Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mystart.incredibar entfernen (https://www.trojaner-board.de/125790-mystart-incredibar-entfernen.html)

cosinus 22.10.2012 11:42
Log ist unvollständig, die untere Zusammenfassung fehlt

smiley1 22.10.2012 17:37
Das ist das Ergebnis das auf C: hinterlegt ist. Den Report nach dem "Skip" konnte ich, warum auch immer, nicht kopieren :headbang:! Ich hoffe das es jetzt vollständig ist - ich möchte dich schliesslich nicht ewig nerven! Vielen Dank für deinen tollen Job - ohne dich wäre ich völlig aufgeschmissen!

Code:
12:04:38.0095 5836  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:04:40.0122 5836  ============================================================
12:04:40.0122 5836  Current date / time: 2012/10/22 12:04:40.0122
12:04:40.0122 5836  SystemInfo:
12:04:40.0122 5836 
12:04:40.0122 5836  OS Version: 6.0.6002 ServicePack: 2.0
12:04:40.0122 5836  Product type: Workstation
12:04:40.0122 5836  ComputerName: BENUTZER-PC
12:04:40.0122 5836  UserName: Benutzer
12:04:40.0122 5836  Windows directory: C:\Windows
12:04:40.0122 5836  System windows directory: C:\Windows
12:04:40.0122 5836  Processor architecture: Intel x86
12:04:40.0122 5836  Number of processors: 2
12:04:40.0122 5836  Page size: 0x1000
12:04:40.0122 5836  Boot type: Normal boot
12:04:40.0122 5836  ============================================================
12:04:50.0905 5836  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:04:50.0920 5836  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:04:56.0490 5836  ============================================================
12:04:56.0490 5836  \Device\Harddisk0\DR0:
12:04:56.0490 5836  MBR partitions:
12:04:56.0490 5836  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
12:04:56.0490 5836  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x8DD8800
12:04:56.0490 5836  \Device\Harddisk1\DR1:
12:04:56.0506 5836  MBR partitions:
12:04:56.0506 5836  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
12:04:56.0506 5836  ============================================================
12:04:56.0545 5836  C: <-> \Device\Harddisk0\DR0\Partition1
12:04:56.0584 5836  D: <-> \Device\Harddisk0\DR0\Partition2
12:04:56.0600 5836  J: <-> \Device\Harddisk1\DR1\Partition1
12:04:56.0600 5836  ============================================================
12:04:56.0600 5836  Initialize success
12:04:56.0600 5836  ============================================================
12:05:38.0087 4276  ============================================================
12:05:38.0087 4276  Scan started
12:05:38.0087 4276  Mode: Manual; SigCheck; TDLFS;
12:05:38.0087 4276  ============================================================
12:05:38.0415 4276  ================ Scan system memory ========================
12:05:38.0415 4276  System memory - ok
12:05:38.0415 4276  ================ Scan services =============================
12:05:38.0650 4276  [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10        C:\Windows\system32\drivers\acedrv10.sys
12:05:38.0806 4276  acedrv10 - ok
12:05:38.0837 4276  [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10        C:\Windows\system32\drivers\acehlp10.sys
12:05:38.0868 4276  acehlp10 - ok
12:05:38.0915 4276  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:05:38.0947 4276  ACPI - ok
12:05:39.0072 4276  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:39.0087 4276  AdobeARMservice - ok
12:05:39.0150 4276  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:39.0165 4276  AdobeFlashPlayerUpdateSvc - ok
12:05:39.0212 4276  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
12:05:39.0243 4276  adp94xx - ok
12:05:39.0275 4276  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci        C:\Windows\system32\drivers\adpahci.sys
12:05:39.0290 4276  adpahci - ok
12:05:39.0322 4276  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:05:39.0337 4276  adpu160m - ok
12:05:39.0353 4276  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320        C:\Windows\system32\drivers\adpu320.sys
12:05:39.0368 4276  adpu320 - ok
12:05:39.0400 4276  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
12:05:39.0478 4276  AeLookupSvc - ok
12:05:39.0540 4276  [ 3911B972B55FEA0478476B2E777B29FA ] AFD            C:\Windows\system32\drivers\afd.sys
12:05:39.0587 4276  AFD - ok
12:05:39.0618 4276  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:05:39.0634 4276  agp440 - ok
12:05:39.0665 4276  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
12:05:39.0681 4276  aic78xx - ok
12:05:39.0712 4276  [ A1545B731579895D8CC44FC0481C1192 ] ALG            C:\Windows\System32\alg.exe
12:05:39.0775 4276  ALG - ok
12:05:39.0790 4276  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:05:39.0806 4276  aliide - ok
12:05:39.0822 4276  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:05:39.0837 4276  amdagp - ok
12:05:39.0853 4276  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
12:05:39.0884 4276  amdide - ok
12:05:39.0884 4276  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7          C:\Windows\system32\drivers\amdk7.sys
12:05:40.0040 4276  AmdK7 - ok
12:05:40.0056 4276  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
12:05:40.0134 4276  AmdK8 - ok
12:05:40.0181 4276  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo        C:\Windows\System32\appinfo.dll
12:05:40.0243 4276  Appinfo - ok
12:05:40.0259 4276  [ 5F673180268BB1FDB69C99B6619FE379 ] arc            C:\Windows\system32\drivers\arc.sys
12:05:40.0290 4276  arc - ok
12:05:40.0306 4276  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:05:40.0322 4276  arcsas - ok
12:05:40.0368 4276  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:40.0431 4276  AsyncMac - ok
12:05:40.0478 4276  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi          C:\Windows\system32\drivers\atapi.sys
12:05:40.0493 4276  atapi - ok
12:05:40.0540 4276  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:05:40.0572 4276  AudioEndpointBuilder - ok
12:05:40.0572 4276  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:05:40.0603 4276  Audiosrv - ok
12:05:40.0712 4276  [ BF3B991E0E22F9E6A82CCF6512CB51D0 ] AVKProxy        C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
12:05:40.0775 4276  AVKProxy - ok
12:05:40.0822 4276  [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService      C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
12:05:40.0868 4276  AVKService - ok
12:05:40.0915 4276  [ EF3F025FE3393E0A240952E025E7D30D ] AVKWCtl        C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
12:05:40.0993 4276  AVKWCtl - ok
12:05:41.0040 4276  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:05:41.0087 4276  Beep - ok
12:05:41.0150 4276  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE            C:\Windows\System32\bfe.dll
12:05:41.0197 4276  BFE - ok
12:05:41.0259 4276  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
12:05:41.0306 4276  BITS - ok
12:05:41.0322 4276  blbdrive - ok
12:05:41.0353 4276  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:05:41.0384 4276  bowser - ok
12:05:41.0415 4276  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:05:41.0447 4276  BrFiltLo - ok
12:05:41.0478 4276  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:05:41.0525 4276  BrFiltUp - ok
12:05:41.0556 4276  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser        C:\Windows\System32\browser.dll
12:05:41.0587 4276  Browser - ok
12:05:41.0618 4276  [ B304E75CFF293029EDDF094246747113 ] Brserid        C:\Windows\system32\DRIVERS\BrSerId.sys
12:05:41.0681 4276  Brserid - ok
12:05:41.0681 4276  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:05:41.0743 4276  BrSerWdm - ok
12:05:41.0759 4276  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:05:41.0822 4276  BrUsbMdm - ok
12:05:41.0837 4276  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
12:05:41.0900 4276  BrUsbSer - ok
12:05:41.0962 4276  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc        C:\Program Files\Browny02\BrYNSvc.exe
12:05:41.0978 4276  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
12:05:41.0978 4276  BrYNSvc - detected UnsignedFile.Multi.Generic (1)
12:05:42.0009 4276  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:05:42.0056 4276  BTHMODEM - ok
12:05:42.0103 4276  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:05:42.0134 4276  cdfs - ok
12:05:42.0165 4276  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
12:05:42.0197 4276  cdrom - ok
12:05:42.0243 4276  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc    C:\Windows\System32\certprop.dll
12:05:42.0259 4276  CertPropSvc - ok
12:05:42.0275 4276  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:05:42.0337 4276  circlass - ok
12:05:42.0368 4276  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:05:42.0400 4276  CLFS - ok
12:05:42.0431 4276  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:42.0447 4276  clr_optimization_v2.0.50727_32 - ok
12:05:42.0525 4276  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:42.0540 4276  clr_optimization_v4.0.30319_32 - ok
12:05:42.0540 4276  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:05:42.0556 4276  cmdide - ok
12:05:42.0572 4276  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:05:42.0587 4276  Compbatt - ok
12:05:42.0603 4276  COMSysApp - ok
12:05:42.0618 4276  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
12:05:42.0634 4276  crcdisk - ok
12:05:42.0650 4276  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:05:42.0712 4276  Crusoe - ok
12:05:42.0759 4276  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:05:42.0790 4276  CryptSvc - ok
12:05:42.0853 4276  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:05:42.0900 4276  DcomLaunch - ok
12:05:42.0931 4276  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:05:42.0962 4276  DfsC - ok
12:05:43.0040 4276  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
12:05:43.0150 4276  DFSR - ok
12:05:43.0212 4276  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:05:43.0243 4276  Dhcp - ok
12:05:43.0290 4276  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
12:05:43.0306 4276  disk - ok
12:05:43.0337 4276  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:05:43.0368 4276  Dnscache - ok
12:05:43.0415 4276  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc        C:\Windows\System32\dot3svc.dll
12:05:43.0447 4276  dot3svc - ok
12:05:43.0493 4276  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS            C:\Windows\system32\dps.dll
12:05:43.0540 4276  DPS - ok
12:05:43.0572 4276  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
12:05:43.0603 4276  drmkaud - ok
12:05:43.0650 4276  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
12:05:43.0697 4276  DXGKrnl - ok
12:05:43.0728 4276  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60          C:\Windows\system32\DRIVERS\E1G60I32.sys
12:05:43.0790 4276  E1G60 - ok
12:05:43.0822 4276  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost        C:\Windows\System32\eapsvc.dll
12:05:43.0868 4276  EapHost - ok
12:05:43.0915 4276  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:05:43.0931 4276  Ecache - ok
12:05:43.0947 4276  [ E8F3F21A71720C84BCF423B80028359F ] elxstor        C:\Windows\system32\drivers\elxstor.sys
12:05:43.0962 4276  elxstor - ok
12:05:44.0025 4276  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
12:05:44.0072 4276  EMDMgmt - ok
12:05:44.0118 4276  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem    C:\Windows\system32\es.dll
12:05:44.0165 4276  EventSystem - ok
12:05:44.0212 4276  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat          C:\Windows\system32\drivers\exfat.sys
12:05:44.0259 4276  exfat - ok
12:05:44.0290 4276  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
12:05:44.0322 4276  fastfat - ok
12:05:44.0337 4276  [ 63BDADA84951B9C03E641800E176898A ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
12:05:44.0400 4276  fdc - ok
12:05:44.0415 4276  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost        C:\Windows\system32\fdPHost.dll
12:05:44.0447 4276  fdPHost - ok
12:05:44.0462 4276  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:05:44.0525 4276  FDResPub - ok
12:05:44.0540 4276  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:05:44.0556 4276  FileInfo - ok
12:05:44.0572 4276  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
12:05:44.0634 4276  Filetrace - ok
12:05:44.0650 4276  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:44.0712 4276  flpydisk - ok
12:05:44.0728 4276  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:05:44.0759 4276  FltMgr - ok
12:05:44.0822 4276  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache      C:\Windows\system32\FntCache.dll
12:05:44.0884 4276  FontCache - ok
12:05:44.0915 4276  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:05:44.0931 4276  FontCache3.0.0.0 - ok
12:05:44.0962 4276  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:05:44.0993 4276  Fs_Rec - ok
12:05:45.0009 4276  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:05:45.0025 4276  gagp30kx - ok
12:05:45.0056 4276  [ 7094E1D622491D2FD34558ADAC80321C ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
12:05:45.0072 4276  GDBehave - ok
12:05:45.0165 4276  [ 1AF3FA6702A67BD7F821532D9A62EC59 ] GDFwSvc        C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
12:05:45.0243 4276  GDFwSvc - ok
12:05:45.0275 4276  [ 08204492943D2CFAE0D9F1FDAB5D38AE ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
12:05:45.0290 4276  GDMnIcpt - ok
12:05:45.0322 4276  [ BA3C7729FF3E55AD2DBBC7AC01A19465 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
12:05:45.0337 4276  GDPkIcpt - ok
12:05:45.0368 4276  [ B7D4DF09A86A5DC98F74A2FA2875C154 ] GDScan          C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
12:05:45.0415 4276  GDScan - ok
12:05:45.0447 4276  [ BF2749B55175E423BDA67C8CF1CCBEF0 ] gdwfpcd        C:\Windows\system32\drivers\gdwfpcd32.sys
12:05:45.0478 4276  gdwfpcd - ok
12:05:45.0509 4276  [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM    C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:05:45.0525 4276  GEARAspiWDM - ok
12:05:45.0572 4276  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc          C:\Windows\System32\gpsvc.dll
12:05:45.0634 4276  gpsvc - ok
12:05:45.0728 4276  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
12:05:45.0743 4276  gupdate - ok
12:05:45.0743 4276  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:05:45.0759 4276  gupdatem - ok
12:05:45.0806 4276  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:05:45.0868 4276  HdAudAddService - ok
12:05:45.0900 4276  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:05:45.0947 4276  HDAudBus - ok
12:05:45.0978 4276  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:05:46.0025 4276  HidBth - ok
12:05:46.0025 4276  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr          C:\Windows\system32\drivers\hidir.sys
12:05:46.0072 4276  HidIr - ok
12:05:46.0087 4276  [ 84067081F3318162797385E11A8F0582 ] hidserv        C:\Windows\system32\hidserv.dll
12:05:46.0118 4276  hidserv - ok
12:05:46.0165 4276  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:05:46.0212 4276  HidUsb - ok
12:05:46.0243 4276  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:05:46.0275 4276  hkmsvc - ok
12:05:46.0306 4276  [ A3D1EE9B310ED1FE6136FEC4E0DEA366 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
12:05:46.0322 4276  HookCentre - ok
12:05:46.0337 4276  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
12:05:46.0353 4276  HpCISSs - ok
12:05:46.0400 4276  [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:05:46.0462 4276  HTTP - ok
12:05:46.0478 4276  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp          C:\Windows\system32\drivers\i2omp.sys
12:05:46.0493 4276  i2omp - ok
12:05:46.0556 4276  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:05:46.0587 4276  i8042prt - ok
12:05:46.0665 4276  [ 9378D57E2B96C0A185D844770AD49948 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:05:46.0790 4276  ialm - ok
12:05:46.0837 4276  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
12:05:46.0853 4276  iaStorV - ok
12:05:46.0915 4276  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:05:46.0931 4276  IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:05:46.0931 4276  IDriverT - detected UnsignedFile.Multi.Generic (1)
12:05:46.0993 4276  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:05:47.0040 4276  idsvc - ok
12:05:47.0118 4276  [ 9378D57E2B96C0A185D844770AD49948 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:05:47.0181 4276  igfx - ok
12:05:47.0212 4276  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
12:05:47.0228 4276  iirsp - ok
12:05:47.0275 4276  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:05:47.0322 4276  IKEEXT - ok
12:05:47.0400 4276  [ 4E38A2883DF3BA382A59132B3E7D709E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:05:47.0478 4276  IntcAzAudAddService - ok
12:05:47.0525 4276  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:05:47.0540 4276  intelide - ok
12:05:47.0556 4276  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:05:47.0587 4276  intelppm - ok
12:05:47.0634 4276  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
12:05:47.0665 4276  IPBusEnum - ok
12:05:47.0681 4276  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:47.0712 4276  IpFilterDriver - ok
12:05:47.0759 4276  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:05:47.0775 4276  iphlpsvc - ok
12:05:47.0790 4276  IpInIp - ok
12:05:47.0822 4276  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
12:05:47.0868 4276  IPMIDRV - ok
12:05:47.0900 4276  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
12:05:47.0931 4276  IPNAT - ok
12:05:47.0947 4276  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:05:47.0993 4276  IRENUM - ok
12:05:48.0025 4276  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:05:48.0040 4276  isapnp - ok
12:05:48.0056 4276  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:05:48.0072 4276  iScsiPrt - ok
12:05:48.0087 4276  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:05:48.0103 4276  iteatapi - ok
12:05:48.0134 4276  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid        C:\Windows\system32\drivers\iteraid.sys
12:05:48.0134 4276  iteraid - ok
12:05:48.0181 4276  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:48.0197 4276  kbdclass - ok
12:05:48.0212 4276  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:05:48.0275 4276  kbdhid - ok
12:05:48.0306 4276  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
12:05:48.0337 4276  KeyIso - ok
12:05:48.0384 4276  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:05:48.0415 4276  KSecDD - ok
12:05:48.0462 4276  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm          C:\Windows\system32\msdtckrm.dll
12:05:48.0525 4276  KtmRm - ok
12:05:48.0572 4276  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:05:48.0603 4276  LanmanServer - ok
12:05:48.0665 4276  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:05:48.0681 4276  LanmanWorkstation - ok
12:05:48.0759 4276  [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:05:48.0775 4276  LightScribeService - ok
12:05:48.0806 4276  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:05:48.0853 4276  lltdio - ok
12:05:48.0868 4276  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
12:05:48.0915 4276  lltdsvc - ok
12:05:48.0931 4276  lmab_device - ok
12:05:48.0962 4276  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts        C:\Windows\System32\lmhsvc.dll
12:05:49.0025 4276  lmhosts - ok
12:05:49.0056 4276  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:05:49.0072 4276  LSI_FC - ok
12:05:49.0087 4276  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
12:05:49.0103 4276  LSI_SAS - ok
12:05:49.0118 4276  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:05:49.0134 4276  LSI_SCSI - ok
12:05:49.0165 4276  [ 8F5C7426567798E62A3B3614965D62CC ] luafv          C:\Windows\system32\drivers\luafv.sys
12:05:49.0212 4276  luafv - ok
12:05:49.0243 4276  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
12:05:49.0259 4276  MBAMProtector - ok
12:05:49.0322 4276  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:05:49.0353 4276  MBAMScheduler - ok
12:05:49.0384 4276  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:05:49.0431 4276  MBAMService - ok
12:05:49.0462 4276  [ D153B14FC6598EAE8422A2037553ADCE ] megasas        C:\Windows\system32\drivers\megasas.sys
12:05:49.0478 4276  megasas - ok
12:05:49.0509 4276  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS          C:\Windows\system32\mmcss.dll
12:05:49.0540 4276  MMCSS - ok
12:05:49.0556 4276  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem          C:\Windows\system32\drivers\modem.sys
12:05:49.0603 4276  Modem - ok
12:05:49.0634 4276  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
12:05:49.0697 4276  monitor - ok
12:05:49.0728 4276  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:05:49.0743 4276  mouclass - ok
12:05:49.0759 4276  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:05:49.0806 4276  mouhid - ok
12:05:49.0822 4276  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:05:49.0837 4276  MountMgr - ok
12:05:49.0884 4276  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:05:49.0900 4276  MozillaMaintenance - ok
12:05:49.0931 4276  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:05:49.0947 4276  mpio - ok
12:05:49.0962 4276  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:05:49.0993 4276  mpsdrv - ok
12:05:50.0040 4276  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:05:50.0072 4276  MpsSvc - ok
12:05:50.0087 4276  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:05:50.0103 4276  Mraid35x - ok
12:05:50.0134 4276  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:05:50.0181 4276  MRxDAV - ok
12:05:50.0228 4276  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:50.0243 4276  mrxsmb - ok
12:05:50.0275 4276  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:50.0306 4276  mrxsmb10 - ok
12:05:50.0322 4276  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:50.0353 4276  mrxsmb20 - ok
12:05:50.0368 4276  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:05:50.0384 4276  msahci - ok
12:05:50.0400 4276  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
12:05:50.0415 4276  msdsm - ok
12:05:50.0447 4276  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC          C:\Windows\System32\msdtc.exe
12:05:50.0478 4276  MSDTC - ok
12:05:50.0493 4276  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:05:50.0540 4276  Msfs - ok
12:05:50.0572 4276  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:05:50.0587 4276  msisadrv - ok
12:05:50.0618 4276  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
12:05:50.0650 4276  MSiSCSI - ok
12:05:50.0650 4276  msiserver - ok
12:05:50.0697 4276  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
12:05:50.0743 4276  MSKSSRV - ok
12:05:50.0759 4276  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:50.0806 4276  MSPCLOCK - ok
12:05:50.0822 4276  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
12:05:50.0853 4276  MSPQM - ok
12:05:50.0884 4276  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
12:05:50.0915 4276  MsRPC - ok
12:05:50.0915 4276  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:05:50.0931 4276  mssmbios - ok
12:05:50.0947 4276  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
12:05:50.0993 4276  MSTEE - ok
12:05:51.0025 4276  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup            C:\Windows\system32\Drivers\mup.sys
12:05:51.0040 4276  Mup - ok
12:05:51.0072 4276  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:05:51.0103 4276  napagent - ok
12:05:51.0134 4276  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
12:05:51.0165 4276  NativeWifiP - ok
12:05:51.0228 4276  [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService      C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
12:05:51.0259 4276  NBService - ok
12:05:51.0353 4276  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:05:51.0384 4276  NDIS - ok
12:05:51.0400 4276  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:51.0431 4276  NdisTapi - ok
12:05:51.0462 4276  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:51.0509 4276  Ndisuio - ok
12:05:51.0540 4276  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:51.0572 4276  NdisWan - ok
12:05:51.0587 4276  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
12:05:51.0618 4276  NDProxy - ok
12:05:51.0618 4276  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
12:05:51.0665 4276  NetBIOS - ok
12:05:51.0697 4276  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
12:05:51.0743 4276  netbt - ok
12:05:51.0759 4276  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
12:05:51.0775 4276  Netlogon - ok
12:05:51.0790 4276  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
12:05:51.0837 4276  Netman - ok
12:05:51.0853 4276  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:05:51.0884 4276  netprofm - ok
12:05:51.0931 4276  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:05:51.0947 4276  NetTcpPortSharing - ok
12:05:51.0978 4276  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
12:05:51.0978 4276  nfrd960 - ok
12:05:52.0072 4276  [ 30C11D08FD85A60825F2D1912E29C5A4 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
12:05:52.0087 4276  NitroReaderDriverReadSpool2 - ok
12:05:52.0103 4276  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:05:52.0150 4276  NlaSvc - ok
12:05:52.0212 4276  [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
12:05:52.0228 4276  NMIndexingService - ok
12:05:52.0275 4276  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:05:52.0306 4276  Npfs - ok
12:05:52.0322 4276  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi            C:\Windows\system32\nsisvc.dll
12:05:52.0368 4276  nsi - ok
12:05:52.0384 4276  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:05:52.0415 4276  nsiproxy - ok
12:05:52.0462 4276  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:05:52.0509 4276  Ntfs - ok
12:05:52.0540 4276  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi      C:\Windows\system32\drivers\ntrigdigi.sys
12:05:52.0587 4276  ntrigdigi - ok
12:05:52.0618 4276  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
12:05:52.0650 4276  Null - ok
12:05:52.0650 4276  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:05:52.0665 4276  nvraid - ok
12:05:52.0697 4276  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:05:52.0697 4276  nvstor - ok
12:05:52.0728 4276  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:05:52.0743 4276  nv_agp - ok
12:05:52.0743 4276  NwlnkFlt - ok
12:05:52.0759 4276  NwlnkFwd - ok
12:05:52.0837 4276  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:05:52.0853 4276  odserv - ok
12:05:52.0884 4276  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:05:52.0931 4276  ohci1394 - ok
12:05:52.0962 4276  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:05:52.0978 4276  ose - ok
12:05:53.0009 4276  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:05:53.0087 4276  p2pimsvc - ok
12:05:53.0103 4276  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:05:53.0150 4276  p2psvc - ok
12:05:53.0181 4276  [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
12:05:53.0212 4276  Parport - ok
12:05:53.0243 4276  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
12:05:53.0275 4276  partmgr - ok
12:05:53.0275 4276  [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
12:05:53.0306 4276  Parvdm - ok
12:05:53.0337 4276  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:05:53.0368 4276  PcaSvc - ok
12:05:53.0400 4276  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci            C:\Windows\system32\drivers\pci.sys
12:05:53.0415 4276  pci - ok
12:05:53.0462 4276  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:05:53.0462 4276  pciide - ok
12:05:53.0493 4276  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:05:53.0509 4276  pcmcia - ok
12:05:53.0556 4276  [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
12:05:53.0572 4276  PDFProFiltSrvPP - ok
12:05:53.0618 4276  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:05:53.0728 4276  PEAUTH - ok
12:05:53.0822 4276  [ B1689DF169143F57053F795390C99DB3 ] pla            C:\Windows\system32\pla.dll
12:05:53.0900 4276  pla - ok
12:05:53.0947 4276  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:05:53.0993 4276  PlugPlay - ok
12:05:54.0009 4276  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
12:05:54.0056 4276  PNRPAutoReg - ok
12:05:54.0072 4276  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc        C:\Windows\system32\p2psvc.dll
12:05:54.0103 4276  PNRPsvc - ok
12:05:54.0150 4276  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
12:05:54.0197 4276  PolicyAgent - ok
12:05:54.0228 4276  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:05:54.0275 4276  PptpMiniport - ok
12:05:54.0290 4276  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor      C:\Windows\system32\drivers\processr.sys
12:05:54.0353 4276  Processor - ok
12:05:54.0368 4276  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc        C:\Windows\system32\profsvc.dll
12:05:54.0384 4276  ProfSvc - ok
12:05:54.0400 4276  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:05:54.0415 4276  ProtectedStorage - ok
12:05:54.0447 4276  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:05:54.0478 4276  PSched - ok
12:05:54.0509 4276  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:05:54.0572 4276  ql2300 - ok
12:05:54.0587 4276  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:05:54.0603 4276  ql40xx - ok
12:05:54.0634 4276  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE          C:\Windows\system32\qwave.dll
12:05:54.0665 4276  QWAVE - ok
12:05:54.0681 4276  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:05:54.0712 4276  QWAVEdrv - ok
12:05:54.0712 4276  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:05:54.0759 4276  RasAcd - ok
12:05:54.0775 4276  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto        C:\Windows\System32\rasauto.dll
12:05:54.0806 4276  RasAuto - ok
12:05:54.0837 4276  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:54.0884 4276  Rasl2tp - ok
12:05:54.0915 4276  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
12:05:54.0947 4276  RasMan - ok
12:05:54.0978 4276  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:55.0009 4276  RasPppoe - ok
12:05:55.0056 4276  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
12:05:55.0087 4276  RasSstp - ok
12:05:55.0118 4276  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
12:05:55.0150 4276  rdbss - ok
12:05:55.0165 4276  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:55.0212 4276  RDPCDD - ok
12:05:55.0228 4276  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
12:05:55.0290 4276  rdpdr - ok
12:05:55.0290 4276  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:05:55.0337 4276  RDPENCDD - ok
12:05:55.0368 4276  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
12:05:55.0415 4276  RDPWD - ok
12:05:55.0462 4276  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:05:55.0509 4276  RemoteAccess - ok
12:05:55.0540 4276  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:05:55.0572 4276  RemoteRegistry - ok
12:05:55.0587 4276  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:05:55.0618 4276  RpcLocator - ok
12:05:55.0634 4276  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs          C:\Windows\system32\rpcss.dll
12:05:55.0681 4276  RpcSs - ok
12:05:55.0712 4276  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:05:55.0743 4276  rspndr - ok
12:05:55.0775 4276  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169        C:\Windows\system32\DRIVERS\Rtlh86.sys
12:05:55.0837 4276  RTL8169 - ok
12:05:55.0837 4276  [ A3E186B4B935905B829219502557314E ] SamSs          C:\Windows\system32\lsass.exe
12:05:55.0868 4276  SamSs - ok
12:05:55.0884 4276  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:05:55.0900 4276  sbp2port - ok
12:05:55.0947 4276  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:05:55.0993 4276  SCardSvr - ok
12:05:56.0025 4276  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
12:05:56.0072 4276  Schedule - ok
12:05:56.0087 4276  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc    C:\Windows\System32\certprop.dll
12:05:56.0118 4276  SCPolicySvc - ok
12:05:56.0134 4276  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:05:56.0181 4276  SDRSVC - ok
12:05:56.0197 4276  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:05:56.0259 4276  secdrv - ok
12:05:56.0290 4276  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
12:05:56.0322 4276  seclogon - ok
12:05:56.0368 4276  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
12:05:56.0400 4276  SENS - ok
12:05:56.0415 4276  [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
12:05:56.0447 4276  Serenum - ok
12:05:56.0478 4276  [ 6D663022DB3E7058907784AE14B69898 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:05:56.0525 4276  Serial - ok
12:05:56.0540 4276  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:05:56.0572 4276  sermouse - ok
12:05:56.0618 4276  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:05:56.0650 4276  SessionEnv - ok
12:05:56.0665 4276  [ 103B79418DA647736EE95645F305F68A ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
12:05:56.0712 4276  sffdisk - ok
12:05:56.0712 4276  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:05:56.0790 4276  sffp_mmc - ok
12:05:56.0806 4276  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
12:05:56.0853 4276  sffp_sd - ok
12:05:56.0884 4276  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
12:05:56.0931 4276  sfloppy - ok
12:05:56.0962 4276  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:05:57.0009 4276  SharedAccess - ok
12:05:57.0056 4276  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:05:57.0087 4276  ShellHWDetection - ok
12:05:57.0103 4276  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:05:57.0118 4276  sisagp - ok
12:05:57.0134 4276  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:05:57.0150 4276  SiSRaid2 - ok
12:05:57.0165 4276  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:05:57.0181 4276  SiSRaid4 - ok
12:05:57.0243 4276  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
12:05:57.0243 4276  SkypeUpdate - ok
12:05:57.0353 4276  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc          C:\Windows\system32\SLsvc.exe
12:05:57.0447 4276  slsvc - ok
12:05:57.0462 4276  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:05:57.0493 4276  SLUINotify - ok
12:05:57.0525 4276  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
12:05:57.0556 4276  Smb - ok
12:05:57.0587 4276  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:05:57.0603 4276  SNMPTRAP - ok
12:05:57.0634 4276  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr          C:\Windows\system32\drivers\spldr.sys
12:05:57.0650 4276  spldr - ok
12:05:57.0697 4276  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler        C:\Windows\System32\spoolsv.exe
12:05:57.0728 4276  Spooler - ok
12:05:57.0759 4276  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv            C:\Windows\system32\DRIVERS\srv.sys
12:05:57.0822 4276  srv - ok
12:05:57.0853 4276  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:05:57.0884 4276  srv2 - ok
12:05:57.0915 4276  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:05:57.0947 4276  srvnet - ok
12:05:57.0978 4276  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
12:05:58.0009 4276  SSDPSRV - ok
12:05:58.0040 4276  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
12:05:58.0072 4276  SstpSvc - ok
12:05:58.0103 4276  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:05:58.0134 4276  StillCam - ok
12:05:58.0165 4276  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:05:58.0197 4276  stisvc - ok
12:05:58.0228 4276  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:05:58.0243 4276  swenum - ok
12:05:58.0275 4276  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv          C:\Windows\System32\swprv.dll
12:05:58.0306 4276  swprv - ok
12:05:58.0353 4276  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
12:05:58.0368 4276  Symc8xx - ok
12:05:58.0384 4276  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:05:58.0400 4276  Sym_hi - ok
12:05:58.0415 4276  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:05:58.0431 4276  Sym_u3 - ok
12:05:58.0478 4276  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain        C:\Windows\system32\sysmain.dll
12:05:58.0525 4276  SysMain - ok
12:05:58.0540 4276  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:05:58.0572 4276  TabletInputService - ok
12:05:58.0618 4276  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv        C:\Windows\System32\tapisrv.dll
12:05:58.0634 4276  TapiSrv - ok
12:05:58.0665 4276  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS            C:\Windows\System32\tbssvc.dll
12:05:58.0697 4276  TBS - ok
12:05:58.0759 4276  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
12:05:58.0790 4276  Tcpip - ok
12:05:58.0822 4276  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:05:58.0853 4276  Tcpip6 - ok
12:05:58.0915 4276  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:05:58.0947 4276  tcpipreg - ok
12:05:58.0962 4276  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:05:58.0993 4276  TDPIPE - ok
12:05:59.0009 4276  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
12:05:59.0040 4276  TDTCP - ok
12:05:59.0056 4276  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
12:05:59.0087 4276  tdx - ok
12:05:59.0103 4276  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:05:59.0118 4276  TermDD - ok
12:05:59.0150 4276  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService    C:\Windows\System32\termsrv.dll
12:05:59.0197 4276  TermService - ok
12:05:59.0228 4276  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
12:05:59.0243 4276  Themes - ok
12:05:59.0243 4276  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER    C:\Windows\system32\mmcss.dll
12:05:59.0275 4276  THREADORDER - ok
12:05:59.0306 4276  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
12:05:59.0337 4276  TrkWks - ok
12:05:59.0400 4276  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:05:59.0431 4276  TrustedInstaller - ok
12:05:59.0462 4276  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:59.0493 4276  tssecsrv - ok
12:05:59.0525 4276  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
12:05:59.0556 4276  tunmp - ok
12:05:59.0587 4276  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:05:59.0603 4276  tunnel - ok
12:05:59.0634 4276  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:05:59.0650 4276  uagp35 - ok
12:05:59.0697 4276  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:05:59.0728 4276  udfs - ok
12:05:59.0759 4276  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
12:05:59.0806 4276  UI0Detect - ok
12:05:59.0806 4276  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:05:59.0837 4276  uliagpkx - ok
12:05:59.0853 4276  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci        C:\Windows\system32\drivers\uliahci.sys
12:05:59.0868 4276  uliahci - ok
12:05:59.0884 4276  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:05:59.0900 4276  UlSata - ok
12:05:59.0915 4276  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
12:05:59.0947 4276  ulsata2 - ok
12:05:59.0978 4276  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
12:06:00.0009 4276  umbus - ok
12:06:00.0056 4276  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:06:00.0103 4276  upnphost - ok
12:06:00.0134 4276  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:00.0165 4276  usbccgp - ok
12:06:00.0181 4276  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:06:00.0228 4276  usbcir - ok
12:06:00.0259 4276  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
12:06:00.0275 4276  usbehci - ok
12:06:00.0337 4276  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:06:00.0384 4276  usbhub - ok
12:06:00.0400 4276  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci        C:\Windows\system32\drivers\usbohci.sys
12:06:00.0447 4276  usbohci - ok
12:06:00.0493 4276  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:06:00.0540 4276  usbprint - ok
12:06:00.0572 4276  [ A508C9BD8724980512136B039BBA65E9 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
12:06:00.0603 4276  usbscan - ok
12:06:00.0634 4276  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:00.0650 4276  USBSTOR - ok
12:06:00.0681 4276  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
12:06:00.0712 4276  usbuhci - ok
12:06:00.0743 4276  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms          C:\Windows\System32\uxsms.dll
12:06:00.0759 4276  UxSms - ok
12:06:00.0868 4276  [ CD88D1B7776DC17A119049742EC07EB4 ] vds            C:\Windows\System32\vds.exe
12:06:00.0915 4276  vds - ok
12:06:00.0947 4276  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:00.0993 4276  vga - ok
12:06:01.0009 4276  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave        C:\Windows\System32\drivers\vga.sys
12:06:01.0056 4276  VgaSave - ok
12:06:01.0072 4276  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:06:01.0103 4276  viaagp - ok
12:06:01.0118 4276  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7          C:\Windows\system32\drivers\viac7.sys
12:06:01.0165 4276  ViaC7 - ok
12:06:01.0181 4276  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:06:01.0197 4276  viaide - ok
12:06:01.0212 4276  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:06:01.0228 4276  volmgr - ok
12:06:01.0275 4276  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
12:06:01.0306 4276  volmgrx - ok
12:06:01.0337 4276  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
12:06:01.0368 4276  volsnap - ok
12:06:01.0384 4276  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
12:06:01.0400 4276  vsmraid - ok
12:06:01.0462 4276  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS            C:\Windows\system32\vssvc.exe
12:06:01.0540 4276  VSS - ok
12:06:01.0572 4276  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time        C:\Windows\system32\w32time.dll
12:06:01.0618 4276  W32Time - ok
12:06:01.0634 4276  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:06:01.0681 4276  WacomPen - ok
12:06:01.0712 4276  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:06:01.0743 4276  Wanarp - ok
12:06:01.0743 4276  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:06:01.0775 4276  Wanarpv6 - ok
12:06:01.0822 4276  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc        C:\Windows\System32\wcncsvc.dll
12:06:01.0868 4276  wcncsvc - ok
12:06:01.0884 4276  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:06:01.0915 4276  WcsPlugInService - ok
12:06:01.0947 4276  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:06:01.0962 4276  Wd - ok
12:06:01.0978 4276  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:06:02.0009 4276  Wdf01000 - ok
12:06:02.0025 4276  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:06:02.0056 4276  WdiServiceHost - ok
12:06:02.0072 4276  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost  C:\Windows\system32\wdi.dll
12:06:02.0103 4276  WdiSystemHost - ok
12:06:02.0150 4276  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient      C:\Windows\System32\webclnt.dll
12:06:02.0181 4276  WebClient - ok
12:06:02.0228 4276  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:06:02.0275 4276  Wecsvc - ok
12:06:02.0306 4276  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
12:06:02.0337 4276  wercplsupport - ok
12:06:02.0368 4276  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:06:02.0400 4276  WerSvc - ok
12:06:02.0478 4276  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
12:06:02.0493 4276  WinDefend - ok
12:06:02.0509 4276  WinHttpAutoProxySvc - ok
12:06:02.0603 4276  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
12:06:02.0634 4276  Winmgmt - ok
12:06:02.0759 4276  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM          C:\Windows\system32\WsmSvc.dll
12:06:02.0868 4276  WinRM - ok
12:06:02.0978 4276  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc        C:\Windows\System32\wlansvc.dll
12:06:03.0056 4276  Wlansvc - ok
12:06:03.0087 4276  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
12:06:03.0134 4276  WmiAcpi - ok
12:06:03.0181 4276  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:06:03.0212 4276  wmiApSrv - ok
12:06:03.0572 4276  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
12:06:03.0712 4276  WMPNetworkSvc - ok
12:06:03.0775 4276  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:06:03.0853 4276  WPCSvc - ok
12:06:03.0900 4276  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:06:03.0947 4276  WPDBusEnum - ok
12:06:03.0993 4276  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:06:04.0009 4276  WpdUsb - ok
12:06:04.0134 4276  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:06:04.0165 4276  WPFFontCache_v0400 - ok
12:06:04.0197 4276  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
12:06:04.0243 4276  ws2ifsl - ok
12:06:04.0275 4276  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
12:06:04.0306 4276  wscsvc - ok
12:06:04.0337 4276  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:06:04.0368 4276  WSDPrintDevice - ok
12:06:04.0368 4276  WSearch - ok
12:06:04.0447 4276  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:06:04.0509 4276  wuauserv - ok
12:06:04.0556 4276  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:04.0587 4276  WUDFRd - ok
12:06:04.0603 4276  [ 575A4190D989F64732119E4114045A4F ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
12:06:04.0634 4276  wudfsvc - ok
12:06:04.0650 4276  ================ Scan global ===============================
12:06:04.0681 4276  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:06:04.0712 4276  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:04.0728 4276  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:04.0775 4276  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:06:04.0775 4276  [Global] - ok
12:06:04.0775 4276  ================ Scan MBR ==================================
12:06:04.0790 4276  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:06:05.0056 4276  \Device\Harddisk0\DR0 - ok
12:06:05.0056 4276  [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk1\DR1
12:06:05.0540 4276  \Device\Harddisk1\DR1 - ok
12:06:05.0540 4276  ================ Scan VBR ==================================
12:06:05.0556 4276  [ 2E8B2EDCB2FFC4A29D9A8EDE36D1D45E ] \Device\Harddisk0\DR0\Partition1
12:06:05.0556 4276  \Device\Harddisk0\DR0\Partition1 - ok
12:06:05.0572 4276  [ 6A7E02BD787FD688D5FAB97EF0260448 ] \Device\Harddisk0\DR0\Partition2
12:06:05.0572 4276  \Device\Harddisk0\DR0\Partition2 - ok
12:06:05.0572 4276  [ C3BAF05D0262E40C9E5704A7C3AB560E ] \Device\Harddisk1\DR1\Partition1
12:06:05.0587 4276  \Device\Harddisk1\DR1\Partition1 - ok
12:06:05.0587 4276  ============================================================
12:06:05.0587 4276  Scan finished
12:06:05.0587 4276  ============================================================
12:06:05.0603 4828  Detected object count: 2
12:06:05.0603 4828  Actual detected object count: 2
12:08:28.0614 4828  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:28.0614 4828  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:28.0614 4828  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:28.0614 4828  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:44:13.0943 7604  Deinitialize success

cosinus 22.10.2012 20:25
Ist unauffällig

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

smiley1 23.10.2012 17:02
Hier schon mal das Ergebnis von GMER. Ich bin mir aber nicht sicher ob der Scan tatsächlich komplett war oder ob das Tool auch beim zweiten Mal hängengeblieben ist :rolleyes:.

Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-23 17:57:27
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 SAMSUNG_HD161HJ rev.JF100-19
Running: jq0hvud3.exe; Driver: C:\Users\Benutzer\AppData\Local\Temp\kwldikog.sys


---- Kernel code sections - GMER 1.0.15 ----

.reloc          C:\Windows\system32\drivers\acehlp10.sys  section is executable [0x88176B80, 0x37FC7, 0xE0000060]
.reloc          C:\Windows\system32\drivers\acedrv10.sys  section is executable [0x80F04000, 0x459C1, 0xE0000060]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\fastfat \Fat                  fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Und hier das Ergebnis von OSAM:

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:22:10 on 23.10.2012

OS: Windows Vista Home Basic Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 16.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DDBACCPL.CPL" - "DataDesign AG" - C:\Windows\system32\DDBACCPL.CPL
"DDBACCTM.CPL" - "DataDesign AG" - C:\Windows\system32\DDBACCTM.CPL
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"acedrv10" (acedrv10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv10.sys
"acehlp10" (acehlp10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acehlp10.sys
"G Data WFP CD" (gdwfpcd) - "G Data Software AG" - C:\Windows\System32\drivers\gdwfpcd32.sys
"GDBehave" (GDBehave) - "G Data Software AG" - C:\Windows\System32\drivers\GDBehave.sys
"GDMnIcpt" (GDMnIcpt) - "G Data Software AG" - C:\Windows\system32\drivers\MiniIcpt.sys
"GDPkIcpt" (GDPkIcpt) - "G Data Software AG" - C:\Windows\system32\drivers\PktIcpt.sys
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\Drivers\GEARAspiWDM.sys
"HookCentre" (HookCentre) - "G Data Software AG" - C:\Windows\system32\drivers\HookCentre.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kwldikog" (kwldikog) - ? - C:\Users\Benutzer\AppData\Local\Temp\kwldikog.sys  (Hidden registry entry, rootkit activity | File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -  (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} "G Data BankGuard" - "G Data Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll
{551A852F-39A6-44A7-9C13-AFBEC9185A9D} "PlusIEEventHelper Class" - "Zeon Corporation" - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{0124123D-61B4-456f-AF86-78C53A0790C5} "{0124123D-61B4-456f-AF86-78C53A0790C5}" - ? -  (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"BackupServiceHomeRun" - "Alexander Seeliger Software" - C:\Program Files\Backup Service Home\Backup Service Home.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ISUSPM" - "Acresso Corporation" - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
"LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"Scan Buttons" - "NewSoft Technology Corporation" - C:\Program Files\Lexmark Applications\PageManager\Pmsb.exe
"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BrStsMon00" - "Brother Industries, Ltd." - C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
"ControlCenter4" - "Brother Industries, Ltd." - C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
"G Data AntiVirus Tray Application" - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
"GDFirewallTray" - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
"HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"IndexSearch" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
"LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"PaperPort PTD" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
"PDF5 Registry Controller" - "Nuance Communications, Inc." - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
"PDFHook" - "Nuance Communications, Inc." - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
"PPort12reminder" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WrtMon.exe" - ? - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"LIDIL hpzll5ha" - "Hewlett-Packard Company" - C:\Windows\system32\hpzll5ha.dll
"Nitro PDF Port Monitor" - "Nitro PDF Software" - C:\Windows\system32\nitrolocalmon2.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"BrYNSvc" (BrYNSvc) - "Brother Industries, Ltd." - C:\Program Files\Browny02\BrYNSvc.exe
"G Data AntiVirus Proxy" (AVKProxy) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
"G Data Dateisystem Wächter" (AVKWCtl) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
"G Data Personal Firewall" (GDFwSvc) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
"G Data Scanner" (GDScan) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
"G Data Scheduler" (AVKService) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"lmab_device" (lmab_device) - ? - C:\Windows\system32\LMabcoms.exe -service  (File not found)
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
"NitroPDFReaderDriverCreatorReadSpool2" (NitroReaderDriverReadSpool2) - "Nitro PDF Software" - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PDFProFiltSrvPP" (PDFProFiltSrvPP) - "Nuance Communications, Inc." - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Mit aswMBR.exe hatte ich ein paar Probleme. Ich hatte zwar keine Fehlermeldung aber anscheinend hat sich das Tool immer an der selben Stelle aufgehängt. Ich hab dann die Variante "AV Scan (none) gewählt. Hier das Ergebnis:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-23 20:56:31
-----------------------------
20:56:31.072    OS Version: Windows 6.0.6002 Service Pack 2
20:56:31.072    Number of processors: 2 586 0xF0D
20:56:31.150    ComputerName: BENUTZER-PC  UserName: Benutzer
20:56:31.697    Initialize success
20:56:47.369    AVAST engine defs: 12102300
20:57:07.916    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:57:07.916    Disk 0 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3
20:57:08.369    Disk 0 MBR read successfully
20:57:08.369    Disk 0 MBR scan
20:57:08.432    Disk 0 Windows VISTA default MBR code
20:57:08.541    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        80000 MB offset 2048
20:57:08.650    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        72625 MB offset 163842048
20:57:08.963    Disk 0 scanning sectors +312578048
20:57:09.557    Disk 0 scanning C:\Windows\system32\drivers
20:58:43.322    Service scanning
20:59:21.791    Modules scanning
21:01:14.010    Disk 0 trace - called modules:
21:01:14.025    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll intelide.sys PCIIDEX.SYS atapi.sys
21:01:14.525    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x848262c8]
21:01:14.525    3 CLASSPNP.SYS[8804a8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x845f2030]
21:01:14.525    Scan finished successfully
21:23:22.838    Disk 0 MBR has been saved successfully to "C:\Users\Benutzer\Desktop\MBR.dat"
21:23:22.854    The log file has been saved successfully to "C:\Users\Benutzer\Desktop\aswMBR.txt"

cosinus 23.10.2012 20:54
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Scans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

smiley1 24.10.2012 20:11
Zitat:
Zitat von cosinus (Beitrag 944132)
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Scans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
:daumenhoc

Hier schon mal Malwarebytes Quickscan:

Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.24.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19328
Benutzer :: BENUTZER-PC [Administrator]

Schutz: Aktiviert

24.10.2012 20:58:39
mbam-log-2012-10-24 (20-58-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 194453
Laufzeit: 5 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Ich hab das ungute Gefühl das der Log von SuperAntiSpyware nicht der richtige ist:confused:.

Ich habe den ersten Scan unterbrochen weil ich die Scann Optionen nicht geändert hatte. Dann habe ich den Scan mit den entsprechenden Scann Optionen neu gestartet und das system hat auch 2 Fehler (adware) gefunden - in dem Log steht aber nichts davon?

Code:
SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 10/24/2012 bei 09:22 PM

Version der Applikation : 5.6.1012

Version der Kern-Datenbank : 9466
Version der Spur-Datenbank : 7278

Scan Art      : kompletter Scann
Totale Scann-Zeit : 00:01:23

Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator

Gescannte Speicherelemente  : 105
Erfasste Speicher-Bedrohungen  : 0
Gescannte Register-Elemente  : 29978
Erfasste Register-Bedrohungen  : 0
Gescannte Datei-Elemente    : 3680
Erfasste Datei-Elemente  : 0

smiley1 28.10.2012 11:05
Hallo Cosinus - kannst du bei Gelegenheit nochmal nen Blick auf die letzten Logs werfen! :daumenhoc

cosinus 28.10.2012 12:26
Keine Funde! :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

smiley1 28.10.2012 16:48
Mein System scheint in Ordnung zu sein, keinerlei Funde und auch keine weiteren Probleme. :applaus:

Vielen lieben Dank für deine Unterstützung, Hilfe und Tipps - ohne dich wäre ich wirklich "verloren" gewesen! :daumenhoc

Jetzt brauche ich nur noch ne kurze Info wegen dem deinstallieren der Programme:

SuperAntispyware - Sasuninst.exe meldet dann irgendwas von Computer rebooten ist das ok?

Und die anderen Programme falls ich die überhaupt deinstallieren soll oder ist es sinnvoll die auf dem Rechner zu lassen!? Kann ich zum deinstallieren ganz normal über die Systemsteuerung von Windows gehen?

Es geht um:

GMER, OSAM, TDSS-Killer, OTL, Malwarebytes, ESET, adwCleaner

Danke dir nochmal und nen schönen Restsonntag noch - bald hast du "erstmal" Ruhe vor mir. :pfeiff:

cosinus 28.10.2012 17:25
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Scan machen, aber immer vorher ans Update denken.

Es empfiehlt sich auf jeden Fall nach der beseitigten Infektion auch möglichst alle Passwörter zu ändern.

Abschließend ein ganz wichtiger Punkt: Absicherung des Rechners, aktualisieren der Programme siehe http://www.trojaner-board.de/96344-a...tml#post627442


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:53 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129