Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Polizei Trojaner - PC gesperrt (https://www.trojaner-board.de/123234-polizei-trojaner-pc-gesperrt.html)

cosinus 07.09.2012 10:42
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at
IE:64bit: - HKLM\..\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}: "URL" = http://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at
IE - HKLM\..\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}: "URL" = http://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.ebay.at/ws/eBayISAPI.dll?MyEbayForGuests&guest=1&MyeBay=&MyEbay=&guest=1
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\..\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\..\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}: "URL" = http://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\..\SearchScopes\{B3732E0F-DC7C-449A-B3F1-135D4D81714B}: "URL" = http://www.google.de/search?q={searchTerms}&rlz=
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-4112115548-1098581963-2275993260-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FF - prefs.js..network.proxy.ftp: ":"
FF - prefs.js..network.proxy.gopher: ":"
FF - prefs.js..network.proxy.http: ":"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ":"
FF - prefs.js..network.proxy.ssl: ":"
FF - user.js - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -  File not found
O29 - HKLM SecurityProviders - (credssp.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\install.exe
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Users\Reinhard\Documents\Installationsdateien\SoftonicDownloader_fuer_frostwire.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Sanaterium 07.09.2012 11:19
Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ not found.
HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-4112115548-1098581963-2275993260-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ACC0A0D-A1F7-46E1-B9D8-59B0BB9F34BF}\ not found.
Registry key HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B29474-D005-4DD8-86EE-2FCD888E4184}\ not found.
Registry key HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B3732E0F-DC7C-449A-B3F1-135D4D81714B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3732E0F-DC7C-449A-B3F1-135D4D81714B}\ not found.
HKU\S-1-5-21-4112115548-1098581963-2275993260-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-4112115548-1098581963-2275993260-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-4112115548-1098581963-2275993260-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: ":" removed from network.proxy.ftp
Prefs.js: ":" removed from network.proxy.gopher
Prefs.js: ":" removed from network.proxy.http
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: ":" removed from network.proxy.socks
Prefs.js: ":" removed from network.proxy.ssl
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:Control_RunDLL "sysdm.cpl" deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
C:\install.exe moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Reinhard\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Users\Reinhard\Documents\Installationsdateien\SoftonicDownloader_fuer_frostwire.exe moved successfully.
< ipconfig /flushdns /c >
C:\Users\Reinhard\Desktop\cmd.bat deleted successfully.
C:\Users\Reinhard\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Reinhard
->Temp folder emptied: 1320885 bytes
->Temporary Internet Files folder emptied: 6983762 bytes
->FireFox cache emptied: 84542717 bytes
->Flash cache emptied: 1886467 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1056354 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 35782797 bytes
RecycleBin emptied: 213651030 bytes
 
Total Files Cleaned = 329,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Reinhard
->Flash cache emptied: 0 bytes
 
User: UpdatusUser
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.0 log created on 09072012_121332

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP000000136E100795359E9BAA not found!
File\Folder C:\Windows\temp\TMP0000001482979A6BE6AA01BA not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 09.09.2012 20:30
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Sanaterium 10.09.2012 09:40
Code:
10:33:21.0262 4492  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:33:21.0379 4492  ============================================================
10:33:21.0379 4492  Current date / time: 2012/09/10 10:33:21.0379
10:33:21.0379 4492  SystemInfo:
10:33:21.0379 4492 
10:33:21.0379 4492  OS Version: 6.0.6002 ServicePack: 2.0
10:33:21.0379 4492  Product type: Workstation
10:33:21.0379 4492  ComputerName: REINHARD-PC
10:33:21.0379 4492  UserName: Reinhard
10:33:21.0379 4492  Windows directory: C:\Windows
10:33:21.0379 4492  System windows directory: C:\Windows
10:33:21.0379 4492  Running under WOW64
10:33:21.0379 4492  Processor architecture: Intel x64
10:33:21.0379 4492  Number of processors: 4
10:33:21.0379 4492  Page size: 0x1000
10:33:21.0379 4492  Boot type: Normal boot
10:33:21.0379 4492  ============================================================
10:33:21.0827 4492  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:21.0844 4492  ============================================================
10:33:21.0844 4492  \Device\Harddisk0\DR0:
10:33:21.0844 4492  MBR partitions:
10:33:21.0844 4492  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72A4F8B0
10:33:21.0844 4492  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72A4F8EF, BlocksNum 0x1CB60D2
10:33:21.0844 4492  ============================================================
10:33:21.0871 4492  C: <-> \Device\Harddisk0\DR0\Partition1
10:33:21.0945 4492  D: <-> \Device\Harddisk0\DR0\Partition2
10:33:21.0945 4492  ============================================================
10:33:21.0945 4492  Initialize success
10:33:21.0945 4492  ============================================================
10:35:38.0391 3276  ============================================================
10:35:38.0391 3276  Scan started
10:35:38.0391 3276  Mode: Manual; SigCheck; TDLFS;
10:35:38.0391 3276  ============================================================
10:35:38.0641 3276  ================ Scan system memory ========================
10:35:38.0641 3276  System memory - ok
10:35:38.0641 3276  ================ Scan services =============================
10:35:38.0803 3276  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:35:38.0918 3276  ACPI - ok
10:35:39.0043 3276  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:35:39.0056 3276  AdobeFlashPlayerUpdateSvc - ok
10:35:39.0096 3276  [ F14215E37CF124104575073F782111D2 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
10:35:39.0123 3276  adp94xx - ok
10:35:39.0152 3276  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci        C:\Windows\system32\drivers\adpahci.sys
10:35:39.0171 3276  adpahci - ok
10:35:39.0200 3276  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:35:39.0213 3276  adpu160m - ok
10:35:39.0244 3276  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
10:35:39.0259 3276  adpu320 - ok
10:35:39.0286 3276  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
10:35:39.0351 3276  AeLookupSvc - ok
10:35:39.0429 3276  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD            C:\Windows\system32\drivers\afd.sys
10:35:39.0482 3276  AFD - ok
10:35:39.0535 3276  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:35:39.0547 3276  agp440 - ok
10:35:39.0584 3276  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
10:35:39.0597 3276  aic78xx - ok
10:35:39.0618 3276  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG            C:\Windows\System32\alg.exe
10:35:39.0706 3276  ALG - ok
10:35:39.0724 3276  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:35:39.0735 3276  aliide - ok
10:35:39.0738 3276  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
10:35:39.0749 3276  amdide - ok
10:35:39.0767 3276  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
10:35:39.0824 3276  AmdK8 - ok
10:35:39.0922 3276  [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
10:35:39.0938 3276  AntiVirMailService - ok
10:35:39.0989 3276  [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:35:39.0999 3276  AntiVirSchedulerService - ok
10:35:40.0010 3276  [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:35:40.0020 3276  AntiVirService - ok
10:35:40.0035 3276  [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
10:35:40.0051 3276  AntiVirWebService - ok
10:35:40.0065 3276  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo        C:\Windows\System32\appinfo.dll
10:35:40.0133 3276  Appinfo - ok
10:35:40.0157 3276  [ BA8417D4765F3988FF921F30F630E303 ] arc            C:\Windows\system32\drivers\arc.sys
10:35:40.0170 3276  arc - ok
10:35:40.0200 3276  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:35:40.0213 3276  arcsas - ok
10:35:40.0242 3276  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:35:40.0288 3276  AsyncMac - ok
10:35:40.0313 3276  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi          C:\Windows\system32\drivers\atapi.sys
10:35:40.0324 3276  atapi - ok
10:35:40.0364 3276  [ F88EF61BCD43ADDF2C9555430C16CD96 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:35:40.0508 3276  atksgt - ok
10:35:40.0537 3276  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:35:40.0619 3276  AudioEndpointBuilder - ok
10:35:40.0637 3276  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:35:40.0676 3276  AudioSrv - ok
10:35:40.0733 3276  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:35:40.0746 3276  avgntflt - ok
10:35:40.0762 3276  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:35:40.0773 3276  avipbb - ok
10:35:40.0803 3276  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:35:40.0813 3276  avkmgr - ok
10:35:40.0850 3276  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE            C:\Windows\System32\bfe.dll
10:35:40.0920 3276  BFE - ok
10:35:40.0982 3276  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
10:35:41.0141 3276  BITS - ok
10:35:41.0196 3276  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:35:41.0242 3276  blbdrive - ok
10:35:41.0266 3276  [ DAA72C9154459E613EED88502624C340 ] BlueletAudio    C:\Windows\system32\DRIVERS\blueletaudio.sys
10:35:41.0276 3276  BlueletAudio - ok
10:35:41.0282 3276  [ 8AF05BCB15D846E1E8B34AF0635879C9 ] BlueletSCOAudio C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
10:35:41.0291 3276  BlueletSCOAudio - ok
10:35:41.0334 3276  [ E460DBC78B9162A569C6CE3B7D31216D ] BlueSoleil Hid Service C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
10:35:41.0344 3276  BlueSoleil Hid Service - ok
10:35:41.0408 3276  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:35:41.0438 3276  bowser - ok
10:35:41.0460 3276  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:35:41.0484 3276  BrFiltLo - ok
10:35:41.0498 3276  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:35:41.0558 3276  BrFiltUp - ok
10:35:41.0598 3276  [ A1B39DE453433B115B4EA69EE0343816 ] Browser        C:\Windows\System32\browser.dll
10:35:41.0634 3276  Browser - ok
10:35:41.0658 3276  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid        C:\Windows\system32\drivers\brserid.sys
10:35:41.0711 3276  Brserid - ok
10:35:41.0739 3276  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:35:41.0823 3276  BrSerWdm - ok
10:35:41.0839 3276  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:35:41.0902 3276  BrUsbMdm - ok
10:35:41.0906 3276  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:35:41.0975 3276  BrUsbSer - ok
10:35:42.0075 3276  [ 0F890E854FCBE98F4574ACC6423FCCEF ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys
10:35:42.0084 3276  BT - ok
10:35:42.0176 3276  [ 7C5893EA5AA483E051B8311BDB36E19A ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
10:35:42.0185 3276  Btcsrusb - ok
10:35:42.0188 3276  BtHidBus - ok
10:35:42.0203 3276  [ E49A371185D5E79C103765DA93856EE1 ] BTHidEnum      C:\Windows\system32\Drivers\vbtenum.sys
10:35:42.0212 3276  BTHidEnum - ok
10:35:42.0236 3276  [ 8FA060B557C7DE309D2D5C16C3DA2EF6 ] BTHidMgr        C:\Windows\system32\Drivers\BTHidMgr.sys
10:35:42.0245 3276  BTHidMgr - ok
10:35:42.0257 3276  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:35:42.0302 3276  BTHMODEM - ok
10:35:42.0365 3276  [ 40AAAB64465E42C72B6411AAEB3EEF0F ] btnetBUs        C:\Windows\system32\Drivers\btnetBus.sys
10:35:42.0374 3276  btnetBUs - ok
10:35:42.0379 3276  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:35:42.0422 3276  cdfs - ok
10:35:42.0473 3276  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
10:35:42.0510 3276  cdrom - ok
10:35:42.0543 3276  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc    C:\Windows\System32\certprop.dll
10:35:42.0580 3276  CertPropSvc - ok
10:35:42.0602 3276  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:35:42.0650 3276  circlass - ok
10:35:42.0663 3276  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
10:35:42.0699 3276  CLFS - ok
10:35:42.0806 3276  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:35:42.0819 3276  clr_optimization_v2.0.50727_32 - ok
10:35:42.0890 3276  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:35:42.0902 3276  clr_optimization_v2.0.50727_64 - ok
10:35:42.0935 3276  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:35:42.0946 3276  cmdide - ok
10:35:42.0995 3276  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:35:43.0007 3276  Compbatt - ok
10:35:43.0011 3276  COMSysApp - ok
10:35:43.0044 3276  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
10:35:43.0056 3276  crcdisk - ok
10:35:43.0138 3276  [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:35:43.0168 3276  CryptSvc - ok
10:35:43.0201 3276  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:35:43.0238 3276  DcomLaunch - ok
10:35:43.0266 3276  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:35:43.0294 3276  DfsC - ok
10:35:43.0364 3276  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
10:35:43.0630 3276  DFSR - ok
10:35:43.0701 3276  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:35:43.0741 3276  Dhcp - ok
10:35:43.0785 3276  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
10:35:43.0797 3276  disk - ok
10:35:43.0955 3276  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:35:43.0968 3276  Dnscache - ok
10:35:44.0051 3276  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc        C:\Windows\System32\dot3svc.dll
10:35:44.0075 3276  dot3svc - ok
10:35:44.0105 3276  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:35:44.0149 3276  Dot4 - ok
10:35:44.0185 3276  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print      C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:35:44.0228 3276  Dot4Print - ok
10:35:44.0280 3276  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
10:35:44.0323 3276  dot4usb - ok
10:35:44.0345 3276  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS            C:\Windows\system32\dps.dll
10:35:44.0400 3276  DPS - ok
10:35:44.0430 3276  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
10:35:44.0468 3276  drmkaud - ok
10:35:44.0543 3276  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
10:35:44.0587 3276  DXGKrnl - ok
10:35:44.0620 3276  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60          C:\Windows\system32\DRIVERS\E1G6032E.sys
10:35:44.0690 3276  E1G60 - ok
10:35:44.0706 3276  [ C2303883FD9BE49DC36A6400643002EA ] EapHost        C:\Windows\System32\eapsvc.dll
10:35:44.0779 3276  EapHost - ok
10:35:44.0803 3276  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:35:44.0818 3276  Ecache - ok
10:35:44.0866 3276  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
10:35:44.0882 3276  ehRecvr - ok
10:35:44.0922 3276  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched        C:\Windows\ehome\ehsched.exe
10:35:44.0945 3276  ehSched - ok
10:35:44.0949 3276  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart        C:\Windows\ehome\ehstart.dll
10:35:44.0965 3276  ehstart - ok
10:35:45.0004 3276  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
10:35:45.0025 3276  elxstor - ok
10:35:45.0069 3276  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
10:35:45.0099 3276  EMDMgmt - ok
10:35:45.0123 3276  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:35:45.0168 3276  ErrDev - ok
10:35:45.0212 3276  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem    C:\Windows\system32\es.dll
10:35:45.0284 3276  EventSystem - ok
10:35:45.0345 3276  [ 486844F47B6636044A42454614ED4523 ] exfat          C:\Windows\system32\drivers\exfat.sys
10:35:45.0359 3276  exfat - ok
10:35:45.0363 3276  ezSharedSvc - ok
10:35:45.0425 3276  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
10:35:45.0477 3276  fastfat - ok
10:35:45.0506 3276  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
10:35:45.0536 3276  fdc - ok
10:35:45.0568 3276  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost        C:\Windows\system32\fdPHost.dll
10:35:45.0619 3276  fdPHost - ok
10:35:45.0646 3276  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
10:35:45.0708 3276  FDResPub - ok
10:35:45.0723 3276  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:35:45.0740 3276  FileInfo - ok
10:35:45.0756 3276  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
10:35:45.0788 3276  Filetrace - ok
10:35:45.0797 3276  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:35:45.0827 3276  flpydisk - ok
10:35:45.0864 3276  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:35:45.0879 3276  FltMgr - ok
10:35:45.0933 3276  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache      C:\Windows\system32\FntCache.dll
10:35:46.0052 3276  FontCache - ok
10:35:46.0149 3276  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:35:46.0160 3276  FontCache3.0.0.0 - ok
10:35:46.0209 3276  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:35:46.0231 3276  Fs_Rec - ok
10:35:46.0254 3276  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:35:46.0266 3276  gagp30kx - ok
10:35:46.0321 3276  [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
10:35:46.0333 3276  GameConsoleService - ok
10:35:46.0382 3276  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc          C:\Windows\System32\gpsvc.dll
10:35:46.0413 3276  gpsvc - ok
10:35:46.0497 3276  [ 626A24ED1228580B9518C01930936DF9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:46.0507 3276  gupdate - ok
10:35:46.0519 3276  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:46.0529 3276  gupdatem - ok
10:35:46.0553 3276  [ 408DDD80EEDE47175F6844817B90213E ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:35:46.0564 3276  gusvc - ok
10:35:46.0632 3276  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:35:46.0744 3276  HDAudBus - ok
10:35:46.0772 3276  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:35:46.0850 3276  HidBth - ok
10:35:46.0864 3276  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr          C:\Windows\system32\drivers\hidir.sys
10:35:46.0925 3276  HidIr - ok
10:35:46.0946 3276  [ 59361D38A297755D46A540E450202B2A ] hidserv        C:\Windows\system32\hidserv.dll
10:35:46.0979 3276  hidserv - ok
10:35:46.0994 3276  [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:35:47.0038 3276  HidUsb - ok
10:35:47.0060 3276  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:35:47.0090 3276  hkmsvc - ok
10:35:47.0130 3276  [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:35:47.0147 3276  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
10:35:47.0147 3276  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
10:35:47.0162 3276  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
10:35:47.0174 3276  HpCISSs - ok
10:35:47.0215 3276  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:35:47.0256 3276  HTTP - ok
10:35:47.0281 3276  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp          C:\Windows\system32\drivers\i2omp.sys
10:35:47.0292 3276  i2omp - ok
10:35:47.0320 3276  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:35:47.0343 3276  i8042prt - ok
10:35:47.0440 3276  [ 5B19DFC29A9563A5DA5CA559BED83AA8 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:35:47.0454 3276  IAANTMON - ok
10:35:47.0537 3276  [ 8EACF469269FB1509561961A3188F670 ] iaStor          C:\Windows\system32\drivers\iastor.sys
10:35:47.0551 3276  iaStor - ok
10:35:47.0587 3276  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
10:35:47.0602 3276  iaStorV - ok
10:35:47.0679 3276  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:35:47.0721 3276  idsvc - ok
10:35:47.0766 3276  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
10:35:47.0777 3276  iirsp - ok
10:35:47.0804 3276  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
10:35:47.0855 3276  IKEEXT - ok
10:35:47.0964 3276  [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:35:48.0031 3276  IntcAzAudAddService - ok
10:35:48.0080 3276  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
10:35:48.0092 3276  intelide - ok
10:35:48.0107 3276  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:35:48.0137 3276  intelppm - ok
10:35:48.0161 3276  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
10:35:48.0192 3276  IPBusEnum - ok
10:35:48.0205 3276  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:35:48.0248 3276  IpFilterDriver - ok
10:35:48.0294 3276  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:35:48.0308 3276  iphlpsvc - ok
10:35:48.0311 3276  IpInIp - ok
10:35:48.0341 3276  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
10:35:48.0394 3276  IPMIDRV - ok
10:35:48.0437 3276  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
10:35:48.0492 3276  IPNAT - ok
10:35:48.0517 3276  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:35:48.0547 3276  IRENUM - ok
10:35:48.0558 3276  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:35:48.0570 3276  isapnp - ok
10:35:48.0629 3276  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:35:48.0643 3276  iScsiPrt - ok
10:35:48.0656 3276  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:35:48.0667 3276  iteatapi - ok
10:35:48.0699 3276  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid        C:\Windows\system32\drivers\iteraid.sys
10:35:48.0710 3276  iteraid - ok
10:35:48.0713 3276  IvtBtBUs - ok
10:35:48.0743 3276  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:35:48.0755 3276  kbdclass - ok
10:35:48.0786 3276  [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:35:48.0835 3276  kbdhid - ok
10:35:48.0899 3276  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
10:35:48.0927 3276  KeyIso - ok
10:35:48.0959 3276  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:35:48.0984 3276  KSecDD - ok
10:35:49.0016 3276  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
10:35:49.0071 3276  ksthunk - ok
10:35:49.0098 3276  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm          C:\Windows\system32\msdtckrm.dll
10:35:49.0144 3276  KtmRm - ok
10:35:49.0170 3276  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:35:49.0198 3276  LanmanServer - ok
10:35:49.0256 3276  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:35:49.0280 3276  LanmanWorkstation - ok
10:35:49.0335 3276  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:35:49.0339 3276  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:35:49.0339 3276  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:35:49.0352 3276  [ 8E4CA9AFD55EF6B509C80A8715ABF8C6 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:35:49.0364 3276  lirsgt - ok
10:35:49.0369 3276  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:35:49.0414 3276  lltdio - ok
10:35:49.0443 3276  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
10:35:49.0503 3276  lltdsvc - ok
10:35:49.0530 3276  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts        C:\Windows\System32\lmhsvc.dll
10:35:49.0565 3276  lmhosts - ok
10:35:49.0601 3276  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:35:49.0614 3276  LSI_FC - ok
10:35:49.0649 3276  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
10:35:49.0662 3276  LSI_SAS - ok
10:35:49.0687 3276  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:35:49.0700 3276  LSI_SCSI - ok
10:35:49.0731 3276  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv          C:\Windows\system32\drivers\luafv.sys
10:35:49.0769 3276  luafv - ok
10:35:49.0784 3276  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
10:35:49.0797 3276  Mcx2Svc - ok
10:35:49.0828 3276  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas        C:\Windows\system32\drivers\megasas.sys
10:35:49.0840 3276  megasas - ok
10:35:49.0900 3276  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:35:49.0921 3276  MegaSR - ok
10:35:50.0016 3276  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:35:50.0027 3276  Microsoft Office Groove Audit Service - ok
10:35:50.0060 3276  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS          C:\Windows\system32\mmcss.dll
10:35:50.0096 3276  MMCSS - ok
10:35:50.0112 3276  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem          C:\Windows\system32\drivers\modem.sys
10:35:50.0154 3276  Modem - ok
10:35:50.0182 3276  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
10:35:50.0211 3276  monitor - ok
10:35:50.0228 3276  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:35:50.0240 3276  mouclass - ok
10:35:50.0257 3276  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:35:50.0308 3276  mouhid - ok
10:35:50.0337 3276  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:35:50.0349 3276  MountMgr - ok
10:35:50.0395 3276  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:35:50.0406 3276  MozillaMaintenance - ok
10:35:50.0429 3276  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:35:50.0442 3276  mpio - ok
10:35:50.0473 3276  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:35:50.0503 3276  mpsdrv - ok
10:35:50.0538 3276  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:35:50.0574 3276  MpsSvc - ok
10:35:50.0604 3276  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:35:50.0615 3276  Mraid35x - ok
10:35:50.0656 3276  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:35:50.0686 3276  MRxDAV - ok
10:35:50.0714 3276  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:35:50.0758 3276  mrxsmb - ok
10:35:50.0804 3276  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:35:50.0820 3276  mrxsmb10 - ok
10:35:50.0824 3276  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:35:50.0844 3276  mrxsmb20 - ok
10:35:50.0873 3276  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:35:50.0885 3276  msahci - ok
10:35:50.0911 3276  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
10:35:50.0924 3276  msdsm - ok
10:35:50.0933 3276  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC          C:\Windows\System32\msdtc.exe
10:35:50.0964 3276  MSDTC - ok
10:35:50.0980 3276  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:35:51.0024 3276  Msfs - ok
10:35:51.0028 3276  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:35:51.0040 3276  msisadrv - ok
10:35:51.0065 3276  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
10:35:51.0111 3276  MSiSCSI - ok
10:35:51.0114 3276  msiserver - ok
10:35:51.0142 3276  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
10:35:51.0191 3276  MSKSSRV - ok
10:35:51.0205 3276  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:35:51.0242 3276  MSPCLOCK - ok
10:35:51.0259 3276  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
10:35:51.0294 3276  MSPQM - ok
10:35:51.0318 3276  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
10:35:51.0336 3276  MsRPC - ok
10:35:51.0346 3276  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:35:51.0357 3276  mssmbios - ok
10:35:51.0370 3276  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
10:35:51.0416 3276  MSTEE - ok
10:35:51.0428 3276  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup            C:\Windows\system32\Drivers\mup.sys
10:35:51.0441 3276  Mup - ok
10:35:51.0482 3276  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
10:35:51.0553 3276  napagent - ok
10:35:51.0610 3276  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
10:35:51.0639 3276  NativeWifiP - ok
10:35:51.0693 3276  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:35:51.0719 3276  NDIS - ok
10:35:51.0728 3276  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:35:51.0767 3276  NdisTapi - ok
10:35:51.0786 3276  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
10:35:51.0830 3276  Ndisuio - ok
10:35:51.0849 3276  [ F8158771905260982CE724076419EF19 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
10:35:51.0883 3276  NdisWan - ok
10:35:51.0895 3276  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
10:35:51.0947 3276  NDProxy - ok
10:35:52.0048 3276  [ 2AAE889742376EDC5C3203DFB74F28FD ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
10:35:52.0082 3276  Nero BackItUp Scheduler 3 - ok
10:35:52.0109 3276  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:35:52.0113 3276  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:35:52.0113 3276  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:35:52.0122 3276  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
10:35:52.0174 3276  NetBIOS - ok
10:35:52.0224 3276  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
10:35:52.0257 3276  netbt - ok
10:35:52.0267 3276  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
10:35:52.0279 3276  Netlogon - ok
10:35:52.0300 3276  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
10:35:52.0336 3276  Netman - ok
10:35:52.0360 3276  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
10:35:52.0399 3276  netprofm - ok
10:35:52.0436 3276  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:35:52.0447 3276  NetTcpPortSharing - ok
10:35:52.0470 3276  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
10:35:52.0481 3276  nfrd960 - ok
10:35:52.0498 3276  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:35:52.0540 3276  NlaSvc - ok
10:35:52.0590 3276  [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
10:35:52.0607 3276  NMIndexingService - ok
10:35:52.0611 3276  nmwcdnsucx64 - ok
10:35:52.0633 3276  nmwcdnsux64 - ok
10:35:52.0675 3276  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:35:52.0711 3276  Npfs - ok
10:35:52.0731 3276  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi            C:\Windows\system32\nsisvc.dll
10:35:52.0779 3276  nsi - ok
10:35:52.0783 3276  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:35:52.0833 3276  nsiproxy - ok
10:35:52.0882 3276  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:35:52.0980 3276  Ntfs - ok
10:35:52.0984 3276  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
10:35:53.0053 3276  Null - ok
10:35:53.0342 3276  [ 828E3D31D9E5B81A4927885D3752C996 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:35:53.0912 3276  nvlddmkm - ok
10:35:53.0954 3276  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:35:53.0968 3276  nvraid - ok
10:35:53.0984 3276  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:35:53.0995 3276  nvstor - ok
10:35:54.0060 3276  [ 1C63E34632CEBD6A37B82DC77C4F7575 ] nvsvc          C:\Windows\system32\nvvsvc.exe
10:35:54.0097 3276  nvsvc - ok
10:35:54.0167 3276  [ 4A5A9DDEF3C7E4E37EB22DE00AE8B9F1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:35:54.0319 3276  nvUpdatusService - ok
10:35:54.0348 3276  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:35:54.0361 3276  nv_agp - ok
10:35:54.0365 3276  NwlnkFlt - ok
10:35:54.0369 3276  NwlnkFwd - ok
10:35:54.0424 3276  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:35:54.0458 3276  odserv - ok
10:35:54.0566 3276  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:35:54.0596 3276  ohci1394 - ok
10:35:54.0635 3276  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:35:54.0647 3276  ose - ok
10:35:54.0704 3276  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:35:54.0775 3276  p2pimsvc - ok
10:35:54.0802 3276  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
10:35:54.0847 3276  p2psvc - ok
10:35:54.0890 3276  [ AECD57F94C887F58919F307C35498EA0 ] Parport        C:\Windows\system32\drivers\parport.sys
10:35:54.0967 3276  Parport - ok
10:35:55.0026 3276  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
10:35:55.0038 3276  partmgr - ok
10:35:55.0058 3276  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:35:55.0072 3276  PcaSvc - ok
10:35:55.0118 3276  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
10:35:55.0147 3276  pccsmcfd - ok
10:35:55.0173 3276  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci            C:\Windows\system32\drivers\pci.sys
10:35:55.0188 3276  pci - ok
10:35:55.0221 3276  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:35:55.0232 3276  pciide - ok
10:35:55.0277 3276  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:35:55.0291 3276  pcmcia - ok
10:35:55.0328 3276  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:35:55.0388 3276  PEAUTH - ok
10:35:55.0463 3276  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:35:55.0500 3276  PerfHost - ok
10:35:55.0543 3276  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla            C:\Windows\system32\pla.dll
10:35:55.0625 3276  pla - ok
10:35:55.0652 3276  [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
10:35:55.0664 3276  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
10:35:55.0664 3276  PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
10:35:55.0693 3276  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:35:55.0719 3276  PlugPlay - ok
10:35:55.0743 3276  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:35:55.0747 3276  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:35:55.0747 3276  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:35:55.0772 3276  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
10:35:55.0795 3276  PNRPAutoReg - ok
10:35:55.0839 3276  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc        C:\Windows\system32\p2psvc.dll
10:35:55.0861 3276  PNRPsvc - ok
10:35:55.0923 3276  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
10:35:55.0995 3276  PolicyAgent - ok
10:35:56.0027 3276  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:35:56.0061 3276  PptpMiniport - ok
10:35:56.0078 3276  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor      C:\Windows\system32\drivers\processr.sys
10:35:56.0139 3276  Processor - ok
10:35:56.0174 3276  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc        C:\Windows\system32\profsvc.dll
10:35:56.0222 3276  ProfSvc - ok
10:35:56.0246 3276  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:35:56.0258 3276  ProtectedStorage - ok
10:35:56.0285 3276  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2            C:\Windows\system32\DRIVERS\PS2.sys
10:35:56.0308 3276  Ps2 - ok
10:35:56.0333 3276  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:35:56.0355 3276  PSched - ok
10:35:56.0397 3276  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:35:56.0464 3276  ql2300 - ok
10:35:56.0499 3276  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:35:56.0512 3276  ql40xx - ok
10:35:56.0553 3276  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE          C:\Windows\system32\qwave.dll
10:35:56.0585 3276  QWAVE - ok
10:35:56.0601 3276  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:35:56.0614 3276  QWAVEdrv - ok
10:35:56.0624 3276  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:35:56.0666 3276  RasAcd - ok
10:35:56.0682 3276  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto        C:\Windows\System32\rasauto.dll
10:35:56.0737 3276  RasAuto - ok
10:35:56.0780 3276  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
10:35:56.0834 3276  Rasl2tp - ok
10:35:56.0864 3276  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
10:35:56.0890 3276  RasMan - ok
10:35:56.0924 3276  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:35:56.0952 3276  RasPppoe - ok
10:35:56.0974 3276  [ C6A593B51F34C33E5474539544072527 ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
10:35:56.0995 3276  RasSstp - ok
10:35:57.0081 3276  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
10:35:57.0107 3276  rdbss - ok
10:35:57.0123 3276  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:35:57.0152 3276  RDPCDD - ok
10:35:57.0189 3276  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
10:35:57.0234 3276  rdpdr - ok
10:35:57.0238 3276  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:35:57.0267 3276  RDPENCDD - ok
10:35:57.0326 3276  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
10:35:57.0365 3276  RDPWD - ok
10:35:57.0395 3276  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:35:57.0452 3276  RemoteAccess - ok
10:35:57.0500 3276  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:35:57.0532 3276  RemoteRegistry - ok
10:35:57.0535 3276  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM      C:\Windows\system32\Drivers\RootMdm.sys
10:35:57.0565 3276  ROOTMODEM - ok
10:35:57.0587 3276  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
10:35:57.0604 3276  RpcLocator - ok
10:35:57.0650 3276  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs          C:\Windows\system32\rpcss.dll
10:35:57.0682 3276  RpcSs - ok
10:35:57.0689 3276  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:35:57.0720 3276  rspndr - ok
10:35:57.0746 3276  [ 82B66ABF055611024E5DBB9FA556C11D ] RTL8169        C:\Windows\system32\DRIVERS\Rtlh64.sys
10:35:57.0764 3276  RTL8169 - ok
10:35:57.0779 3276  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs          C:\Windows\system32\lsass.exe
10:35:57.0791 3276  SamSs - ok
10:35:57.0825 3276  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:35:57.0837 3276  sbp2port - ok
10:35:57.0867 3276  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:35:57.0900 3276  SCardSvr - ok
10:35:57.0946 3276  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
10:35:58.0009 3276  Schedule - ok
10:35:58.0021 3276  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc    C:\Windows\System32\certprop.dll
10:35:58.0043 3276  SCPolicySvc - ok
10:35:58.0071 3276  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:35:58.0128 3276  SDRSVC - ok
10:35:58.0151 3276  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:35:58.0203 3276  secdrv - ok
10:35:58.0222 3276  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
10:35:58.0258 3276  seclogon - ok
10:35:58.0272 3276  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
10:35:58.0308 3276  SENS - ok
10:35:58.0324 3276  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
10:35:58.0376 3276  Serenum - ok
10:35:58.0394 3276  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
10:35:58.0454 3276  Serial - ok
10:35:58.0474 3276  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:35:58.0504 3276  sermouse - ok
10:35:58.0608 3276  [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
10:35:58.0650 3276  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:35:58.0651 3276  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:35:58.0692 3276  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:35:58.0723 3276  SessionEnv - ok
10:35:58.0734 3276  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
10:35:58.0783 3276  sffdisk - ok
10:35:58.0810 3276  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:35:58.0840 3276  sffp_mmc - ok
10:35:58.0850 3276  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
10:35:58.0880 3276  sffp_sd - ok
10:35:58.0891 3276  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
10:35:58.0959 3276  sfloppy - ok
10:35:59.0003 3276  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:35:59.0048 3276  SharedAccess - ok
10:35:59.0074 3276  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:35:59.0096 3276  ShellHWDetection - ok
10:35:59.0109 3276  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:35:59.0121 3276  SiSRaid2 - ok
10:35:59.0139 3276  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:35:59.0152 3276  SiSRaid4 - ok
10:35:59.0229 3276  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
10:35:59.0240 3276  SkypeUpdate - ok
10:35:59.0298 3276  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc          C:\Windows\system32\SLsvc.exe
10:35:59.0520 3276  slsvc - ok
10:35:59.0541 3276  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:35:59.0577 3276  SLUINotify - ok
10:35:59.0621 3276  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
10:35:59.0674 3276  Smb - ok
10:35:59.0714 3276  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:35:59.0734 3276  SNMPTRAP - ok
10:35:59.0761 3276  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr          C:\Windows\system32\drivers\spldr.sys
10:35:59.0773 3276  spldr - ok
10:35:59.0805 3276  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler        C:\Windows\System32\spoolsv.exe
10:35:59.0820 3276  Spooler - ok
10:35:59.0883 3276  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv            C:\Windows\system32\DRIVERS\srv.sys
10:35:59.0946 3276  srv - ok
10:36:00.0001 3276  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:36:00.0032 3276  srv2 - ok
10:36:00.0072 3276  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:36:00.0100 3276  srvnet - ok
10:36:00.0170 3276  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
10:36:00.0226 3276  SSDPSRV - ok
10:36:00.0281 3276  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc        C:\Windows\system32\sstpsvc.dll
10:36:00.0301 3276  SstpSvc - ok
10:36:00.0326 3276  [ 9D1A8732718438DC8C472D4D7762DE5F ] Start BT in service C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
10:36:00.0335 3276  Start BT in service - ok
10:36:00.0363 3276  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
10:36:00.0416 3276  stisvc - ok
10:36:00.0447 3276  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:36:00.0458 3276  swenum - ok
10:36:00.0489 3276  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv          C:\Windows\System32\swprv.dll
10:36:00.0519 3276  swprv - ok
10:36:00.0538 3276  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
10:36:00.0550 3276  Symc8xx - ok
10:36:00.0564 3276  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:36:00.0575 3276  Sym_hi - ok
10:36:00.0594 3276  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:36:00.0605 3276  Sym_u3 - ok
10:36:00.0640 3276  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain        C:\Windows\system32\sysmain.dll
10:36:00.0735 3276  SysMain - ok
10:36:00.0777 3276  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:36:00.0799 3276  TabletInputService - ok
10:36:00.0833 3276  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv        C:\Windows\System32\tapisrv.dll
10:36:00.0860 3276  TapiSrv - ok
10:36:00.0874 3276  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS            C:\Windows\System32\tbssvc.dll
10:36:00.0906 3276  TBS - ok
10:36:00.0983 3276  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
10:36:01.0060 3276  Tcpip - ok
10:36:01.0123 3276  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:36:01.0185 3276  Tcpip6 - ok
10:36:01.0273 3276  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:36:01.0301 3276  tcpipreg - ok
10:36:01.0317 3276  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:36:01.0378 3276  TDPIPE - ok
10:36:01.0408 3276  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
10:36:01.0453 3276  TDTCP - ok
10:36:01.0488 3276  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
10:36:01.0519 3276  tdx - ok
10:36:01.0531 3276  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:36:01.0544 3276  TermDD - ok
10:36:01.0569 3276  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService    C:\Windows\System32\termsrv.dll
10:36:01.0614 3276  TermService - ok
10:36:01.0653 3276  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
10:36:01.0668 3276  Themes - ok
10:36:01.0697 3276  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER    C:\Windows\system32\mmcss.dll
10:36:01.0729 3276  THREADORDER - ok
10:36:01.0759 3276  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
10:36:01.0805 3276  TrkWks - ok
10:36:01.0837 3276  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:36:01.0866 3276  TrustedInstaller - ok
10:36:01.0883 3276  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:36:01.0914 3276  tssecsrv - ok
10:36:01.0924 3276  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
10:36:01.0959 3276  tunmp - ok
10:36:02.0015 3276  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:36:02.0035 3276  tunnel - ok
10:36:02.0045 3276  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:36:02.0057 3276  uagp35 - ok
10:36:02.0083 3276  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:36:02.0123 3276  udfs - ok
10:36:02.0151 3276  [ 060507C4113391394478F6953A79EEDC ] UI0Detect      C:\Windows\system32\UI0Detect.exe
10:36:02.0182 3276  UI0Detect - ok
10:36:02.0271 3276  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:36:02.0283 3276  uliagpkx - ok
10:36:02.0355 3276  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci        C:\Windows\system32\drivers\uliahci.sys
10:36:02.0372 3276  uliahci - ok
10:36:02.0392 3276  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:36:02.0405 3276  UlSata - ok
10:36:02.0434 3276  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
10:36:02.0448 3276  ulsata2 - ok
10:36:02.0466 3276  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
10:36:02.0497 3276  umbus - ok
10:36:02.0566 3276  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
10:36:02.0616 3276  upnphost - ok
10:36:02.0620 3276  upperdev - ok
10:36:02.0666 3276  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
10:36:02.0705 3276  usbccgp - ok
10:36:02.0721 3276  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:36:02.0787 3276  usbcir - ok
10:36:02.0840 3276  [ 827E44DE934A736EA31E91D353EB126F ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
10:36:02.0871 3276  usbehci - ok
10:36:02.0930 3276  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:36:02.0962 3276  usbhub - ok
10:36:02.0981 3276  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
10:36:03.0034 3276  usbohci - ok
10:36:03.0046 3276  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:36:03.0075 3276  usbprint - ok
10:36:03.0095 3276  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
10:36:03.0133 3276  usbscan - ok
10:36:03.0506 3276  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:36:03.0551 3276  USBSTOR - ok
10:36:03.0572 3276  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
10:36:03.0595 3276  usbuhci - ok
10:36:03.0612 3276  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:36:03.0644 3276  usbvideo - ok
10:36:03.0670 3276  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms          C:\Windows\System32\uxsms.dll
10:36:03.0693 3276  UxSms - ok
10:36:03.0711 3276  [ B9B0A0B9232A51BBDE9F28CA41716D61 ] VComm          C:\Windows\system32\DRIVERS\VComm.sys
10:36:03.0721 3276  VComm - ok
10:36:03.0792 3276  [ F1B2D9AC422F8B72BF417C8D77C85A3B ] VcommMgr        C:\Windows\system32\Drivers\VcommMgr.sys
10:36:03.0802 3276  VcommMgr - ok
10:36:03.0845 3276  [ 294945381DFA7CE58CECF0A9896AF327 ] vds            C:\Windows\System32\vds.exe
10:36:03.0938 3276  vds - ok
10:36:03.0958 3276  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
10:36:03.0988 3276  vga - ok
10:36:04.0006 3276  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave        C:\Windows\System32\drivers\vga.sys
10:36:04.0035 3276  VgaSave - ok
10:36:04.0064 3276  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
10:36:04.0075 3276  viaide - ok
10:36:04.0116 3276  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:36:04.0129 3276  volmgr - ok
10:36:04.0190 3276  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
10:36:04.0210 3276  volmgrx - ok
10:36:04.0266 3276  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap        C:\Windows\system32\drivers\volsnap.sys
10:36:04.0283 3276  volsnap - ok
10:36:04.0300 3276  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
10:36:04.0315 3276  vsmraid - ok
10:36:04.0363 3276  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS            C:\Windows\system32\vssvc.exe
10:36:04.0428 3276  VSS - ok
10:36:04.0476 3276  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time        C:\Windows\system32\w32time.dll
10:36:04.0512 3276  W32Time - ok
10:36:04.0554 3276  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:36:04.0598 3276  WacomPen - ok
10:36:04.0625 3276  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:36:04.0675 3276  Wanarp - ok
10:36:04.0679 3276  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:36:04.0701 3276  Wanarpv6 - ok
10:36:04.0742 3276  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
10:36:04.0823 3276  wcncsvc - ok
10:36:04.0885 3276  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:36:04.0924 3276  WcsPlugInService - ok
10:36:04.0939 3276  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
10:36:04.0951 3276  Wd - ok
10:36:04.0979 3276  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:36:05.0029 3276  Wdf01000 - ok
10:36:05.0085 3276  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:36:05.0138 3276  WdiServiceHost - ok
10:36:05.0156 3276  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost  C:\Windows\system32\wdi.dll
10:36:05.0188 3276  WdiSystemHost - ok
10:36:05.0209 3276  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient      C:\Windows\System32\webclnt.dll
10:36:05.0226 3276  WebClient - ok
10:36:05.0256 3276  [ BD9A749F36710FFA02E0E530F7451936 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:36:05.0289 3276  Wecsvc - ok
10:36:05.0317 3276  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
10:36:05.0343 3276  wercplsupport - ok
10:36:05.0353 3276  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
10:36:05.0385 3276  WerSvc - ok
10:36:05.0400 3276  WinDefend - ok
10:36:05.0405 3276  WinHttpAutoProxySvc - ok
10:36:05.0497 3276  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
10:36:05.0521 3276  Winmgmt - ok
10:36:05.0555 3276  [ 42717DB2BE3A075D0F0CD5C927C27A43 ] WinRM          C:\Windows\system32\WsmSvc.dll
10:36:05.0674 3276  WinRM - ok
10:36:05.0750 3276  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc        C:\Windows\System32\wlansvc.dll
10:36:05.0820 3276  Wlansvc - ok
10:36:05.0859 3276  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
10:36:05.0896 3276  WmiAcpi - ok
10:36:05.0922 3276  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:36:05.0949 3276  wmiApSrv - ok
10:36:05.0968 3276  WMPNetworkSvc - ok
10:36:06.0097 3276  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:36:06.0126 3276  WPCSvc - ok
10:36:06.0331 3276  [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:36:06.0438 3276  WPDBusEnum - ok
10:36:06.0467 3276  [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:36:06.0500 3276  WpdUsb - ok
10:36:06.0517 3276  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
10:36:06.0556 3276  ws2ifsl - ok
10:36:06.0582 3276  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
10:36:06.0596 3276  wscsvc - ok
10:36:06.0599 3276  WSearch - ok
10:36:06.0688 3276  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:36:06.0801 3276  wuauserv - ok
10:36:06.0826 3276  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:36:06.0885 3276  WUDFRd - ok
10:36:06.0922 3276  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
10:36:06.0953 3276  wudfsvc - ok
10:36:06.0959 3276  ================ Scan global ===============================
10:36:07.0036 3276  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
10:36:07.0097 3276  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
10:36:07.0119 3276  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
10:36:07.0158 3276  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
10:36:07.0161 3276  [Global] - ok
10:36:07.0162 3276  ================ Scan MBR ==================================
10:36:07.0171 3276  [ A5EF69613E96C38F1EE5912A74381181 ] \Device\Harddisk0\DR0
10:36:07.0550 3276  \Device\Harddisk0\DR0 - ok
10:36:07.0551 3276  ================ Scan VBR ==================================
10:36:07.0553 3276  [ E227CD1FAB7103FC0F04012A981A76CE ] \Device\Harddisk0\DR0\Partition1
10:36:07.0555 3276  \Device\Harddisk0\DR0\Partition1 - ok
10:36:07.0557 3276  [ 6BE4A431806E3B3D06CA0F9E9D1CB232 ] \Device\Harddisk0\DR0\Partition2
10:36:07.0558 3276  \Device\Harddisk0\DR0\Partition2 - ok
10:36:07.0559 3276  ============================================================
10:36:07.0559 3276  Scan finished
10:36:07.0559 3276  ============================================================
10:36:07.0567 4124  Detected object count: 6
10:36:07.0567 4124  Actual detected object count: 6
10:36:33.0657 4124  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0657 4124  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:33.0659 4124  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0659 4124  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:33.0661 4124  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0661 4124  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:33.0662 4124  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0662 4124  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:33.0663 4124  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0663 4124  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:33.0664 4124  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:33.0664 4124  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 10.09.2012 16:27
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Sanaterium 11.09.2012 08:24
Code:
ComboFix 12-09-10.04 - Reinhard 11.09.2012  8:57.1.4 - x64
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.43.1031.18.4094.2294 [GMT 2:00]
ausgeführt von:: c:\users\Reinhard\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\nud0repor.pad
c:\windows\IsUn0407.exe
c:\windows\SysWow64\fldlckun.exe
c:\windows\SysWow64\jucheck.exe
c:\windows\SysWow64\jusched.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-08-11 bis 2012-09-11  ))))))))))))))))))))))))))))))
.
.
2012-09-11 07:09 . 2012-09-11 07:09        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2012-09-11 07:09 . 2012-09-11 07:09        --------        d-----w-        c:\users\Reinhard\AppData\Local\temp
2012-09-11 07:09 . 2012-09-11 07:09        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-09-11 06:45 . 2012-08-23 08:26        9310152        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F685A09-6C2D-4CDA-B16E-C36B07B368F4}\mpengine.dll
2012-09-07 10:13 . 2012-09-07 10:13        --------        d-----w-        C:\_OTL
2012-09-02 05:58 . 2012-09-02 05:58        --------        d-----w-        c:\program files (x86)\ESET
2012-09-01 17:45 . 2012-09-01 17:45        --------        d-----w-        c:\users\Reinhard\AppData\Roaming\Malwarebytes
2012-09-01 17:44 . 2012-09-01 17:44        --------        d-----w-        c:\programdata\Malwarebytes
2012-09-01 17:44 . 2012-09-01 17:44        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-01 17:44 . 2012-07-03 11:46        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-08-31 18:50 . 2012-08-31 18:51        --------        d-----w-        c:\users\Reinhard\AppData\Roaming\Ad-Aware Antivirus
2012-08-31 16:05 . 2012-08-31 16:05        --------        d-----w-        c:\program files (x86)\Lavasoft
2012-08-31 16:05 . 2012-08-31 18:41        --------        d-----w-        c:\programdata\Lavasoft
2012-08-16 15:01 . 2012-07-04 14:33        2769408        ----a-w-        c:\windows\system32\win32k.sys
2012-08-16 14:11 . 2012-05-11 16:34        788480        ----a-w-        c:\windows\system32\localspl.dll
2012-08-16 14:11 . 2012-05-11 15:57        623616        ----a-w-        c:\windows\SysWow64\localspl.dll
2012-08-16 14:10 . 2012-06-29 16:20        648192        ----a-w-        c:\windows\system32\netapi32.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 10:17 . 2012-04-08 09:23        696520        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-28 10:17 . 2011-05-28 18:09        73416        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-16 14:56 . 2006-11-02 12:35        62134624        ----a-w-        c:\windows\system32\mrt.exe
2012-07-18 16:41 . 2012-07-18 16:46        27760        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2012-07-18 16:41 . 2012-07-18 16:46        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-07-18 16:41 . 2012-07-18 16:46        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-06-18 11:23 . 2012-06-18 11:23        772592        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2012-06-18 11:23 . 2010-04-24 17:57        687600        ----a-w-        c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Hofer_FotoSuite_Download"="c:\program files (x86)\Hofer Foto Service\Hofer_Foto_Service\FotoSuite.exe" [2008-11-13 1257472]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-09-09 1148200]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-01 348664]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Reinhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Internet - Verknüpfung.lnk -  [N/A]
Windows Mail.lnk - c:\program files\Windows Mail\WinMail.exe [2008-1-21 400896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders       
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-28 250568]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 10:17]
.
2012-09-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-01 20:29]
.
2012-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-08-16 09:21]
.
2012-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-08-16 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Reinhard\AppData\Roaming\Mozilla\Firefox\Profiles\513zsmdg.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.ebay.at/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&MyeBay=&guest=1&guest=1|hxxp://www.google.at/|hxxp://www.gmx.at|hxxp://www.facebook.com/index.php?lh=a28bcef16fcd0e757437c98c8d7d3ea1&eu=PFX076kBu1BPoCDp0alwVw
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-09-11  09:20:36
ComboFix-quarantined-files.txt  2012-09-11 07:20
.
Vor Suchlauf: 11 Verzeichnis(se), 440.255.561.728 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 442.029.514.752 Bytes frei
.
- - End Of File - - 4729540EBCB53E298721CD91648A17B7

cosinus 11.09.2012 16:04
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Sanaterium 11.09.2012 18:53
Muss mich mal wieder für die Hilfe bedanken, und eine frage hätte ich :
Ist dieser aufwendige Prozess die übliche Vorgehensweise bei Trojanern oder ist mein Rechner so extrem verseucht ? Danke

cosinus 11.09.2012 23:02
Das ist schon die übliche Vorgehensweise, es sei denn man hat es wirklich nur mit Cookies oder nur nervigen Toolbars zu tun
Da man nicht weiß was die echten Schädlinge noch nachladen muss man so tief graben

Sanaterium 12.09.2012 09:46
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-12 10:27:31
-----------------------------
10:27:31.852    OS Version: Windows x64 6.0.6002 Service Pack 2
10:27:31.852    Number of processors: 4 586 0xF0B
10:27:31.852    ComputerName: REINHARD-PC  UserName: Reinhard
10:27:34.027    Initialize success
10:31:11.074    AVAST engine defs: 12091101
10:33:17.893    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:33:17.895    Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
10:33:17.915    Disk 0 MBR read successfully
10:33:17.917    Disk 0 MBR scan
10:33:17.922    Disk 0 unknown MBR code
10:33:17.924    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      939167 MB offset 63
10:33:17.978    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        14700 MB offset 1923414255
10:33:18.063    Disk 0 scanning C:\Windows\system32\drivers
10:33:33.041    Service scanning
10:33:52.249    Modules scanning
10:33:52.255    Disk 0 trace - called modules:
10:33:52.264    ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
10:33:52.267    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006fe2790]
10:33:52.599    3 CLASSPNP.SYS[fffffa60011d5c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004977050]
10:33:55.020    AVAST engine scan C:\Windows
10:34:04.031    AVAST engine scan C:\Windows\system32
10:37:42.260    AVAST engine scan C:\Windows\system32\drivers
10:37:57.084    AVAST engine scan C:\Users\Reinhard
10:42:36.993    Disk 0 MBR has been saved successfully to "C:\Users\Reinhard\Documents\Eigene Dateien\MBR.dat"
10:42:36.998    The log file has been saved successfully to "C:\Users\Reinhard\Documents\Eigene Dateien\aswMBR.txt"
GMER 2x abgestürzt !
OSAM hat funktioniert, aber ich kann kein logfile erstellen, wenn ich draufklicke passiert nichts ???

cosinus 12.09.2012 14:13
OSAM wurde komplett entpackt? Mit 7zip oder WinRAR?

Sanaterium 12.09.2012 16:58
Ja mit winrar entpackt, scan hat Ja auch funktioniert, aber wenn ich zum Schluss auf log klicke, passiert nichts. Habs 3x versucht !

cosinus 12.09.2012 20:11
Hm ja, das kann unter Umständen schon auf 64-Bit-Systemen passieren...

Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.
Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

Sanaterium 13.09.2012 11:01
daten hab ich schon alle gesichert, mach jetzt das log !

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-13 12:29:28
-----------------------------
12:29:28.356    OS Version: Windows x64 6.0.6002 Service Pack 2
12:29:28.356    Number of processors: 4 586 0xF0B
12:29:28.357    ComputerName: REINHARD-PC  UserName: Reinhard
12:29:30.413    Initialize success
12:29:42.995    AVAST engine defs: 12091300
12:29:59.322    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:29:59.324    Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
12:29:59.390    Disk 0 MBR read successfully
12:29:59.392    Disk 0 MBR scan
12:29:59.395    Disk 0 Windows VISTA default MBR code
12:29:59.398    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      939167 MB offset 63
12:29:59.486    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        14700 MB offset 1923414255
12:29:59.559    Disk 0 scanning C:\Windows\system32\drivers
12:30:18.341    Service scanning
12:30:39.405    Modules scanning
12:30:39.411    Disk 0 trace - called modules:
12:30:39.486    ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
12:30:39.490    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006865790]
12:30:39.821    3 CLASSPNP.SYS[fffffa6000fcec33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800496a050]
12:30:42.208    AVAST engine scan C:\Windows
12:30:51.152    AVAST engine scan C:\Windows\system32
12:35:09.989    AVAST engine scan C:\Windows\system32\drivers
12:35:42.969    AVAST engine scan C:\Users\Reinhard
12:58:31.367    AVAST engine scan C:\ProgramData
13:01:30.384    Scan finished successfully
13:02:10.941    Disk 0 MBR has been saved successfully to "C:\Users\Reinhard\Desktop\MBR.dat"
13:02:10.945    The log file has been saved successfully to "C:\Users\Reinhard\Desktop\aswMBR.txt"

cosinus 13.09.2012 20:13
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:09 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131