| |
| |||||||
Log-Analyse und Auswertung: Log File avira rescueWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.12.2012, 13:41
| #1 |
 |  Log File avira rescue Hallo. Ich wurde über meinen Email Dienst darauf aufmerksam gemacht, dass bei mir ein Virus an Werk sei. Einige Antiviren Programme haben dann auch was gefunden. Weiß nun nicht, wie ich den loswerde. Habe nun den Rechner über Avira Rescue CD Booten lassen und einen Virenscan gemacht. Ergebnis siehe unten. Weiß nun nicht, was ich jetzt machen soll. Bitte um Hilfe. Viele Grüße Logfiles Code:
ATTFilter Avira / Linux Version 1.9.152.0
Copyright (c) 2010 by Avira GmbH
All rights reserved
Engine Set 8.2.10.224
VDF Version 7.11.54.190
Scan Start time Mon Dec 24 12:38:46 2012
Configuration file: /etc/avira/scancl.conf
WARNING: [File is encrypted] /media/Devices/sda1/Program Files/avira_free_antivirus_de.exe -->avsdklist.zip
WARNING: [File is encrypted] /media/Devices/sda1/Program Files/avira_free_antivirus_de.exe -->manualuninstallconfig.zip
WARNING: [File is encrypted] /media/Devices/sda1/Program Files/avira_free_antivirus_de.exe -->productreleasenotes.zip
WARNING: [File is encrypted] /media/Devices/sda1/Program Files/avira_free_antivirus_de.exe -->qatestedproducts.zip
WARNING: [File is encrypted] /media/Devices/sda1/Program Files/Maris Technologies/Redshift 7 Launcher/AIMEngineData/UIGer.aim
ALERT: [TR/Rogue.kdv.796710]/media/Devices/sda1/Users/Administrator/AppData/Local/Temp/tmpee8a5452/pr.exe <<< Is the Trojan horse TR/Rogue.kdv.796710 [renamed]
ALERT: [APPL/lefix] /media/Devices/sda1/Users/Administrator/Desktop/SmitfraudFix/IEDFix.C.exe <<< Contains Signature of the application APPL/lefix [renamed]
WARNING: [File is encrypted] /media/Devices/sda1/Users/Administrator/Documents/Postbank/2012/TVM209763pk.zip
ERROR: [Engine internal error] /Media/Devices/sda1/Users/Administrator/X Installation Ralf/Unreal 3/Unreal Tournament 3.iso
ALERT: [APPL/lefix] /media/Devices/sda1/Windows/System32/IEDFix.C.exe <<< Contains Signature of the application APPL/lefix [renamed]
Statistics
Directories 29584
Archives 1373
Files 783039
Infected 3
Renamed 3
Warnings 7
Suspicious 0
Infections 3
Geändert von cosinus (26.12.2012 um 21:21 Uhr) Grund: CODE-Tags |
|
24.12.2012, 17:09
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Log File avira rescue Hallo und
__________________ Code:
ATTFilter Users/Administrator/Documents/Postbank/2012/TVM209763pk.zip
Users/Administrator/X Installation Ralf/Unreal 3/Unreal Tournament 3.iso
Program Files/Maris Technologies/Redshift 7 Launcher/AIMEngineData/UIGer.a
Zitat:
 Du hast ja nur das von Avira-Rescue gepostet  Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten.
__________________ |
|
24.12.2012, 17:36
| #3 |
| | Log File avira rescue Hi,
__________________also zu den ersten Fragen: Users/Administrator/Documents/Postbank/2012/TVM209763pk.zip ---> ist ein Dokument aus der Arbeit; gezippte Excel Dateien Users/Administrator/X Installation Ralf/Unreal 3/Unreal Tournament 3.iso ---> das hatte mir ein Kumpelt, der den REchner hier installiert hat raufgepackt (Unreal Torunament, Ballerspiel, funktioniert aber nicht, habe es auch jahrelang niemals aufgerufen) Program Files/Maris Technologies/Redshift 7 Launcher/AIMEngineData/UIGer.a ---> Download von CD Rom, so ne Art Astronimoieprogramm Nun zu den Logfiles: Ich habe hier zwei Scans mit Avira Antivirus gemacht (am 09.12.2012). Neuere Scans haben mir gesagt "Kein Fund". Die gefundenen "Viren" habe ich in Quarantäne stecken lassen, glaube aber, die sind eben immer noch da ... Dann habe ich noch "Threat Fir ausprobiert". Da lasse ich gerade noch nen aktuellen Lauf starten, da ich den Report nicht mehr habe ... Hier die Avira Logfiles: Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sunday, December 09, 2012 07:43
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista (TM) Ultimate
Windowsversion : (Service Pack 1) [6.0.6001]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : EXPERIENCE
Versionsinformationen:
BUILD.DAT : 13.0.0.2832 48424 Bytes 11/20/2012 13:46:00
AVSCAN.EXE : 13.4.0.294 639264 Bytes 11/26/2012 20:28:59
AVSCANRC.DLL : 13.4.0.219 64800 Bytes 10/9/2012 12:49:58
LUKE.DLL : 13.4.0.267 67360 Bytes 11/26/2012 20:29:17
AVSCPLR.DLL : 13.4.0.271 93984 Bytes 11/26/2012 20:29:19
AVREG.DLL : 13.4.0.267 245536 Bytes 11/26/2012 20:29:19
avlode.dll : 13.4.0.294 426784 Bytes 11/26/2012 20:29:20
avlode.rdf : 13.0.0.24 7196 Bytes 9/27/2012 09:30:38
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 13:50:29
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 13:50:31
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 13:50:34
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 13:50:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 13:50:37
VBASE005.VDF : 7.11.34.116 4034048 Bytes 6/29/2012 13:42:40
VBASE006.VDF : 7.11.41.250 4902400 Bytes 9/6/2012 13:42:40
VBASE007.VDF : 7.11.50.230 3904512 Bytes 11/22/2012 12:18:42
VBASE008.VDF : 7.11.50.231 2048 Bytes 11/22/2012 12:18:42
VBASE009.VDF : 7.11.50.232 2048 Bytes 11/22/2012 12:18:42
VBASE010.VDF : 7.11.50.233 2048 Bytes 11/22/2012 12:18:42
VBASE011.VDF : 7.11.50.234 2048 Bytes 11/22/2012 12:18:42
VBASE012.VDF : 7.11.50.235 2048 Bytes 11/22/2012 12:18:42
VBASE013.VDF : 7.11.50.236 2048 Bytes 11/22/2012 12:18:42
VBASE014.VDF : 7.11.51.27 133632 Bytes 11/23/2012 12:18:43
VBASE015.VDF : 7.11.51.95 140288 Bytes 11/26/2012 20:28:47
VBASE016.VDF : 7.11.51.96 2048 Bytes 11/26/2012 20:28:48
VBASE017.VDF : 7.11.51.97 2048 Bytes 11/26/2012 20:28:48
VBASE018.VDF : 7.11.51.98 2048 Bytes 11/26/2012 20:28:48
VBASE019.VDF : 7.11.51.99 2048 Bytes 11/26/2012 20:28:48
VBASE020.VDF : 7.11.51.100 2048 Bytes 11/26/2012 20:28:48
VBASE021.VDF : 7.11.51.101 2048 Bytes 11/26/2012 20:28:48
VBASE022.VDF : 7.11.51.102 2048 Bytes 11/26/2012 20:28:48
VBASE023.VDF : 7.11.51.103 2048 Bytes 11/26/2012 20:28:48
VBASE024.VDF : 7.11.51.104 2048 Bytes 11/26/2012 20:28:48
VBASE025.VDF : 7.11.51.105 2048 Bytes 11/26/2012 20:28:48
VBASE026.VDF : 7.11.51.106 2048 Bytes 11/26/2012 20:28:48
VBASE027.VDF : 7.11.51.107 2048 Bytes 11/26/2012 20:28:48
VBASE028.VDF : 7.11.51.108 2048 Bytes 11/26/2012 20:28:49
VBASE029.VDF : 7.11.51.109 2048 Bytes 11/26/2012 20:28:49
VBASE030.VDF : 7.11.51.110 2048 Bytes 11/26/2012 20:28:49
VBASE031.VDF : 7.11.51.122 31232 Bytes 11/26/2012 20:28:49
Engineversion : 8.2.10.204
AEVDF.DLL : 8.1.2.10 102772 Bytes 9/19/2012 13:42:55
AESCRIPT.DLL : 8.1.4.68 467324 Bytes 11/25/2012 12:18:52
AESCN.DLL : 8.1.9.4 131445 Bytes 11/25/2012 12:18:52
AESBX.DLL : 8.2.5.12 606578 Bytes 8/28/2012 15:58:06
AERDL.DLL : 8.2.0.74 643445 Bytes 11/7/2012 10:09:14
AEPACK.DLL : 8.3.0.40 815479 Bytes 11/25/2012 12:18:51
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 11/5/2012 14:00:38
AEHEUR.DLL : 8.1.4.142 5566841 Bytes 11/25/2012 12:18:50
AEHELP.DLL : 8.1.25.2 258423 Bytes 10/12/2012 14:52:32
AEGEN.DLL : 8.1.6.10 438646 Bytes 11/25/2012 12:18:45
AEEXP.DLL : 8.2.0.12 119158 Bytes 11/25/2012 12:18:52
AEEMU.DLL : 8.1.3.2 393587 Bytes 9/19/2012 13:42:55
AECORE.DLL : 8.1.29.2 201079 Bytes 11/7/2012 10:09:14
AEBB.DLL : 8.1.1.4 53619 Bytes 11/5/2012 14:00:38
AVWINLL.DLL : 13.4.0.163 25888 Bytes 9/19/2012 17:09:30
AVPREF.DLL : 13.4.0.163 50464 Bytes 9/19/2012 17:07:51
AVREP.DLL : 13.4.0.244 177952 Bytes 10/30/2012 13:06:41
AVARKT.DLL : 13.4.0.292 260384 Bytes 11/26/2012 20:28:52
AVEVTLOG.DLL : 13.4.0.267 167200 Bytes 11/26/2012 20:28:57
SQLITE3.DLL : 3.7.0.1 397088 Bytes 9/19/2012 17:17:40
AVSMTP.DLL : 13.4.0.163 62240 Bytes 9/19/2012 17:08:54
NETNT.DLL : 13.4.0.163 15648 Bytes 9/19/2012 17:16:26
RCIMAGE.DLL : 13.4.0.163 4780832 Bytes 9/19/2012 17:21:16
RCTEXT.DLL : 13.4.0.163 68384 Bytes 9/19/2012 17:21:16
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Sunday, December 09, 2012 07:43
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'DrvInst.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'xaudio.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TFService.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'RealOneMessageCenter.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqtra08.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'TFTray.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'realsched.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'EKIJ5000MUI.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuSchd2.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Users\Administrator\AppData\Roaming\Daicf\siymi.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Injector.ghby
Die Registry wurde durchsucht ( '1617' Dateien ).
Beginne mit der Desinfektion:
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\{ADD432D0-1DF2-96DB-EA1F-5118EDF16BBA}> konnte nicht entfernt werden.
C:\Users\Administrator\AppData\Roaming\Daicf\siymi.exe
[FUND] Ist das Trojanische Pferd TR/Drop.Injector.ghby
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '59d29876.qua' verschoben!
[WARNUNG] Der Registrierungseintrag <HKEY_USERS\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\{ADD432D0-1DF2-96DB-EA1F-5118EDF16BBA}> konnte nicht repariert werden.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
Ende des Suchlaufs: Sunday, December 09, 2012 08:17
Benötigte Zeit: 01:11 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
2165 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
2164 Dateien ohne Befall
18 Archive wurden durchsucht
1 Warnungen
1 Hinweise
Die Reparaturanweisungen wurden in die Datei 'C:\avrescue\rescue.avp' geschrieben.
Geändert von cosinus (26.12.2012 um 21:21 Uhr) Grund: CODE-Tags |
|
24.12.2012, 17:40
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescue Ich hab dir extra den dicken Kasten mit den CODE-Tags gepostet, halte dich bitte daran die Logs auch in CODE-Tags zu posten Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Mach bitte einen CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.12.2012, 20:25
| #5 |
| | Log File avira rescue Hi, hoffe, ich habe jetzt mit den Code Tags alles korrekt gemacht .. Anbei dxas Protokoll. Merry xmas Code:
ATTFilter OTL logfile created on: 24.12.2012 20:03:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 44,97% Memory free 1,93 Gb Paging File | 0,91 Gb Available in Paging File | 47,04% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,05 Gb Total Space | 4,83 Gb Free Space | 3,24% Space Free | Partition Type: NTFS Computer Name: EXPERIENCE | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.24 19:54:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe PRC - [2012.11.26 21:29:17 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.11.26 21:29:00 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.11.26 21:28:58 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012.11.26 21:28:57 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.10.29 17:34:28 | 000,300,480 | ---- | M] (Abine Inc.) -- C:\Program Files\Ask.com\AbineSDK\IE\DNTPService.exe PRC - [2012.10.29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2012.09.19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2010.01.15 00:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe PRC - [2010.01.15 00:08:13 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe PRC - [2008.12.06 22:14:43 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.07.25 13:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\printer\center\KodakSvc.exe PRC - [2008.07.18 13:08:34 | 001,306,624 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe ========== Modules (No Company Name) ========== MOD - [2012.10.29 17:34:28 | 000,245,696 | ---- | M] () -- C:\Program Files\Ask.com\AbineSDK\IE\DNTPButton.dll MOD - [2012.10.29 17:34:28 | 000,051,136 | ---- | M] () -- C:\Program Files\Ask.com\AbineSDK\IE\DNTPServicePS.dll MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV - [2012.11.26 21:29:17 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.11.26 21:29:00 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.11.26 21:28:58 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.01.15 00:08:13 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire) SRV - [2008.07.25 13:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\printer\center\KodakSvc.exe -- (KodakSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install) DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.11.07 16:03:24 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.11.07 16:03:24 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.07 16:03:24 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.01.15 00:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon) DRV - [2010.01.15 00:08:29 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon) DRV - [2010.01.15 00:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon) DRV - [2008.08.17 15:01:18 | 000,038,472 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2008.08.10 16:08:51 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2008.08.10 16:08:48 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86) DRV - [2008.08.10 16:08:48 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86) DRV - [2008.07.26 01:48:00 | 007,281,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.03.17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.01.21 03:21:28 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007.10.19 00:29:40 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007.08.02 09:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dadder.sys -- (DAdderFltr) DRV - [2007.06.19 06:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816bus.sys -- (s816bus) DRV - [2007.04.23 13:29:00 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony) DRV - [2006.10.18 11:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2000.11.10 02:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=en_DE IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\SearchScopes,DefaultScope = {8E04218F-4A7C-42DB-A5FE-B8FAEC0FB39F} IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=en_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=e861a0fc-73dd-4b63-9e1b-4575852722d0&apn_sauid=C83C8F98-5ADA-4D2B-A242-7F6EDBBBDC19 IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\SearchScopes\{8E04218F-4A7C-42DB-A5FE-B8FAEC0FB39F}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\SearchScopes\{98DC8C11-384F-424E-AF6A-5C0A2162F206}: "URL" = hxxp://internetsearchservice.com/search?q={searchTerms} IE - HKU\S-1-5-21-381748351-2508146595-1559701769-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.12.06 22:14:55 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=en_DE CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.2_0\ CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.3_0\ CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008.08.29 19:02:43 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH) O3 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company) O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-381748351-2508146595-1559701769-500..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKU\S-1-5-21-381748351-2508146595-1559701769-500..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-381748351-2508146595-1559701769-500..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) O4 - HKLM..\RunOnceEx: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Start_ShowMyMusic = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1 O7 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O15 - HKU\S-1-5-21-381748351-2508146595-1559701769-500\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1240656888847&h=52dcc055e03b8239e63510ea4a9deff7/&filename=jinstall-6u13-windows-i586-jc.cab (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://portal.postbank.de/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8519C71-CCC1-4D76-8225-EAA3B388A73D}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{18f89f8c-bdfc-11dd-b0a6-0013a9e35a6f}\Shell - "" = AutoRun O33 - MountPoints2\{18f89f8c-bdfc-11dd-b0a6-0013a9e35a6f}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{18f89f8f-bdfc-11dd-b0a6-0013a9e35a6f}\Shell\AutoRun\command - "" = E:\menu.exe O33 - MountPoints2\{56f33e8e-9831-11dd-946a-001b7749a3c8}\Shell - "" = AutoRun O33 - MountPoints2\{56f33e8e-9831-11dd-946a-001b7749a3c8}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{56f33e95-9831-11dd-946a-001b7749a3c8}\Shell - "" = AutoRun O33 - MountPoints2\{56f33e95-9831-11dd-946a-001b7749a3c8}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{b1240318-9a82-11dd-afa2-0013a9e35a6f}\Shell - "" = AutoRun O33 - MountPoints2\{b1240318-9a82-11dd-afa2-0013a9e35a6f}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: SessionEnv - File not found ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.12.24 19:54:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012.11.26 21:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Skype [2012.11.25 17:27:55 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\DoNotTrackPlus [2012.11.25 13:23:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Avira [2012.11.25 13:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.11.25 13:15:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\AskToolbar [2012.11.25 13:15:19 | 000,000,000 | ---D | C] -- C:\Firefox [2012.11.25 13:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2012.11.25 13:14:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\APN [2012.11.25 13:14:37 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.11.25 13:14:31 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.11.25 13:14:31 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.11.25 13:14:30 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.11.25 13:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.11.25 13:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.11.25 13:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire [2012.11.25 13:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire [2012.11.25 13:04:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2012.11.25 13:02:20 | 008,801,664 | ---- | C] (PC Tools ) -- C:\Program Files\tfinstall47.exe ========== Files - Modified Within 30 Days ========== [2012.12.24 19:58:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.12.24 19:54:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012.12.24 19:16:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.24 19:16:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.24 18:31:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.12.24 17:40:44 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.12.24 17:16:59 | 000,032,631 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.12.24 17:16:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.24 11:14:24 | 000,598,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.12.24 11:14:24 | 000,407,220 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.12.24 11:14:24 | 000,102,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.24 11:14:24 | 000,060,686 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.12.24 10:25:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2012.11.25 13:16:33 | 000,001,749 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.11.25 13:12:21 | 105,142,912 | ---- | M] () -- C:\Program Files\avira_free_antivirus_de.exe [2012.11.25 13:04:15 | 000,000,683 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk [2012.11.25 13:04:15 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\ThreatFire.lnk [2012.11.25 13:02:20 | 008,801,664 | ---- | M] (PC Tools ) -- C:\Program Files\tfinstall47.exe ========== Files Created - No Company Name ========== [2012.11.25 13:16:33 | 000,001,749 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.11.25 13:12:19 | 105,142,912 | ---- | C] () -- C:\Program Files\avira_free_antivirus_de.exe [2012.11.25 13:04:15 | 000,000,683 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk [2012.11.25 13:04:15 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\ThreatFire.lnk [2010.05.14 14:53:18 | 004,287,062 | ---- | C] () -- C:\Users\Administrator\Grein.pdf [2010.03.14 09:39:44 | 000,123,984 | ---- | C] () -- C:\Users\Administrator\Steuererklärung 2009.elfo [2008.08.29 19:02:45 | 000,000,691 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\GetValue.vbs [2008.08.29 19:02:45 | 000,000,035 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\SetValue.bat [2008.08.02 19:19:44 | 000,011,776 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.08.02 17:44:53 | 000,032,631 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.08.02 17:41:01 | 000,032,631 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.08.02 15:44:02 | 000,000,680 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat ========== ZeroAccess Check ========== [2006.11.02 13:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:22:10 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.26 21:33:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Afaq [2012.12.09 08:17:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Daicf [2010.03.13 20:43:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\elsterformular [2008.08.02 15:07:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GHISLER [2011.07.06 06:58:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Juniper Networks [2008.08.02 19:43:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Watchtower [2009.01.18 16:02:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WEBDE ========== Purity Check ========== ========== Custom Scans ========== < minimal > [2006.11.02 14:00:25 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 14:00:25 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.05.23 19:13:44 | 000,000,868 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job [2009.06.30 18:07:22 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2009.06.30 18:07:22 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < safeboosafeboottnetwork > < RIVE%\*. > Invalid Environment Variable: SYSTEMD < %APPDATA%\*.exe /s > [2009.10.27 11:32:24 | 000,296,232 | ---- | M] (Juniper Networks) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Cache Cleaner 6.4.0\dsCacheCleaner.exe [2009.10.27 11:32:24 | 000,044,064 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Cache Cleaner 6.4.0\uninstall.exe [2010.06.08 08:24:36 | 000,304,496 | ---- | M] (Juniper Networks) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Cache Cleaner 6.5.0\dsCacheCleaner.exe [2010.06.08 08:24:36 | 000,045,168 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Cache Cleaner 6.5.0\uninstall.exe [2012.09.19 22:17:00 | 000,033,456 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Host Checker\dsCCProc.exe [2012.09.20 06:16:46 | 000,343,728 | ---- | M] (Juniper Networks") -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe [2012.09.20 06:16:48 | 000,261,808 | ---- | M] (Juniper Networks) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe [2012.09.20 06:17:02 | 000,060,088 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe [2012.09.26 06:29:26 | 000,318,336 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Host Checker\OPSWAT\64bitProxy.exe [2012.09.19 23:49:36 | 000,150,640 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe [2012.09.19 23:50:10 | 000,278,840 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\JuniperCompMgrInstaller.exe [2012.09.19 23:49:32 | 000,609,392 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe [2012.09.19 23:48:58 | 000,344,744 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe [2012.09.19 23:50:04 | 000,235,824 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe [2012.09.19 23:50:12 | 000,052,632 | ---- | M] (Juniper Networks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe [2009.08.29 20:18:47 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Administrator\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe [2008.10.31 09:19:29 | 000,010,134 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{843081BD-351F-46FC-8A17-517A0D9117A3}\ARPPRODUCTICON.exe [2008.10.31 09:19:29 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{843081BD-351F-46FC-8A17-517A0D9117A3}\NewShortcut1_843081BD351F46FC8A17517A0D9117A3.exe [2008.10.31 09:19:29 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{843081BD-351F-46FC-8A17-517A0D9117A3}\NewShortcut2_843081BD351F46FC8A17517A0D9117A3.exe [2008.10.31 09:19:29 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{843081BD-351F-46FC-8A17-517A0D9117A3}\NewShortcut3_843081BD351F46FC8A17517A0D9117A3.exe [2008.10.31 09:19:29 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{843081BD-351F-46FC-8A17-517A0D9117A3}\NewShortcut5_843081BD351F46FC8A17517A0D9117A3.exe [2008.10.31 09:19:31 | 000,010,134 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\ARPPRODUCTICON.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut10_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut11_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut1_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut2_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut3_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut4_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut5_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut6_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut7_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut8_DC626A21EDF140C78F2FD2BA7535529F.exe [2008.10.31 09:19:31 | 000,092,854 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}\NewShortcut9_DC626A21EDF140C78F2FD2BA7535529F.exe [2011.11.20 05:30:24 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe [2011.11.20 08:32:22 | 026,533,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer_de.exe [2011.11.20 08:30:31 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Administrator\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer_de.exe < sys /lockedfiles > < %SYSTEMROOT%\System32\config\*.%SYSTEMROOT%\system32\drivers\*.sav > < %SYSTEMROOT%\*. /mp /s > < %SYSTEMROOT%\system32\*.dll /lockedfiles > < > < End of report > |
|
26.12.2012, 21:20
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescueCode:
ATTFilter Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Log File avira rescue |
|
27.12.2012, 00:33
| #7 |
| | Log File avira rescue Hier das Protokoll des letzten Scans Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2012.12.03.14
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Administrator :: EXPERIENCE [administrator]
26.12.2012 23:27:59
mbar-log-2012-12-26 (23-27-59).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29858
Time elapsed: 38 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Gruß Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2012.12.03.14
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Administrator :: EXPERIENCE [administrator]
26.12.2012 22:35:04
mbar-log-2012-12-26 (22-35-04).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29880
Time elapsed: 28 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{176D799E-6C8C-4D1A-8024-044D96A035E2} (Trojan.BHO) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Delete on reboot.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Administrator\AppData\Local\Temp\tmpee8a5452\pr.exe.vir (Trojan.Zbot) -> Delete on reboot.
(end)
|
|
27.12.2012, 09:01
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescue Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.12.2012, 17:47
| #9 |
| | Log File avira rescue Hallo Habe beides gemacht. Das Logfile vom GMER ist extrem groß (432 Seiten in Word ). Soll ich das echt hier reinkopieren? Hier erst mal das aswMBR File: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-27 11:08:53
-----------------------------
11:08:53.563 OS Version: Windows 6.0.6001 Service Pack 1
11:08:53.563 Number of processors: 2 586 0xF0D
11:08:53.563 ComputerName: EXPERIENCE UserName:
11:09:28.616 Initialize success
11:14:33.470 AVAST engine defs: 12122700
11:16:14.355 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
11:16:14.355 Disk 0 Vendor: ST9160821AS 3.ALB Size: 152627MB BusType: 3
11:16:14.355 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000059
11:16:14.355 Disk 1 Vendor: ( Size: 152627MB BusType: 0
11:16:14.371 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000005a
11:16:14.371 Disk 2 Vendor: ( Size: 152627MB BusType: 0
11:16:14.417 Disk 0 MBR read successfully
11:16:14.417 Disk 0 MBR scan
11:16:14.449 Disk 0 Windows VISTA default MBR code
11:16:14.480 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 2048
11:16:14.480 Disk 0 scanning sectors +312578048
11:16:14.558 Disk 0 scanning C:\Windows\system32\drivers
11:16:26.945 Service scanning
11:16:54.885 Modules scanning
11:17:04.338 Disk 0 trace - called modules:
11:17:04.370 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
11:17:04.370 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c3f248]
11:17:04.385 3 CLASSPNP.SYS[885a8745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84a778a8]
11:17:06.132 AVAST engine scan C:\Windows
11:17:10.282 AVAST engine scan C:\Windows\system32
11:21:32.084 AVAST engine scan C:\Windows\system32\drivers
11:21:46.077 AVAST engine scan C:\Users\Administrator
11:26:45.493 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat"
11:26:45.493 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR.txt"
|
|
27.12.2012, 21:43
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescueZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.12.2012, 12:19
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescue Das ist doch nicht das originale Log! Seit wann erstellt GMER DOC-Datein? Bitte NICHT erst den Text aus dem Log in ein Worddukument gießen und dann posten, das ist doch völlig unnötig Poste das originale GMER-Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.12.2012, 14:37
| #13 |
| | Log File avira rescue Hallo, hier noch mal neu |
|
28.12.2012, 18:19
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Log File avira rescue Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.12.2012, 23:17
| #15 |
| | Log File avira rescue Hier das Log von TDSS Kill 7 Threats, alle geskippt Code:
ATTFilter 23:12:11.0419 2140 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:12:11.0435 2140 ============================================================
23:12:11.0435 2140 Current date / time: 2012/12/28 23:12:11.0435
23:12:11.0435 2140 SystemInfo:
23:12:11.0435 2140
23:12:11.0435 2140 OS Version: 6.0.6001 ServicePack: 1.0
23:12:11.0435 2140 Product type: Workstation
23:12:11.0450 2140 ComputerName: EXPERIENCE
23:12:11.0450 2140 UserName: Administrator
23:12:11.0450 2140 Windows directory: C:\Windows
23:12:11.0450 2140 System windows directory: C:\Windows
23:12:11.0450 2140 Processor architecture: Intel x86
23:12:11.0450 2140 Number of processors: 2
23:12:11.0450 2140 Page size: 0x1000
23:12:11.0450 2140 Boot type: Normal boot
23:12:11.0450 2140 ============================================================
23:12:11.0856 2140 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:12:11.0856 2140 ============================================================
23:12:11.0856 2140 \Device\Harddisk0\DR0:
23:12:11.0856 2140 MBR partitions:
23:12:11.0856 2140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
23:12:11.0856 2140 ============================================================
23:12:11.0918 2140 C: <-> \Device\Harddisk0\DR0\Partition1
23:12:11.0918 2140 ============================================================
23:12:11.0918 2140 Initialize success
23:12:11.0918 2140 ============================================================
23:12:22.0339 2360 ============================================================
23:12:22.0339 2360 Scan started
23:12:22.0339 2360 Mode: Manual; SigCheck; TDLFS;
23:12:22.0339 2360 ============================================================
23:12:22.0511 2360 ================ Scan system memory ========================
23:12:22.0511 2360 System memory - ok
23:12:22.0511 2360 ================ Scan services =============================
23:12:22.0916 2360 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
23:12:23.0041 2360 ACPI - ok
23:12:23.0088 2360 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:12:23.0103 2360 adp94xx - ok
23:12:23.0135 2360 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:12:23.0150 2360 adpahci - ok
23:12:23.0166 2360 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:12:23.0181 2360 adpu160m - ok
23:12:23.0181 2360 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:12:23.0197 2360 adpu320 - ok
23:12:23.0228 2360 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:12:23.0259 2360 AeLookupSvc - ok
23:12:23.0322 2360 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
23:12:23.0337 2360 AFD - ok
23:12:23.0353 2360 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:12:23.0353 2360 agp440 - ok
23:12:23.0400 2360 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:12:23.0415 2360 aic78xx - ok
23:12:23.0431 2360 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:12:23.0462 2360 ALG - ok
23:12:23.0462 2360 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
23:12:23.0478 2360 aliide - ok
23:12:23.0493 2360 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:12:23.0509 2360 amdagp - ok
23:12:23.0509 2360 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
23:12:23.0525 2360 amdide - ok
23:12:23.0540 2360 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:12:23.0571 2360 AmdK7 - ok
23:12:23.0571 2360 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:12:23.0603 2360 AmdK8 - ok
23:12:23.0883 2360 [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:12:23.0899 2360 AntiVirSchedulerService - ok
23:12:23.0961 2360 [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:12:23.0977 2360 AntiVirService - ok
23:12:24.0039 2360 [ 116879B401A4DDD184EA34473D726E35 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:12:24.0071 2360 AntiVirWebService - ok
23:12:24.0133 2360 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:12:24.0164 2360 Appinfo - ok
23:12:24.0398 2360 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:12:24.0414 2360 Apple Mobile Device - ok
23:12:24.0445 2360 [ C56DED3FE618C8BAE1AAAF4E801CCB3E ] AppMgmt C:\Windows\System32\appmgmts.dll
23:12:24.0461 2360 AppMgmt - ok
23:12:24.0492 2360 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
23:12:24.0507 2360 arc - ok
23:12:24.0523 2360 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:12:24.0523 2360 arcsas - ok
23:12:24.0539 2360 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:12:24.0570 2360 AsyncMac - ok
23:12:24.0570 2360 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
23:12:24.0585 2360 atapi - ok
23:12:24.0601 2360 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:12:24.0632 2360 AudioEndpointBuilder - ok
23:12:24.0663 2360 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:12:24.0695 2360 Audiosrv - ok
23:12:24.0726 2360 [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:12:24.0757 2360 avgntflt - ok
23:12:24.0804 2360 [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:12:24.0819 2360 avipbb - ok
23:12:24.0851 2360 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:12:24.0866 2360 avkmgr - ok
23:12:24.0913 2360 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
23:12:24.0944 2360 BFE - ok
23:12:25.0007 2360 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
23:12:25.0053 2360 BITS - ok
23:12:25.0131 2360 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:12:25.0163 2360 blbdrive - ok
23:12:25.0303 2360 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:12:25.0319 2360 Bonjour Service - ok
23:12:25.0365 2360 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:12:25.0381 2360 bowser - ok
23:12:25.0412 2360 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:12:25.0443 2360 BrFiltLo - ok
23:12:25.0443 2360 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:12:25.0475 2360 BrFiltUp - ok
23:12:25.0506 2360 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:12:25.0537 2360 Browser - ok
23:12:25.0553 2360 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:12:25.0599 2360 Brserid - ok
23:12:25.0599 2360 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:12:25.0646 2360 BrSerWdm - ok
23:12:25.0662 2360 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:12:25.0709 2360 BrUsbMdm - ok
23:12:25.0709 2360 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:12:25.0755 2360 BrUsbSer - ok
23:12:25.0771 2360 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:12:25.0818 2360 BTHMODEM - ok
23:12:25.0818 2360 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:12:25.0849 2360 cdfs - ok
23:12:25.0865 2360 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:12:25.0896 2360 cdrom - ok
23:12:25.0927 2360 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
23:12:25.0958 2360 CertPropSvc - ok
23:12:25.0958 2360 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
23:12:25.0989 2360 circlass - ok
23:12:26.0005 2360 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
23:12:26.0021 2360 CLFS - ok
23:12:26.0177 2360 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:12:26.0192 2360 clr_optimization_v2.0.50727_32 - ok
23:12:26.0411 2360 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:12:26.0426 2360 clr_optimization_v4.0.30319_32 - ok
23:12:26.0473 2360 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:12:26.0520 2360 CmBatt - ok
23:12:26.0535 2360 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:12:26.0551 2360 cmdide - ok
23:12:26.0567 2360 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:12:26.0582 2360 Compbatt - ok
23:12:26.0582 2360 COMSysApp - ok
23:12:26.0582 2360 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:12:26.0598 2360 crcdisk - ok
23:12:26.0613 2360 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:12:26.0645 2360 Crusoe - ok
23:12:26.0660 2360 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:12:26.0691 2360 CryptSvc - ok
23:12:26.0723 2360 [ 9A5434125C3DFE42393DE4BBB791BD19 ] CSC C:\Windows\system32\drivers\csc.sys
23:12:26.0738 2360 CSC - ok
23:12:26.0769 2360 [ CB1D480676229A09EEF1DD4D23C5EDF3 ] CscService C:\Windows\System32\cscsvc.dll
23:12:26.0785 2360 CscService - ok
23:12:26.0847 2360 [ CB90F77E21109CCFD114A17BD87A42A7 ] DAdderFltr C:\Windows\system32\drivers\dadder.sys
23:12:26.0863 2360 DAdderFltr - ok
23:12:26.0941 2360 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:12:26.0957 2360 DcomLaunch - ok
23:12:27.0035 2360 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:12:27.0050 2360 DfsC - ok
23:12:27.0159 2360 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
23:12:27.0206 2360 DFSR - ok
23:12:27.0222 2360 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:12:27.0253 2360 Dhcp - ok
23:12:27.0284 2360 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
23:12:27.0300 2360 disk - ok
23:12:27.0331 2360 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
23:12:27.0347 2360 DMICall - ok
23:12:27.0378 2360 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:12:27.0393 2360 Dnscache - ok
23:12:27.0409 2360 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
23:12:27.0440 2360 dot3svc - ok
23:12:27.0487 2360 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:12:27.0518 2360 Dot4 - ok
23:12:27.0565 2360 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:12:27.0581 2360 Dot4Print - ok
23:12:27.0643 2360 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:12:27.0659 2360 dot4usb - ok
23:12:27.0721 2360 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:12:27.0737 2360 drmkaud - ok
23:12:27.0799 2360 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:12:27.0830 2360 DXGKrnl - ok
23:12:27.0893 2360 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:12:27.0924 2360 E1G60 - ok
23:12:27.0955 2360 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:12:27.0971 2360 EapHost - ok
23:12:27.0986 2360 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:12:28.0002 2360 Ecache - ok
23:12:28.0017 2360 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:12:28.0033 2360 elxstor - ok
23:12:28.0095 2360 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:12:28.0127 2360 EMDMgmt - ok
23:12:28.0127 2360 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:12:28.0158 2360 ErrDev - ok
23:12:28.0205 2360 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
23:12:28.0220 2360 EventSystem - ok
23:12:28.0236 2360 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
23:12:28.0251 2360 exfat - ok
23:12:28.0267 2360 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:12:28.0298 2360 fastfat - ok
23:12:28.0298 2360 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:12:28.0329 2360 fdc - ok
23:12:28.0361 2360 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:12:28.0392 2360 fdPHost - ok
23:12:28.0407 2360 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:12:28.0454 2360 FDResPub - ok
23:12:28.0470 2360 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:12:28.0485 2360 FileInfo - ok
23:12:28.0485 2360 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:12:28.0517 2360 Filetrace - ok
23:12:28.0548 2360 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:12:28.0563 2360 flpydisk - ok
23:12:28.0579 2360 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:12:28.0595 2360 FltMgr - ok
23:12:28.0673 2360 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:12:28.0673 2360 FontCache3.0.0.0 - ok
23:12:28.0688 2360 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:12:28.0719 2360 Fs_Rec - ok
23:12:28.0735 2360 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:12:28.0751 2360 gagp30kx - ok
23:12:28.0782 2360 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
23:12:28.0797 2360 GEARAspiWDM - ok
23:12:28.0969 2360 [ 6542DC2E93BCE4D4289FA70A4D367DC2 ] GoogleDesktopManager-061008-081103 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
23:12:28.0985 2360 GoogleDesktopManager-061008-081103 - ok
23:12:29.0031 2360 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
23:12:29.0063 2360 gpsvc - ok
23:12:29.0156 2360 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9dbd260b5e07b C:\Program Files\Google\Update\GoogleUpdate.exe
23:12:29.0172 2360 gupdate1c9dbd260b5e07b - ok
23:12:29.0219 2360 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:12:29.0234 2360 gupdatem - ok
23:12:29.0312 2360 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:12:29.0328 2360 gusvc - ok
23:12:29.0406 2360 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:12:29.0484 2360 HdAudAddService - ok
23:12:29.0515 2360 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:12:29.0562 2360 HDAudBus - ok
23:12:29.0562 2360 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:12:29.0624 2360 HidBth - ok
23:12:29.0640 2360 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:12:29.0671 2360 HidIr - ok
23:12:29.0702 2360 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
23:12:29.0749 2360 hidserv - ok
23:12:29.0780 2360 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:12:29.0811 2360 HidUsb - ok
23:12:29.0843 2360 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:12:29.0858 2360 hkmsvc - ok
23:12:29.0905 2360 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:12:29.0905 2360 HpCISSs - ok
23:12:30.0155 2360 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:12:30.0170 2360 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:12:30.0170 2360 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:12:30.0233 2360 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:12:30.0248 2360 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:12:30.0248 2360 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:12:30.0326 2360 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:12:30.0357 2360 HSF_DPV - ok
23:12:30.0389 2360 [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:12:30.0404 2360 HSXHWAZL - ok
23:12:30.0467 2360 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:12:30.0498 2360 HTTP - ok
23:12:30.0560 2360 [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:12:30.0576 2360 hwdatacard - ok
23:12:30.0638 2360 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:12:30.0654 2360 i2omp - ok
23:12:30.0654 2360 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:12:30.0685 2360 i8042prt - ok
23:12:30.0716 2360 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:12:30.0732 2360 iaStorV - ok
23:12:30.0810 2360 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:12:30.0857 2360 idsvc - ok
23:12:30.0857 2360 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:12:30.0872 2360 iirsp - ok
23:12:30.0935 2360 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
23:12:30.0966 2360 IKEEXT - ok
23:12:30.0981 2360 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:12:30.0981 2360 intelide - ok
23:12:30.0997 2360 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:12:31.0013 2360 intelppm - ok
23:12:31.0044 2360 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:12:31.0075 2360 IPBusEnum - ok
23:12:31.0075 2360 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:12:31.0106 2360 IpFilterDriver - ok
23:12:31.0153 2360 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:12:31.0169 2360 iphlpsvc - ok
23:12:31.0169 2360 IpInIp - ok
23:12:31.0184 2360 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:12:31.0215 2360 IPMIDRV - ok
23:12:31.0215 2360 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:12:31.0247 2360 IPNAT - ok
23:12:31.0356 2360 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:12:31.0387 2360 iPod Service - ok
23:12:31.0387 2360 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:12:31.0418 2360 IRENUM - ok
23:12:31.0434 2360 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:12:31.0434 2360 isapnp - ok
23:12:31.0481 2360 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:12:31.0496 2360 iScsiPrt - ok
23:12:31.0496 2360 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:12:31.0512 2360 iteatapi - ok
23:12:31.0527 2360 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:12:31.0527 2360 iteraid - ok
23:12:31.0559 2360 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:12:31.0559 2360 kbdclass - ok
23:12:31.0574 2360 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:12:31.0605 2360 kbdhid - ok
23:12:31.0637 2360 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
23:12:31.0652 2360 KeyIso - ok
23:12:31.0808 2360 [ 1645CB4B82C2058B7790129B03869DA3 ] KodakSvc C:\Program Files\Kodak\printer\center\KodakSvc.exe
23:12:31.0808 2360 KodakSvc ( UnsignedFile.Multi.Generic ) - warning
23:12:31.0808 2360 KodakSvc - detected UnsignedFile.Multi.Generic (1)
23:12:31.0886 2360 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:12:31.0917 2360 KSecDD - ok
23:12:32.0011 2360 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:12:32.0027 2360 LanmanServer - ok
23:12:32.0089 2360 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:12:32.0105 2360 LanmanWorkstation - ok
23:12:32.0151 2360 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:12:32.0183 2360 lltdsvc - ok
23:12:32.0198 2360 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:12:32.0245 2360 lmhosts - ok
23:12:32.0276 2360 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:12:32.0292 2360 LSI_FC - ok
23:12:32.0292 2360 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:12:32.0307 2360 LSI_SAS - ok
23:12:32.0307 2360 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:12:32.0323 2360 LSI_SCSI - ok
23:12:32.0354 2360 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:12:32.0370 2360 mdmxsdk - ok
23:12:32.0370 2360 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
23:12:32.0385 2360 megasas - ok
23:12:32.0417 2360 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:12:32.0432 2360 MegaSR - ok
23:12:32.0495 2360 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:12:32.0526 2360 MMCSS - ok
23:12:32.0526 2360 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:12:32.0557 2360 Modem - ok
23:12:32.0557 2360 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:12:32.0588 2360 monitor - ok
23:12:32.0604 2360 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:12:32.0619 2360 mouclass - ok
23:12:32.0619 2360 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:12:32.0651 2360 mouhid - ok
23:12:32.0651 2360 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:12:32.0666 2360 MountMgr - ok
23:12:32.0682 2360 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
23:12:32.0697 2360 mpio - ok
23:12:32.0697 2360 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:12:32.0729 2360 mpsdrv - ok
23:12:32.0760 2360 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
23:12:32.0807 2360 MpsSvc - ok
23:12:32.0838 2360 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:12:32.0838 2360 Mraid35x - ok
23:12:32.0853 2360 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:12:32.0869 2360 MRxDAV - ok
23:12:32.0916 2360 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:12:32.0931 2360 mrxsmb - ok
23:12:32.0963 2360 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:12:32.0978 2360 mrxsmb10 - ok
23:12:33.0009 2360 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:12:33.0025 2360 mrxsmb20 - ok
23:12:33.0056 2360 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
23:12:33.0072 2360 msahci - ok
23:12:33.0072 2360 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:12:33.0087 2360 msdsm - ok
23:12:33.0119 2360 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:12:33.0150 2360 Msfs - ok
23:12:33.0150 2360 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:12:33.0165 2360 msisadrv - ok
23:12:33.0197 2360 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:12:33.0228 2360 MSiSCSI - ok
23:12:33.0228 2360 msiserver - ok
23:12:33.0259 2360 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:12:33.0275 2360 MSKSSRV - ok
23:12:33.0306 2360 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:12:33.0337 2360 MSPCLOCK - ok
23:12:33.0337 2360 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:12:33.0368 2360 MSPQM - ok
23:12:33.0368 2360 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:12:33.0384 2360 MsRPC - ok
23:12:33.0399 2360 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:12:33.0399 2360 mssmbios - ok
23:12:33.0415 2360 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:12:33.0446 2360 MSTEE - ok
23:12:33.0446 2360 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
23:12:33.0462 2360 Mup - ok
23:12:33.0493 2360 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
23:12:33.0524 2360 napagent - ok
23:12:33.0555 2360 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:12:33.0571 2360 NativeWifiP - ok
23:12:33.0618 2360 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:12:33.0649 2360 NDIS - ok
23:12:33.0649 2360 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:12:33.0680 2360 NdisTapi - ok
23:12:33.0680 2360 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:12:33.0711 2360 Ndisuio - ok
23:12:33.0727 2360 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:12:33.0758 2360 NdisWan - ok
23:12:33.0758 2360 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:12:33.0789 2360 NDProxy - ok
23:12:33.0836 2360 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:12:33.0836 2360 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:12:33.0836 2360 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:12:33.0836 2360 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:12:33.0867 2360 NetBIOS - ok
23:12:33.0883 2360 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:12:33.0899 2360 netbt - ok
23:12:33.0930 2360 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
23:12:33.0945 2360 Netlogon - ok
23:12:33.0977 2360 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:12:34.0008 2360 Netman - ok
23:12:34.0023 2360 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:12:34.0055 2360 netprofm - ok
23:12:34.0086 2360 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:12:34.0101 2360 NetTcpPortSharing - ok
23:12:34.0211 2360 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:12:34.0289 2360 NETw3v32 - ok
23:12:34.0413 2360 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
23:12:34.0476 2360 NETw4v32 - ok
23:12:34.0554 2360 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:12:34.0569 2360 nfrd960 - ok
23:12:34.0601 2360 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:12:34.0632 2360 NlaSvc - ok
23:12:34.0647 2360 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:12:34.0663 2360 Npfs - ok
23:12:34.0679 2360 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:12:34.0710 2360 nsi - ok
23:12:34.0710 2360 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:12:34.0741 2360 nsiproxy - ok
23:12:34.0772 2360 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:12:34.0819 2360 Ntfs - ok
23:12:34.0819 2360 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:12:34.0866 2360 ntrigdigi - ok
23:12:34.0881 2360 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:12:34.0913 2360 Null - ok
23:12:35.0147 2360 [ 4FF7BF82A418809950828619BB661BF8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:12:35.0412 2360 nvlddmkm ( UnsignedFile.Multi.Generic ) - warning
23:12:35.0412 2360 nvlddmkm - detected UnsignedFile.Multi.Generic (1)
23:12:35.0459 2360 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:12:35.0474 2360 nvraid - ok
23:12:35.0474 2360 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:12:35.0490 2360 nvstor - ok
23:12:35.0521 2360 [ 444E6939C6A8E010EFB3B9C771772C9C ] nvsvc C:\Windows\system32\nvvsvc.exe
23:12:35.0537 2360 nvsvc ( UnsignedFile.Multi.Generic ) - warning
23:12:35.0537 2360 nvsvc - detected UnsignedFile.Multi.Generic (1)
23:12:35.0552 2360 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:12:35.0568 2360 nv_agp - ok
23:12:35.0583 2360 NwlnkFlt - ok
23:12:35.0583 2360 NwlnkFwd - ok
23:12:35.0615 2360 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:12:35.0646 2360 ohci1394 - ok
23:12:35.0708 2360 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:12:35.0724 2360 ose - ok
23:12:35.0771 2360 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:12:35.0817 2360 Parport - ok
23:12:35.0817 2360 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:12:35.0833 2360 partmgr - ok
23:12:35.0849 2360 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:12:35.0895 2360 Parvdm - ok
23:12:35.0911 2360 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:12:35.0927 2360 PcaSvc - ok
23:12:35.0942 2360 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
23:12:35.0958 2360 pci - ok
23:12:35.0958 2360 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
23:12:35.0973 2360 pciide - ok
23:12:35.0989 2360 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:12:36.0005 2360 pcmcia - ok
23:12:36.0036 2360 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:12:36.0114 2360 PEAUTH - ok
23:12:36.0161 2360 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:12:36.0192 2360 PlugPlay - ok
23:12:36.0223 2360 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:12:36.0239 2360 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:12:36.0239 2360 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:12:36.0301 2360 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:12:36.0317 2360 PolicyAgent - ok
23:12:36.0348 2360 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:12:36.0379 2360 PptpMiniport - ok
23:12:36.0426 2360 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
23:12:36.0441 2360 Processor - ok
23:12:36.0473 2360 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
23:12:36.0504 2360 ProfSvc - ok
23:12:36.0535 2360 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:12:36.0551 2360 ProtectedStorage - ok
23:12:36.0566 2360 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:12:36.0582 2360 ql40xx - ok
23:12:36.0613 2360 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:12:36.0629 2360 QWAVE - ok
23:12:36.0629 2360 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:12:36.0644 2360 QWAVEdrv - ok
23:12:36.0707 2360 [ 9C9D24115F13AF3AEA05E1343A032BB1 ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
23:12:36.0722 2360 R5U870FLx86 - ok
23:12:36.0738 2360 [ 18B4C879647661DE37B49C2E48D65820 ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
23:12:36.0753 2360 R5U870FUx86 - ok
23:12:36.0769 2360 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:12:36.0800 2360 RasAcd - ok
23:12:36.0831 2360 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:12:36.0863 2360 RasAuto - ok
23:12:36.0863 2360 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:12:36.0894 2360 Rasl2tp - ok
23:12:36.0909 2360 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
23:12:36.0941 2360 RasMan - ok
23:12:36.0956 2360 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:12:36.0987 2360 RasPppoe - ok
23:12:36.0987 2360 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:12:37.0019 2360 RasSstp - ok
23:12:37.0034 2360 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:12:37.0065 2360 rdbss - ok
23:12:37.0081 2360 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
23:12:37.0112 2360 rdpdr - ok
23:12:37.0143 2360 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:12:37.0175 2360 RemoteAccess - ok
23:12:37.0190 2360 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:12:37.0221 2360 RemoteRegistry - ok
23:12:37.0253 2360 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:12:37.0268 2360 RpcLocator - ok
23:12:37.0315 2360 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
23:12:37.0346 2360 RpcSs - ok
23:12:37.0409 2360 [ 8C156E6B568AA927EB5DEADEB870BDD2 ] s816bus C:\Windows\system32\DRIVERS\s816bus.sys
23:12:37.0409 2360 s816bus - ok
23:12:37.0424 2360 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
23:12:37.0440 2360 SamSs - ok
23:12:37.0487 2360 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:12:37.0487 2360 sbp2port - ok
23:12:37.0533 2360 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:12:37.0565 2360 SCardSvr - ok
23:12:37.0643 2360 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
23:12:37.0674 2360 Schedule - ok
23:12:37.0689 2360 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
23:12:37.0721 2360 SCPolicySvc - ok
23:12:37.0721 2360 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:12:37.0783 2360 secdrv - ok
23:12:37.0799 2360 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:12:37.0830 2360 seclogon - ok
23:12:37.0845 2360 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
23:12:37.0877 2360 SENS - ok
23:12:37.0892 2360 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:12:37.0939 2360 Serenum - ok
23:12:37.0939 2360 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:12:37.0986 2360 Serial - ok
23:12:38.0001 2360 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:12:38.0017 2360 sermouse - ok
23:12:38.0048 2360 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:12:38.0079 2360 sffdisk - ok
23:12:38.0079 2360 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:12:38.0111 2360 sffp_mmc - ok
23:12:38.0111 2360 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:12:38.0142 2360 sffp_sd - ok
23:12:38.0142 2360 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:12:38.0189 2360 sfloppy - ok
23:12:38.0235 2360 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:12:38.0267 2360 SharedAccess - ok
23:12:38.0329 2360 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:12:38.0345 2360 ShellHWDetection - ok
23:12:38.0376 2360 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:12:38.0391 2360 sisagp - ok
23:12:38.0391 2360 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:12:38.0407 2360 SiSRaid2 - ok
23:12:38.0407 2360 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:12:38.0423 2360 SiSRaid4 - ok
23:12:38.0501 2360 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:12:38.0516 2360 SkypeUpdate - ok
23:12:38.0625 2360 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
23:12:38.0703 2360 slsvc - ok
23:12:38.0797 2360 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:12:38.0828 2360 SLUINotify - ok
23:12:38.0844 2360 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:12:38.0875 2360 Smb - ok
23:12:38.0891 2360 [ BE6038E0A7D2E2FE69107E41A0265831 ] SNC C:\Windows\system32\Drivers\SonyNC.sys
23:12:38.0906 2360 SNC - ok
23:12:38.0937 2360 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:12:38.0953 2360 SNMPTRAP - ok
23:12:38.0984 2360 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:12:38.0984 2360 spldr - ok
23:12:39.0015 2360 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
23:12:39.0031 2360 Spooler - ok
23:12:39.0078 2360 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:12:39.0093 2360 srv - ok
23:12:39.0140 2360 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:12:39.0156 2360 srv2 - ok
23:12:39.0203 2360 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:12:39.0218 2360 srvnet - ok
23:12:39.0265 2360 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:12:39.0296 2360 SSDPSRV - ok
23:12:39.0327 2360 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:12:39.0327 2360 ssmdrv - ok
23:12:39.0343 2360 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:12:39.0374 2360 SstpSvc - ok
23:12:39.0437 2360 Steam Client Service - ok
23:12:39.0468 2360 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
23:12:39.0499 2360 stisvc - ok
23:12:39.0546 2360 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:12:39.0546 2360 swenum - ok
23:12:39.0561 2360 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:12:39.0577 2360 Symc8xx - ok
23:12:39.0577 2360 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:12:39.0593 2360 Sym_hi - ok
23:12:39.0593 2360 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:12:39.0608 2360 Sym_u3 - ok
23:12:39.0639 2360 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
23:12:39.0686 2360 SysMain - ok
23:12:39.0733 2360 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:12:39.0764 2360 TapiSrv - ok
23:12:39.0795 2360 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:12:39.0827 2360 TBS - ok
23:12:39.0905 2360 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:12:39.0936 2360 Tcpip - ok
23:12:40.0029 2360 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:12:40.0061 2360 Tcpip6 - ok
23:12:40.0092 2360 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:12:40.0123 2360 tcpipreg - ok
23:12:40.0185 2360 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:12:40.0201 2360 TDPIPE - ok
23:12:40.0217 2360 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:12:40.0248 2360 TDTCP - ok
23:12:40.0248 2360 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:12:40.0279 2360 tdx - ok
23:12:40.0279 2360 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:12:40.0295 2360 TermDD - ok
23:12:40.0404 2360 [ 95746E5B1473432F3D9458940DBA6E3A ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
23:12:40.0419 2360 TfFsMon - ok
23:12:40.0482 2360 [ 02FFDD873E31C5C2D57CA87D11EC36AF ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
23:12:40.0482 2360 TfNetMon - ok
23:12:40.0529 2360 [ F8BD92251AB439383C051CE907D78CCE ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
23:12:40.0544 2360 TfSysMon - ok
23:12:40.0591 2360 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
23:12:40.0607 2360 Themes - ok
23:12:40.0638 2360 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:12:40.0669 2360 THREADORDER - ok
23:12:40.0731 2360 ThreatFire - ok
23:12:40.0809 2360 [ 909CD987B54A8179C9AEE874D754721A ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
23:12:40.0841 2360 ti21sony - ok
23:12:40.0887 2360 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:12:40.0903 2360 TrkWks - ok
23:12:40.0981 2360 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:12:41.0012 2360 TrustedInstaller - ok
23:12:41.0059 2360 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:12:41.0075 2360 tunmp - ok
23:12:41.0121 2360 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:12:41.0137 2360 tunnel - ok
23:12:41.0168 2360 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:12:41.0184 2360 uagp35 - ok
23:12:41.0184 2360 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:12:41.0215 2360 udfs - ok
23:12:41.0246 2360 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:12:41.0277 2360 UI0Detect - ok
23:12:41.0277 2360 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:12:41.0293 2360 uliagpkx - ok
23:12:41.0309 2360 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:12:41.0324 2360 uliahci - ok
23:12:41.0340 2360 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:12:41.0355 2360 UlSata - ok
23:12:41.0355 2360 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:12:41.0371 2360 ulsata2 - ok
23:12:41.0387 2360 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:12:41.0418 2360 umbus - ok
23:12:41.0449 2360 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:12:41.0480 2360 upnphost - ok
23:12:41.0527 2360 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:12:41.0543 2360 USBAAPL - ok
23:12:41.0558 2360 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:12:41.0589 2360 usbccgp - ok
23:12:41.0636 2360 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:12:41.0652 2360 usbehci - ok
23:12:41.0667 2360 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:12:41.0699 2360 usbhub - ok
23:12:41.0699 2360 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:12:41.0745 2360 usbohci - ok
23:12:41.0792 2360 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:12:41.0808 2360 usbprint - ok
23:12:41.0855 2360 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:12:41.0886 2360 usbscan - ok
23:12:41.0917 2360 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:12:41.0933 2360 USBSTOR - ok
23:12:41.0964 2360 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:12:41.0995 2360 usbuhci - ok
23:12:42.0042 2360 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:12:42.0073 2360 usbvideo - ok
23:12:42.0104 2360 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
23:12:42.0135 2360 UxSms - ok
23:12:42.0151 2360 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
23:12:42.0182 2360 vds - ok
23:12:42.0182 2360 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:12:42.0213 2360 vga - ok
23:12:42.0229 2360 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:12:42.0260 2360 VgaSave - ok
23:12:42.0260 2360 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:12:42.0276 2360 viaagp - ok
23:12:42.0276 2360 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:12:42.0307 2360 ViaC7 - ok
23:12:42.0323 2360 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
23:12:42.0323 2360 viaide - ok
23:12:42.0338 2360 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:12:42.0354 2360 volmgr - ok
23:12:42.0354 2360 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:12:42.0369 2360 volmgrx - ok
23:12:42.0385 2360 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:12:42.0401 2360 volsnap - ok
23:12:42.0401 2360 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:12:42.0416 2360 vsmraid - ok
23:12:42.0463 2360 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
23:12:42.0494 2360 W32Time - ok
23:12:42.0525 2360 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:12:42.0572 2360 WacomPen - ok
23:12:42.0572 2360 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:12:42.0603 2360 Wanarp - ok
23:12:42.0619 2360 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:12:42.0650 2360 Wanarpv6 - ok
23:12:42.0681 2360 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:12:42.0713 2360 wcncsvc - ok
23:12:42.0728 2360 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:12:42.0759 2360 WcsPlugInService - ok
23:12:42.0775 2360 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
23:12:42.0791 2360 Wd - ok
23:12:42.0806 2360 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:12:42.0822 2360 Wdf01000 - ok
23:12:42.0869 2360 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
23:12:42.0884 2360 WebClient - ok
23:12:42.0931 2360 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:12:42.0947 2360 Wecsvc - ok
23:12:42.0993 2360 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
23:12:43.0009 2360 WerSvc - ok
23:12:43.0056 2360 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:12:43.0087 2360 winachsf - ok
23:12:43.0087 2360 WinHttpAutoProxySvc - ok
23:12:43.0227 2360 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:12:43.0243 2360 Winmgmt - ok
23:12:43.0337 2360 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:12:43.0383 2360 WinRM - ok
23:12:43.0539 2360 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:12:43.0555 2360 Wlansvc - ok
23:12:43.0602 2360 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:12:43.0633 2360 WmiAcpi - ok
23:12:43.0680 2360 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:12:43.0711 2360 wmiApSrv - ok
23:12:43.0773 2360 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:12:43.0805 2360 WMPNetworkSvc - ok
23:12:43.0914 2360 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:12:43.0929 2360 WPDBusEnum - ok
23:12:43.0976 2360 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:12:44.0007 2360 WpdUsb - ok
23:12:44.0179 2360 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:12:44.0226 2360 WPFFontCache_v0400 - ok
23:12:44.0273 2360 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:12:44.0304 2360 ws2ifsl - ok
23:12:44.0460 2360 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
23:12:44.0538 2360 wuauserv - ok
23:12:44.0631 2360 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:12:44.0678 2360 WUDFRd - ok
23:12:44.0694 2360 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:12:44.0725 2360 wudfsvc - ok
23:12:44.0741 2360 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
23:12:44.0756 2360 XAudio - ok
23:12:44.0787 2360 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
23:12:44.0819 2360 XAudioService - ok
23:12:44.0865 2360 [ A4822191C7CEA271903C2A4FB6D9809D ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
23:12:44.0881 2360 yukonwlh - ok
23:12:44.0897 2360 ================ Scan global ===============================
23:12:44.0943 2360 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:12:44.0990 2360 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
23:12:45.0006 2360 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
23:12:45.0037 2360 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
23:12:45.0037 2360 [Global] - ok
23:12:45.0037 2360 ================ Scan MBR ==================================
23:12:45.0053 2360 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:12:45.0474 2360 \Device\Harddisk0\DR0 - ok
23:12:45.0474 2360 ================ Scan VBR ==================================
23:12:45.0505 2360 [ F216C6211B372ECDF341504EB8598959 ] \Device\Harddisk0\DR0\Partition1
23:12:45.0505 2360 \Device\Harddisk0\DR0\Partition1 - ok
23:12:45.0505 2360 ============================================================
23:12:45.0505 2360 Scan finished
23:12:45.0505 2360 ============================================================
23:12:45.0521 3416 Detected object count: 7
23:12:45.0521 3416 Actual detected object count: 7
23:12:50.0372 3416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0372 3416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0372 3416 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0372 3416 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0372 3416 KodakSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0372 3416 KodakSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0372 3416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0372 3416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0388 3416 nvlddmkm ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0388 3416 nvlddmkm ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0388 3416 nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0388 3416 nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:50.0388 3416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:50.0388 3416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu Log File avira rescue |
| antiviren, antivirus, avira, booten, dienst, email, ergebnis, file, file is encrypted, free, horse, installation, linux, log, log file, programme, rechner, rescue, scan, start, tournament, trojan, trojan horse, version, virenscan, virus |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
