
13:51:00.0017 1156  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
13:51:00.0126 1156  vga - ok
13:51:00.0188 1156  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
13:51:00.0329 1156  VgaSave - ok
13:51:00.0376 1156  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
13:51:00.0422 1156  vhdmp - ok
13:51:00.0547 1156  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
13:51:00.0594 1156  viaagp - ok
13:51:00.0672 1156  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\drivers\viac7.sys
13:51:00.0766 1156  ViaC7 - ok
13:51:00.0812 1156  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
13:51:00.0875 1156  viaide - ok
13:51:00.0937 1156  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:51:01.0015 1156  volmgr - ok
13:51:01.0109 1156  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:51:01.0187 1156  volmgrx - ok
13:51:01.0265 1156  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:51:01.0343 1156  volsnap - ok
13:51:01.0390 1156  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:51:01.0452 1156  vsmraid - ok
13:51:01.0546 1156  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
13:51:01.0733 1156  VSS - ok
13:51:01.0780 1156  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
13:51:01.0873 1156  vwifibus - ok
13:51:01.0936 1156  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:51:02.0029 1156  vwififlt - ok
13:51:02.0107 1156  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:51:02.0216 1156  vwifimp - ok
13:51:02.0294 1156  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
13:51:02.0497 1156  W32Time - ok
13:51:02.0575 1156  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
13:51:02.0669 1156  WacomPen - ok
13:51:02.0747 1156  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
13:51:02.0887 1156  WANARP - ok
13:51:02.0934 1156  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:51:03.0043 1156  Wanarpv6 - ok
13:51:03.0152 1156  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
13:51:03.0371 1156  wbengine - ok
13:51:03.0464 1156  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:51:03.0574 1156  WbioSrvc - ok
13:51:03.0652 1156  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:51:03.0761 1156  wcncsvc - ok
13:51:03.0823 1156  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:51:03.0948 1156  WcsPlugInService - ok
13:51:04.0010 1156  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\drivers\wd.sys
13:51:04.0057 1156  Wd - ok
13:51:04.0151 1156  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:51:04.0260 1156  Wdf01000 - ok
13:51:04.0322 1156  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:51:04.0572 1156  WdiServiceHost - ok
13:51:04.0603 1156  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:51:04.0681 1156  WdiSystemHost - ok
13:51:04.0790 1156  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
13:51:04.0900 1156  WebClient - ok
13:51:04.0962 1156  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:51:05.0134 1156  Wecsvc - ok
13:51:05.0196 1156  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:51:05.0352 1156  wercplsupport - ok
13:51:05.0446 1156  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
13:51:05.0664 1156  WerSvc - ok
13:51:05.0742 1156  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
13:51:05.0882 1156  WfpLwf - ok
13:51:05.0929 1156  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:51:05.0976 1156  WIMMount - ok
13:51:06.0054 1156  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:51:06.0163 1156  WinDefend - ok
13:51:06.0226 1156  WinHttpAutoProxySvc - ok
13:51:06.0350 1156  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:51:06.0491 1156  Winmgmt - ok
13:51:06.0600 1156  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
13:51:06.0818 1156  WinRM - ok
13:51:06.0912 1156  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:51:06.0990 1156  WinUsb - ok
13:51:07.0084 1156  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
13:51:07.0271 1156  Wlansvc - ok
13:51:07.0520 1156  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:51:07.0614 1156  wlcrasvc - ok
13:51:07.0848 1156  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:51:08.0035 1156  wlidsvc - ok
13:51:08.0082 1156  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
13:51:08.0129 1156  WmiAcpi - ok
13:51:08.0207 1156  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:51:08.0300 1156  wmiApSrv - ok
13:51:08.0441 1156  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:51:08.0690 1156  WMPNetworkSvc - ok
13:51:08.0753 1156  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:51:08.0924 1156  WPCSvc - ok
13:51:08.0987 1156  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:51:09.0158 1156  WPDBusEnum - ok
13:51:09.0221 1156  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:51:09.0361 1156  ws2ifsl - ok
13:51:09.0408 1156  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
13:51:09.0502 1156  wscsvc - ok
13:51:09.0595 1156  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
13:51:09.0673 1156  WSDPrintDevice - ok
13:51:09.0720 1156  WSearch - ok
13:51:09.0923 1156  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
13:51:10.0126 1156  wuauserv - ok
13:51:10.0219 1156  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:51:10.0297 1156  WudfPf - ok
13:51:10.0391 1156  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
13:51:10.0516 1156  WUDFRd - ok
13:51:10.0547 1156  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:51:10.0656 1156  wudfsvc - ok
13:51:10.0734 1156  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:51:10.0859 1156  WwanSvc - ok
13:51:10.0952 1156  [ 20F4F87625EDDDB97B48DA66ACE7DC8D ] ztemtusbser     C:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys
13:51:11.0046 1156  ztemtusbser - ok
13:51:11.0264 1156  ================ Scan global ===============================
13:51:11.0342 1156  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
13:51:11.0420 1156  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
13:51:11.0467 1156  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
13:51:11.0576 1156  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
13:51:11.0623 1156  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
13:51:11.0654 1156  [Global] - ok
13:51:11.0654 1156  ================ Scan MBR ==================================
13:51:11.0686 1156  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:12.0949 1156  \Device\Harddisk0\DR0 - ok
13:51:12.0949 1156  ================ Scan VBR ==================================
13:51:12.0996 1156  [ 6F6CCB234A1537C783AE6FCD3DA33654 ] \Device\Harddisk0\DR0\Partition1
13:51:13.0012 1156  \Device\Harddisk0\DR0\Partition1 - ok
13:51:13.0058 1156  [ 2447DCD14A7A493F6170492508621296 ] \Device\Harddisk0\DR0\Partition2
13:51:13.0058 1156  \Device\Harddisk0\DR0\Partition2 - ok
13:51:13.0074 1156  ============================================================
13:51:13.0074 1156  Scan finished
13:51:13.0074 1156  ============================================================
13:51:13.0136 2984  Detected object count: 12
13:51:13.0136 2984  Actual detected object count: 12
13:57:52.0820 2984  DCService.exe ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0820 2984  DCService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0820 2984  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0820 2984  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0836 2984  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0836 2984  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0851 2984  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0851 2984  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0851 2984  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0851 2984  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0867 2984  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0867 2984  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0867 2984  Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0867 2984  Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0882 2984  Ltn_stkrc ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0882 2984  Ltn_stkrc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0882 2984  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0882 2984  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0898 2984  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0898 2984  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0898 2984  UDisk Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0898 2984  UDisk Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:57:52.0898 2984  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:52.0898 2984  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:58:12.0632 3992  Deinitialize success

Alt 26.02.2013, 23:25   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Ok danke

Dann bitte jetzt CF ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.02.2013, 08:16   #15
wazomba
 
System repair Virus Windows 7 Starter - Standard

System repair Virus Windows 7 Starter


Guten Morgen.
Hab ich gemacht.

Code:
ATTFilter
ComboFix 13-02-26.01 - Falk 27.02.2013   0:47.1.2 - x86
Microsoft Windows 7 Starter   6.1.7601.1.1252.1.1031.18.2038.1011 [GMT 1:00]
Running from: c:\users\Falk\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\KqqAuLXXXiuQHkW
c:\windows\system32\Thumbs.db
.
.
(((((((((((((((((((((((((   Files Created from 2013-01-27 to 2013-02-27  )))))))))))))))))))))))))))))))
.
.
2013-02-27 00:10 . 2013-02-27 00:10	--------	d-----w-	c:\users\Falk\AppData\Local\temp
2013-02-27 00:10 . 2013-02-27 00:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-26 23:52 . 2013-02-26 23:52	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F7ADDD3-DC66-4E17-B624-8762E29E0820}\offreg.dll
2013-02-26 19:54 . 2012-08-23 08:19	4916224	----a-w-	c:\windows\system32\mstscax.dll
2013-02-26 19:52 . 2012-08-24 16:57	247808	----a-w-	c:\windows\system32\schannel.dll
2013-02-26 19:52 . 2012-08-24 17:05	136560	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2013-02-26 19:52 . 2012-08-24 17:02	369856	----a-w-	c:\windows\system32\drivers\cng.sys
2013-02-26 19:52 . 2012-08-24 16:56	1039360	----a-w-	c:\windows\system32\lsasrv.dll
2013-02-26 19:51 . 2012-05-04 09:59	514560	----a-w-	c:\windows\system32\qdvd.dll
2013-02-26 16:54 . 2013-02-19 02:58	6954968	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F7ADDD3-DC66-4E17-B624-8762E29E0820}\mpengine.dll
2013-02-26 00:43 . 2013-01-04 03:00	2347008	----a-w-	c:\windows\system32\win32k.sys
2013-02-26 00:43 . 2013-01-08 22:01	768000	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-25 23:18 . 2013-01-03 05:04	187752	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-25 23:18 . 2013-01-03 05:05	1293672	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-25 23:10 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-02-25 23:10 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-25 23:09 . 2013-01-04 04:50	169984	----a-w-	c:\windows\system32\winsrv.dll
2013-02-25 20:53 . 2013-02-25 21:38	--------	d-----w-	c:\program files\iPod
2013-02-25 20:51 . 2013-02-25 21:39	--------	d-----w-	c:\program files\iTunes
2013-02-25 20:51 . 2013-02-25 21:30	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-25 12:51 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-25 08:26 . 2013-02-25 19:58	--------	d-----w-	c:\program files\falkspecial
2013-02-24 23:50 . 2013-02-24 23:50	--------	d-----w-	c:\users\Falk\AppData\Roaming\Malwarebytes
2013-02-24 23:50 . 2013-02-24 23:50	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-24 23:50 . 2013-02-25 12:51	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2013-02-24 23:49 . 2013-02-24 23:49	--------	d-----w-	c:\users\Falk\AppData\Local\Programs
2013-02-24 21:36 . 2013-02-24 21:36	110080	----a-r-	c:\users\Falk\AppData\Roaming\Microsoft\Installer\{0AC0F1B2-61C7-4B6E-ACEF-58FCC0B94835}\IconF7A21AF7.exe
2013-02-24 21:36 . 2013-02-24 21:36	--------	d-----w-	C:\sh4ldr
2013-02-24 21:36 . 2013-02-24 21:36	--------	d-----w-	c:\program files\Enigma Software Group
2013-02-14 16:38 . 2013-02-25 20:00	--------	d-----w-	c:\programdata\HP Product Assistant
2013-02-14 16:23 . 2009-09-22 19:44	9451	----a-w-	c:\windows\system32\hppfaxprintermonui5.dll
2013-02-14 16:23 . 2009-09-22 19:44	13929	----a-w-	c:\windows\system32\hppfaxprintermon5.dll
2013-02-14 16:21 . 2009-10-14 12:13	161280	----a-w-	c:\windows\system32\hpcpn093.dll
2013-02-14 16:21 . 2007-07-16 14:29	59928	----a-w-	c:\windows\system32\fxcompchannel.dll
2013-02-13 19:30 . 2013-02-13 19:30	--------	d-----w-	c:\programdata\Yahoo! Companion
2013-02-13 19:23 . 2013-02-25 19:59	--------	d-----w-	c:\program files\Common Files\HP
2013-02-13 15:45 . 2013-02-14 16:23	608	--sha-w-	c:\windows\system32\winzvprt5.sys
2013-02-13 15:40 . 2009-10-14 12:13	281600	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\hpcpp093.DLL
2013-02-13 15:40 . 2009-10-14 12:13	281600	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\1_hpcpp093.DLL
2013-02-13 15:28 . 2009-08-26 22:12	761856	----a-w-	c:\windows\system32\hpxp1312.dll
2013-02-13 15:28 . 2009-09-28 19:19	770048	----a-w-	c:\windows\system32\hpptsp04.dll
2013-02-13 15:28 . 2008-09-26 23:37	450560	----a-w-	c:\windows\system32\hppasc11.dll
2013-02-13 15:28 . 2008-09-26 23:37	331776	----a-w-	c:\windows\system32\hppcpr11.dll
2013-02-12 16:53 . 2013-02-12 16:53	--------	d-----w-	c:\program files\Common Files\SWF Studio
2013-02-12 16:49 . 2013-02-25 19:58	--------	d-----w-	C:\CM1312_Full_Solution_Win7_5_1_AM-EMEA1
2013-01-28 14:26 . 2013-01-28 14:27	--------	d-----w-	C:\$WINDOWS.~BT
2013-01-28 13:14 . 2013-01-28 13:14	--------	d-----w-	C:\ESD
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 23:10 . 2012-04-25 06:53	691568	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-02-26 23:10 . 2011-07-26 08:26	71024	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2011-07-04 16:20	232336	------w-	c:\windows\system32\MpSigStub.exe
2012-12-16 14:13 . 2012-12-23 10:53	295424	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 10:53	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-12 08:36 . 2012-10-17 18:30	134336	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-12-12 08:36 . 2012-10-17 18:30	83944	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-07 12:26 . 2013-01-09 10:45	308736	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 10:45	2576384	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 10:46	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 10:45	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 10:46	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 10:45	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 10:45	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 10:45	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 10:45	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 10:45	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 10:45	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 10:45	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 10:46	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 10:45	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 10:45	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 10:45	51712	----a-w-	c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-09 10:47	293376	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 10:47	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 10:47	271360	----a-w-	c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 10:47	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 10:47	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 10:47	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 10:47	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-04-24 23:58 . 2011-04-24 23:58	124864	----a-w-	c:\program files\mozilla firefox\plugins\CCMSDK.dll
2011-04-25 00:48 . 2011-04-25 00:48	13760	----a-w-	c:\program files\mozilla firefox\plugins\cgpcfg.dll
2011-04-25 00:00 . 2011-04-25 00:00	71104	----a-w-	c:\program files\mozilla firefox\plugins\CgpCore.dll
2011-04-24 23:59 . 2011-04-24 23:59	92096	----a-w-	c:\program files\mozilla firefox\plugins\confmgr.dll
2011-04-24 23:58 . 2011-04-24 23:58	22976	----a-w-	c:\program files\mozilla firefox\plugins\ctxlogging.dll
2011-04-24 23:57 . 2011-04-24 23:57	255936	----a-w-	c:\program files\mozilla firefox\plugins\ctxmui.dll
2011-04-24 23:58 . 2011-04-24 23:58	32192	----a-w-	c:\program files\mozilla firefox\plugins\icafile.dll
2011-04-24 23:58 . 2011-04-24 23:58	40896	----a-w-	c:\program files\mozilla firefox\plugins\icalogon.dll
2011-04-24 23:51 . 2011-04-24 23:51	898480	----a-w-	c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2011-04-25 00:00 . 2011-04-25 00:00	24512	----a-w-	c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-09-02 15:14 . 2011-08-08 13:12	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"LiveUpdate"="AsusSender.exe" [2011-07-13 34728]
"CapsHook"="AsusSender.exe" [2011-07-13 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-01-06 414384]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2011-04-02 2018032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 174360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 150808]
"EEESplendidAR"="AsusSender.exe" [2011-07-13 34728]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 2453504]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe [2011-12-22 549040]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Online Plug-in.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Online Plug-in.lnk
backup=c:\windows\pss\Online Plug-in.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35	946352	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-06 00:52	59240	----a-w-	c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-05-10 01:41	49208	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 17:33	150528	----a-w-	c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-12-12 12:57	152544	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-10-13 00:54	1088424	----a-w-	c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 UDisk Monitor;UDisk Monitor;c:\program files\Visafone Wireless Terminal\bin\MonServiceUDisk.exe [x]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [x]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
R3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P.sys [x]
R3 Ltn_stkrc;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthaudiosvc	REG_MULTI_SZ   	HFGService
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
GPSvcGroup	REG_MULTI_SZ   	GPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 23:10]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-11 08:16]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-11 08:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: lht-portal.de\seccustomer
TCP: DhcpNameServer = 80.248.7.1 80.248.7.2 165.21.83.88
TCP: Interfaces\{9CEB75ED-5532-45CB-80E9-C3A2E37437B3}: NameServer = 172.24.8.50 141.1.1.1
TCP: Interfaces\{BA6342C5-025A-462B-A9F5-39D721745D35}: NameServer = 172.24.8.50 141.1.1.1
FF - ProfilePath - c:\users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\jt2uqs14.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-HTC Sync Loader - c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MSConfigStartUp-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-27  01:17:43
ComboFix-quarantined-files.txt  2013-02-27 00:17
.
Pre-Run: 17 Verzeichnis(se), 28.271.034.368 Bytes frei
Post-Run: 20 Verzeichnis(se), 28.488.507.392 Bytes frei
.
- - End Of File - - 9299CA7BB5DB9DF7314471E2FCBF12EC

Antwort
Seite 1 von 2 1 2

Themen zu System repair Virus Windows 7 Starter
abgesicherten, administrator, aktion, anti-malware, autostart, dateien, explorer, gestartet, logdatei, malwarebytes, microsoft, minute, modus, registrierung, scan, service, software, speicher, system, temp, test, version, virus, windows, windows 7


« GVU Trojaner auf Laptop mit WIN XP | GVU Trojaner »


Ähnliche Themen: System repair Virus Windows 7 Starter


  1. Windows 8, Windows PC-Repair Virus und wohl noch andere
    Log-Analyse und Auswertung - 07.05.2014 (27)
  2. Trojaner System Repair auf Windows XP SP3 nicht zu entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (17)
  3. Windows 7 Startup Repair Virus
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (2)
  4. System Repair Virus
    Log-Analyse und Auswertung - 20.03.2013 (2)
  5. System repair wizard trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (13)
  6. system repair virus
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (35)
  7. Virus system repair
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (27)
  8. Windows System Repair Virus
    Log-Analyse und Auswertung - 26.02.2013 (17)
  9. Trojaner "System Repair" in Windows Vista wirklich entfernt?
    Log-Analyse und Auswertung - 18.12.2011 (82)
  10. Erst System Repair, dann BKA-Virus
    Plagegeister aller Art und deren Bekämpfung - 17.11.2011 (8)
  11. System Repair Virus - gebannt?
    Plagegeister aller Art und deren Bekämpfung - 02.11.2011 (4)
  12. Trojaner System Repair
    Log-Analyse und Auswertung - 02.08.2011 (22)
  13. System Repair
    Plagegeister aller Art und deren Bekämpfung - 24.07.2011 (60)
  14. System Repair entfernen
    Anleitungen, FAQs & Links - 21.07.2011 (2)
  15. System repair Virus
    Log-Analyse und Auswertung - 18.07.2011 (2)
  16. system repair virus
    Plagegeister aller Art und deren Bekämpfung - 16.07.2011 (18)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema System repair Virus Windows 7 Starter - Hallo, ich habe seit gestern den Virus " system repair " auf meinem Rechner. Nach den Tips hier habe ich im abgesicherten Modus gestartet und mit Malwarebytes einen scan gemacht. - System repair Virus Windows 7 Starter...
Archiv
Du betrachtest: System repair Virus Windows 7 Starter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54