Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Live Security Platinum Virusinfektion - alle Logs angehangen (https://www.trojaner-board.de/121641-live-security-platinum-virusinfektion-alle-logs-angehangen.html)

cosinus 21.08.2012 12:50
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

exedcuter 21.08.2012 22:35
Hallo Cosinus,

habe mir das TDSSKiller runtergeladen und den Scan wie gewünscht durchgeführt.

Anbei das Log:

Code:
23:29:40.0912 6084  TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:29:41.0336 6084  ============================================================
23:29:41.0336 6084  Current date / time: 2012/08/21 23:29:41.0336
23:29:41.0336 6084  SystemInfo:
23:29:41.0336 6084 
23:29:41.0336 6084  OS Version: 6.0.6002 ServicePack: 2.0
23:29:41.0337 6084  Product type: Workstation
23:29:41.0337 6084  ComputerName: PATTI-PC
23:29:41.0337 6084  UserName: Patti
23:29:41.0337 6084  Windows directory: C:\Windows
23:29:41.0337 6084  System windows directory: C:\Windows
23:29:41.0337 6084  Processor architecture: Intel x86
23:29:41.0337 6084  Number of processors: 2
23:29:41.0337 6084  Page size: 0x1000
23:29:41.0337 6084  Boot type: Normal boot
23:29:41.0337 6084  ============================================================
23:29:42.0297 6084  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:29:42.0316 6084  ============================================================
23:29:42.0316 6084  \Device\Harddisk0\DR0:
23:29:42.0316 6084  MBR partitions:
23:29:42.0335 6084  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA285D31
23:29:42.0335 6084  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA285D70, BlocksNum 0x14EA2ED2
23:29:42.0336 6084  ============================================================
23:29:42.0368 6084  C: <-> \Device\Harddisk0\DR0\Partition1
23:29:42.0403 6084  E: <-> \Device\Harddisk0\DR0\Partition2
23:29:42.0403 6084  ============================================================
23:29:42.0403 6084  Initialize success
23:29:42.0403 6084  ============================================================
23:31:11.0757 4376  ============================================================
23:31:11.0757 4376  Scan started
23:31:11.0757 4376  Mode: Manual; SigCheck; TDLFS;
23:31:11.0757 4376  ============================================================
23:31:12.0137 4376  ================ Scan services =============================
23:31:12.0357 4376  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
23:31:12.0567 4376  ACPI - ok
23:31:12.0677 4376  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:31:12.0707 4376  AdobeFlashPlayerUpdateSvc - ok
23:31:12.0777 4376  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
23:31:12.0827 4376  adp94xx - ok
23:31:12.0867 4376  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci        C:\Windows\system32\drivers\adpahci.sys
23:31:12.0907 4376  adpahci - ok
23:31:12.0927 4376  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
23:31:12.0957 4376  adpu160m - ok
23:31:12.0987 4376  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
23:31:13.0017 4376  adpu320 - ok
23:31:13.0067 4376  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
23:31:13.0197 4376  AeLookupSvc - ok
23:31:13.0247 4376  [ 3911B972B55FEA0478476B2E777B29FA ] AFD            C:\Windows\system32\drivers\afd.sys
23:31:13.0347 4376  AFD - ok
23:31:13.0417 4376  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
23:31:13.0567 4376  AgereSoftModem - ok
23:31:13.0607 4376  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:31:13.0627 4376  agp440 - ok
23:31:13.0647 4376  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
23:31:13.0667 4376  aic78xx - ok
23:31:13.0697 4376  [ A1545B731579895D8CC44FC0481C1192 ] ALG            C:\Windows\System32\alg.exe
23:31:13.0837 4376  ALG - ok
23:31:13.0857 4376  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:31:13.0877 4376  aliide - ok
23:31:13.0897 4376  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:31:13.0917 4376  amdagp - ok
23:31:13.0937 4376  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:31:13.0957 4376  amdide - ok
23:31:13.0987 4376  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7          C:\Windows\system32\drivers\amdk7.sys
23:31:14.0057 4376  AmdK7 - ok
23:31:14.0087 4376  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
23:31:14.0167 4376  AmdK8 - ok
23:31:14.0277 4376  [ A122D68EA2541453F787F341877CB40B ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:31:14.0307 4376  AntiVirSchedulerService - ok
23:31:14.0347 4376  [ 2FE359EDEB34EFCF42574752F8AEBD3F ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:31:14.0367 4376  AntiVirService - ok
23:31:14.0437 4376  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo        C:\Windows\System32\appinfo.dll
23:31:14.0517 4376  Appinfo - ok
23:31:14.0617 4376  [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:31:14.0627 4376  Apple Mobile Device - ok
23:31:14.0677 4376  [ 5D2888182FB46632511ACEE92FDAD522 ] arc            C:\Windows\system32\drivers\arc.sys
23:31:14.0697 4376  arc - ok
23:31:14.0757 4376  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:31:14.0787 4376  arcsas - ok
23:31:14.0817 4376  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:31:14.0877 4376  AsyncMac - ok
23:31:14.0937 4376  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi          C:\Windows\system32\drivers\atapi.sys
23:31:14.0967 4376  atapi - ok
23:31:15.0007 4376  [ 69E65A2CE11619F0C868967CA9540B80 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:31:15.0567 4376  ATSWPDRV - ok
23:31:15.0627 4376  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:31:15.0687 4376  AudioEndpointBuilder - ok
23:31:15.0717 4376  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:31:15.0757 4376  Audiosrv - ok
23:31:15.0807 4376  [ 7713E4EB0276702FAA08E52A6E23F2A6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:31:15.0827 4376  avgntflt - ok
23:31:15.0867 4376  [ 13B02B9B969DDE270CD7C351203DAD3C ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:31:15.0897 4376  avipbb - ok
23:31:15.0947 4376  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:31:15.0967 4376  avkmgr - ok
23:31:16.0067 4376  [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc          C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
23:31:16.0097 4376  BBSvc - ok
23:31:16.0147 4376  [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
23:31:16.0187 4376  BBUpdate - ok
23:31:16.0227 4376  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:31:16.0307 4376  Beep - ok
23:31:16.0347 4376  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:31:16.0407 4376  blbdrive - ok
23:31:16.0477 4376  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:31:16.0507 4376  Bonjour Service - ok
23:31:16.0567 4376  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:31:16.0607 4376  bowser - ok
23:31:16.0647 4376  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
23:31:16.0697 4376  BrFiltLo - ok
23:31:16.0717 4376  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
23:31:16.0777 4376  BrFiltUp - ok
23:31:16.0807 4376  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser        C:\Windows\System32\browser.dll
23:31:16.0917 4376  Browser - ok
23:31:16.0947 4376  [ B304E75CFF293029EDDF094246747113 ] Brserid        C:\Windows\system32\drivers\brserid.sys
23:31:17.0197 4376  Brserid - ok
23:31:17.0217 4376  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
23:31:17.0317 4376  BrSerWdm - ok
23:31:17.0337 4376  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
23:31:17.0457 4376  BrUsbMdm - ok
23:31:17.0477 4376  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
23:31:17.0577 4376  BrUsbSer - ok
23:31:17.0627 4376  [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum        C:\Windows\system32\DRIVERS\BthEnum.sys
23:31:17.0677 4376  BthEnum - ok
23:31:17.0697 4376  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:31:17.0797 4376  BTHMODEM - ok
23:31:17.0827 4376  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:31:17.0907 4376  BthPan - ok
23:31:17.0937 4376  [ 671134053D59E23704F08DB19F11E10B ] BTHPORT        C:\Windows\system32\Drivers\BTHport.sys
23:31:18.0027 4376  BTHPORT - ok
23:31:18.0087 4376  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ        C:\Windows\System32\bthserv.dll
23:31:18.0147 4376  BthServ - ok
23:31:18.0167 4376  [ 93D7007E2C660DFCCA6AE72622740B14 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:31:18.0237 4376  BTHUSB - ok
23:31:18.0277 4376  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:31:18.0337 4376  cdfs - ok
23:31:18.0387 4376  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
23:31:18.0447 4376  cdrom - ok
23:31:18.0487 4376  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc    C:\Windows\System32\certprop.dll
23:31:18.0567 4376  CertPropSvc - ok
23:31:18.0597 4376  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
23:31:18.0677 4376  circlass - ok
23:31:18.0747 4376  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
23:31:18.0777 4376  CLFS - ok
23:31:18.0857 4376  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:18.0877 4376  clr_optimization_v2.0.50727_32 - ok
23:31:18.0937 4376  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:31:18.0997 4376  CmBatt - ok
23:31:19.0047 4376  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:31:19.0067 4376  cmdide - ok
23:31:19.0077 4376  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:31:19.0107 4376  Compbatt - ok
23:31:19.0137 4376  COMSysApp - ok
23:31:19.0147 4376  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
23:31:19.0177 4376  crcdisk - ok
23:31:19.0197 4376  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
23:31:19.0267 4376  Crusoe - ok
23:31:19.0347 4376  [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:31:19.0397 4376  CryptSvc - ok
23:31:19.0437 4376  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:31:19.0557 4376  DcomLaunch - ok
23:31:19.0597 4376  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:31:19.0657 4376  DfsC - ok
23:31:19.0747 4376  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
23:31:20.0047 4376  DFSR - ok
23:31:20.0107 4376  [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
23:31:20.0127 4376  dgderdrv - ok
23:31:20.0227 4376  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
23:31:20.0287 4376  Dhcp - ok
23:31:20.0357 4376  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
23:31:20.0377 4376  disk - ok
23:31:20.0447 4376  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:31:20.0497 4376  Dnscache - ok
23:31:20.0537 4376  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc        C:\Windows\System32\dot3svc.dll
23:31:20.0597 4376  dot3svc - ok
23:31:20.0677 4376  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:31:20.0757 4376  Dot4 - ok
23:31:20.0797 4376  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print      C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:31:20.0847 4376  Dot4Print - ok
23:31:20.0897 4376  [ C55004CA6B419B6695970DFE849B122F ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
23:31:20.0947 4376  dot4usb - ok
23:31:21.0007 4376  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS            C:\Windows\system32\dps.dll
23:31:21.0067 4376  DPS - ok
23:31:21.0117 4376  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
23:31:21.0157 4376  drmkaud - ok
23:31:21.0207 4376  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
23:31:21.0257 4376  DXGKrnl - ok
23:31:21.0327 4376  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60          C:\Windows\system32\DRIVERS\E1G60I32.sys
23:31:21.0387 4376  E1G60 - ok
23:31:21.0427 4376  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost        C:\Windows\System32\eapsvc.dll
23:31:21.0467 4376  EapHost - ok
23:31:21.0517 4376  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
23:31:21.0547 4376  Ecache - ok
23:31:21.0597 4376  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
23:31:21.0657 4376  ehRecvr - ok
23:31:21.0697 4376  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched        C:\Windows\ehome\ehsched.exe
23:31:21.0757 4376  ehSched - ok
23:31:21.0787 4376  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart        C:\Windows\ehome\ehstart.dll
23:31:21.0827 4376  ehstart - ok
23:31:21.0887 4376  [ 23B62471681A124889978F6295B3F4C6 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
23:31:21.0927 4376  elxstor - ok
23:31:21.0987 4376  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
23:31:22.0067 4376  EMDMgmt - ok
23:31:22.0127 4376  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:31:22.0187 4376  ErrDev - ok
23:31:22.0257 4376  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem    C:\Windows\system32\es.dll
23:31:22.0307 4376  EventSystem - ok
23:31:22.0387 4376  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat          C:\Windows\system32\drivers\exfat.sys
23:31:22.0437 4376  exfat - ok
23:31:22.0487 4376  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
23:31:22.0527 4376  fastfat - ok
23:31:22.0547 4376  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
23:31:22.0617 4376  fdc - ok
23:31:22.0657 4376  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost        C:\Windows\system32\fdPHost.dll
23:31:22.0707 4376  fdPHost - ok
23:31:22.0717 4376  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:31:22.0837 4376  FDResPub - ok
23:31:22.0877 4376  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:31:22.0897 4376  FileInfo - ok
23:31:22.0917 4376  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
23:31:22.0977 4376  Filetrace - ok
23:31:22.0997 4376  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:31:23.0057 4376  flpydisk - ok
23:31:23.0107 4376  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:31:23.0137 4376  FltMgr - ok
23:31:23.0207 4376  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache      C:\Windows\system32\FntCache.dll
23:31:23.0367 4376  FontCache - ok
23:31:23.0427 4376  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:31:23.0457 4376  FontCache3.0.0.0 - ok
23:31:23.0487 4376  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:31:23.0547 4376  Fs_Rec - ok
23:31:23.0577 4376  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:31:23.0607 4376  gagp30kx - ok
23:31:23.0647 4376  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:31:23.0657 4376  GEARAspiWDM - ok
23:31:23.0737 4376  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
23:31:23.0757 4376  GoogleDesktopManager-051210-111108 - ok
23:31:23.0837 4376  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc          C:\Windows\System32\gpsvc.dll
23:31:23.0987 4376  gpsvc - ok
23:31:24.0037 4376  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:31:24.0137 4376  HdAudAddService - ok
23:31:24.0207 4376  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:31:24.0307 4376  HDAudBus - ok
23:31:24.0347 4376  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:31:24.0437 4376  HidBth - ok
23:31:24.0457 4376  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr          C:\Windows\system32\drivers\hidir.sys
23:31:24.0557 4376  HidIr - ok
23:31:24.0587 4376  [ 84067081F3318162797385E11A8F0582 ] hidserv        C:\Windows\system32\hidserv.dll
23:31:24.0627 4376  hidserv - ok
23:31:24.0687 4376  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:31:24.0737 4376  HidUsb - ok
23:31:24.0767 4376  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:31:24.0827 4376  hkmsvc - ok
23:31:24.0877 4376  [ 18FB2C0D28E0E6F0A478EDCAA4DD99CC ] hotcore3        C:\Windows\system32\drivers\hotcore3.sys
23:31:24.0897 4376  hotcore3 - ok
23:31:24.0967 4376  [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey          C:\Windows\system32\drivers\Hotkey.sys
23:31:24.0987 4376  Hotkey ( UnsignedFile.Multi.Generic ) - warning
23:31:24.0987 4376  Hotkey - detected UnsignedFile.Multi.Generic (1)
23:31:25.0017 4376  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
23:31:25.0047 4376  HpCISSs - ok
23:31:25.0127 4376  [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:31:25.0157 4376  hpqcxs08 - ok
23:31:25.0187 4376  [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:31:25.0207 4376  hpqddsvc - ok
23:31:25.0267 4376  [ 56FC98F1014EA8DC51B92839C32759EC ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:31:25.0337 4376  HPSLPSVC - ok
23:31:25.0387 4376  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:31:25.0477 4376  HTTP - ok
23:31:25.0517 4376  [ C6B032D69650985468160FC9937CF5B4 ] i2omp          C:\Windows\system32\drivers\i2omp.sys
23:31:25.0537 4376  i2omp - ok
23:31:25.0597 4376  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:31:25.0637 4376  i8042prt - ok
23:31:25.0727 4376  [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:31:25.0757 4376  IAANTMON - ok
23:31:25.0797 4376  [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:31:25.0827 4376  iaStor - ok
23:31:25.0857 4376  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
23:31:25.0887 4376  iaStorV - ok
23:31:25.0977 4376  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:31:25.0997 4376  IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:31:25.0997 4376  IDriverT - detected UnsignedFile.Multi.Generic (1)
23:31:26.0067 4376  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:31:26.0187 4376  idsvc - ok
23:31:26.0237 4376  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
23:31:26.0257 4376  iirsp - ok
23:31:26.0347 4376  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:31:26.0437 4376  IKEEXT - ok
23:31:26.0547 4376  [ A82C70CBAEC7B10E4C9C1341D729640F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:31:26.0747 4376  IntcAzAudAddService - ok
23:31:26.0777 4376  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:31:26.0807 4376  intelide - ok
23:31:26.0867 4376  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:31:26.0937 4376  intelppm - ok
23:31:26.0997 4376  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
23:31:27.0067 4376  IPBusEnum - ok
23:31:27.0087 4376  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:31:27.0147 4376  IpFilterDriver - ok
23:31:27.0157 4376  IpInIp - ok
23:31:27.0187 4376  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
23:31:27.0237 4376  IPMIDRV - ok
23:31:27.0257 4376  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
23:31:27.0307 4376  IPNAT - ok
23:31:27.0367 4376  [ 630D74599070824AF3DC63A894ADCDFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:31:27.0417 4376  iPod Service - ok
23:31:27.0437 4376  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:31:27.0487 4376  IRENUM - ok
23:31:27.0517 4376  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:31:27.0537 4376  isapnp - ok
23:31:27.0607 4376  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:31:27.0637 4376  iScsiPrt - ok
23:31:27.0657 4376  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
23:31:27.0687 4376  iteatapi - ok
23:31:27.0717 4376  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid        C:\Windows\system32\drivers\iteraid.sys
23:31:27.0737 4376  iteraid - ok
23:31:27.0767 4376  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:31:27.0787 4376  kbdclass - ok
23:31:27.0827 4376  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:31:27.0877 4376  kbdhid - ok
23:31:27.0917 4376  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
23:31:27.0957 4376  KeyIso - ok
23:31:28.0017 4376  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:31:28.0077 4376  KSecDD - ok
23:31:28.0177 4376  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm          C:\Windows\system32\msdtckrm.dll
23:31:28.0267 4376  KtmRm - ok
23:31:28.0317 4376  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:31:28.0357 4376  LanmanServer - ok
23:31:28.0387 4376  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:31:28.0457 4376  LanmanWorkstation - ok
23:31:28.0497 4376  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:31:28.0567 4376  lltdio - ok
23:31:28.0627 4376  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
23:31:28.0697 4376  lltdsvc - ok
23:31:28.0717 4376  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts        C:\Windows\System32\lmhsvc.dll
23:31:28.0807 4376  lmhosts - ok
23:31:28.0857 4376  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:31:28.0887 4376  LSI_FC - ok
23:31:28.0917 4376  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
23:31:28.0947 4376  LSI_SAS - ok
23:31:28.0967 4376  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:31:28.0997 4376  LSI_SCSI - ok
23:31:29.0027 4376  [ 8F5C7426567798E62A3B3614965D62CC ] luafv          C:\Windows\system32\drivers\luafv.sys
23:31:29.0087 4376  luafv - ok
23:31:29.0117 4376  [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
23:31:29.0137 4376  MBAMProtector - ok
23:31:29.0227 4376  [ 43683E970F008C93C9429EF428147A54 ] MBAMService    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:31:29.0317 4376  MBAMService - ok
23:31:29.0387 4376  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
23:31:29.0417 4376  Mcx2Svc - ok
23:31:29.0487 4376  [ 0001CE609D66632FA17B84705F658879 ] megasas        C:\Windows\system32\drivers\megasas.sys
23:31:29.0517 4376  megasas - ok
23:31:29.0567 4376  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
23:31:29.0627 4376  MegaSR - ok
23:31:29.0717 4376  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:31:29.0737 4376  Microsoft Office Groove Audit Service - ok
23:31:29.0787 4376  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS          C:\Windows\system32\mmcss.dll
23:31:29.0847 4376  MMCSS - ok
23:31:29.0877 4376  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem          C:\Windows\system32\drivers\modem.sys
23:31:29.0947 4376  Modem - ok
23:31:29.0997 4376  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
23:31:30.0047 4376  monitor - ok
23:31:30.0077 4376  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:31:30.0097 4376  mouclass - ok
23:31:30.0147 4376  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:31:30.0207 4376  mouhid - ok
23:31:30.0227 4376  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
23:31:30.0247 4376  MountMgr - ok
23:31:30.0297 4376  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:31:30.0327 4376  MozillaMaintenance - ok
23:31:30.0357 4376  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:31:30.0387 4376  mpio - ok
23:31:30.0417 4376  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:31:30.0477 4376  mpsdrv - ok
23:31:30.0507 4376  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
23:31:30.0537 4376  Mraid35x - ok
23:31:30.0577 4376  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:31:30.0617 4376  MRxDAV - ok
23:31:30.0637 4376  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:31:30.0677 4376  mrxsmb - ok
23:31:30.0727 4376  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:31:30.0767 4376  mrxsmb10 - ok
23:31:30.0777 4376  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:31:30.0817 4376  mrxsmb20 - ok
23:31:30.0827 4376  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
23:31:30.0857 4376  msahci - ok
23:31:30.0877 4376  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
23:31:30.0907 4376  msdsm - ok
23:31:30.0937 4376  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC          C:\Windows\System32\msdtc.exe
23:31:31.0027 4376  MSDTC - ok
23:31:31.0087 4376  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:31:31.0137 4376  Msfs - ok
23:31:31.0177 4376  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:31:31.0207 4376  msisadrv - ok
23:31:31.0247 4376  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
23:31:31.0317 4376  MSiSCSI - ok
23:31:31.0327 4376  MSIServer - ok
23:31:31.0347 4376  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
23:31:31.0417 4376  MSKSSRV - ok
23:31:31.0437 4376  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:31:31.0477 4376  MSPCLOCK - ok
23:31:31.0547 4376  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
23:31:31.0597 4376  MSPQM - ok
23:31:31.0637 4376  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
23:31:31.0667 4376  MsRPC - ok
23:31:31.0687 4376  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:31:31.0717 4376  mssmbios - ok
23:31:31.0787 4376  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
23:31:31.0827 4376  MSTEE - ok
23:31:31.0857 4376  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup            C:\Windows\system32\Drivers\mup.sys
23:31:31.0887 4376  Mup - ok
23:31:31.0947 4376  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
23:31:32.0027 4376  napagent - ok
23:31:32.0067 4376  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
23:31:32.0097 4376  NativeWifiP - ok
23:31:32.0147 4376  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:31:32.0237 4376  NDIS - ok
23:31:32.0267 4376  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:31:32.0327 4376  NdisTapi - ok
23:31:32.0357 4376  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
23:31:32.0397 4376  Ndisuio - ok
23:31:32.0457 4376  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
23:31:32.0497 4376  NdisWan - ok
23:31:32.0547 4376  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
23:31:32.0577 4376  NDProxy - ok
23:31:32.0737 4376  [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23:31:32.0847 4376  Nero BackItUp Scheduler 3 - ok
23:31:32.0917 4376  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:31:32.0937 4376  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:31:32.0937 4376  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:31:32.0977 4376  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
23:31:33.0027 4376  NetBIOS - ok
23:31:33.0067 4376  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
23:31:33.0137 4376  netbt - ok
23:31:33.0167 4376  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
23:31:33.0197 4376  Netlogon - ok
23:31:33.0247 4376  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
23:31:33.0297 4376  Netman - ok
23:31:33.0327 4376  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
23:31:33.0397 4376  netprofm - ok
23:31:33.0457 4376  [ B05FFE38336193A9B988B00B230C5B80 ] netr28          C:\Windows\system32\DRIVERS\netr28.sys
23:31:33.0527 4376  netr28 - ok
23:31:33.0557 4376  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:31:33.0577 4376  NetTcpPortSharing - ok
23:31:33.0687 4376  [ DD194A025D1C0472F45F57DE8D8388EB ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
23:31:33.0987 4376  NETw4v32 - ok
23:31:34.0047 4376  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
23:31:34.0067 4376  nfrd960 - ok
23:31:34.0157 4376  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:31:34.0207 4376  NlaSvc - ok
23:31:34.0287 4376  [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
23:31:34.0387 4376  NMIndexingService - ok
23:31:34.0447 4376  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:31:34.0497 4376  Npfs - ok
23:31:34.0517 4376  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi            C:\Windows\system32\nsisvc.dll
23:31:34.0577 4376  nsi - ok
23:31:34.0617 4376  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:31:34.0677 4376  nsiproxy - ok
23:31:34.0757 4376  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:31:34.0907 4376  Ntfs - ok
23:31:34.0937 4376  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi      C:\Windows\system32\drivers\ntrigdigi.sys
23:31:35.0027 4376  ntrigdigi - ok
23:31:35.0057 4376  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
23:31:35.0097 4376  Null - ok
23:31:35.0357 4376  [ 3F6D9DECAD6E6EF48B7FB0BB560B76BB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:31:35.0807 4376  nvlddmkm - ok
23:31:35.0887 4376  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:31:35.0917 4376  nvraid - ok
23:31:35.0937 4376  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:31:35.0957 4376  nvstor - ok
23:31:36.0007 4376  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:31:36.0037 4376  nv_agp - ok
23:31:36.0047 4376  NwlnkFlt - ok
23:31:36.0057 4376  NwlnkFwd - ok
23:31:36.0137 4376  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:31:36.0187 4376  odserv - ok
23:31:36.0237 4376  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:31:36.0327 4376  ohci1394 - ok
23:31:36.0417 4376  [ 27915BDFF44CA08E85DA3D1DDB7B6ECD ] omniserv        C:\Program Files\Softex\OmniPass\OmniServ.exe
23:31:36.0447 4376  omniserv ( UnsignedFile.Multi.Generic ) - warning
23:31:36.0447 4376  omniserv - detected UnsignedFile.Multi.Generic (1)
23:31:36.0477 4376  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:31:36.0507 4376  ose - ok
23:31:36.0587 4376  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
23:31:36.0737 4376  p2pimsvc - ok
23:31:36.0757 4376  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:31:36.0837 4376  p2psvc - ok
23:31:36.0887 4376  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport        C:\Windows\system32\drivers\parport.sys
23:31:36.0997 4376  Parport - ok
23:31:37.0037 4376  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
23:31:37.0067 4376  partmgr - ok
23:31:37.0117 4376  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:31:37.0197 4376  Parvdm - ok
23:31:37.0227 4376  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:31:37.0297 4376  PcaSvc - ok
23:31:37.0357 4376  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci            C:\Windows\system32\drivers\pci.sys
23:31:37.0387 4376  pci - ok
23:31:37.0427 4376  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
23:31:37.0457 4376  pciide - ok
23:31:37.0487 4376  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:31:37.0517 4376  pcmcia - ok
23:31:37.0577 4376  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:31:37.0717 4376  PEAUTH - ok
23:31:37.0797 4376  [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap        C:\Windows\system32\DRIVERS\PhilCap.sys
23:31:37.0927 4376  PhilCap - ok
23:31:38.0027 4376  [ B1689DF169143F57053F795390C99DB3 ] pla            C:\Windows\system32\pla.dll
23:31:38.0257 4376  pla - ok
23:31:38.0317 4376  [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
23:31:38.0337 4376  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
23:31:38.0337 4376  PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
23:31:38.0387 4376  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:31:38.0467 4376  PlugPlay - ok
23:31:38.0537 4376  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:31:38.0537 4376  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:31:38.0537 4376  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:31:38.0577 4376  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
23:31:38.0677 4376  PNRPAutoReg - ok
23:31:38.0727 4376  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc        C:\Windows\system32\p2psvc.dll
23:31:38.0817 4376  PNRPsvc - ok
23:31:38.0887 4376  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
23:31:38.0947 4376  PolicyAgent - ok
23:31:38.0997 4376  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:31:39.0067 4376  PptpMiniport - ok
23:31:39.0127 4376  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor      C:\Windows\system32\drivers\processr.sys
23:31:39.0187 4376  Processor - ok
23:31:39.0227 4376  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc        C:\Windows\system32\profsvc.dll
23:31:39.0267 4376  ProfSvc - ok
23:31:39.0297 4376  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:31:39.0327 4376  ProtectedStorage - ok
23:31:39.0367 4376  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
23:31:39.0427 4376  PSched - ok
23:31:39.0507 4376  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:31:39.0667 4376  ql2300 - ok
23:31:39.0727 4376  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:31:39.0747 4376  ql40xx - ok
23:31:39.0777 4376  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE          C:\Windows\system32\qwave.dll
23:31:39.0837 4376  QWAVE - ok
23:31:39.0857 4376  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:31:39.0877 4376  QWAVEdrv - ok
23:31:39.0897 4376  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:31:39.0967 4376  RasAcd - ok
23:31:40.0007 4376  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto        C:\Windows\System32\rasauto.dll
23:31:40.0077 4376  RasAuto - ok
23:31:40.0117 4376  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
23:31:40.0187 4376  Rasl2tp - ok
23:31:40.0227 4376  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
23:31:40.0277 4376  RasMan - ok
23:31:40.0307 4376  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:31:40.0367 4376  RasPppoe - ok
23:31:40.0407 4376  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
23:31:40.0437 4376  RasSstp - ok
23:31:40.0487 4376  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
23:31:40.0547 4376  rdbss - ok
23:31:40.0577 4376  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:31:40.0637 4376  RDPCDD - ok
23:31:40.0677 4376  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
23:31:40.0727 4376  rdpdr - ok
23:31:40.0737 4376  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:31:40.0787 4376  RDPENCDD - ok
23:31:40.0837 4376  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
23:31:40.0877 4376  RDPWD - ok
23:31:40.0937 4376  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:31:40.0987 4376  RemoteAccess - ok
23:31:41.0017 4376  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:31:41.0057 4376  RemoteRegistry - ok
23:31:41.0107 4376  [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:31:41.0157 4376  RFCOMM - ok
23:31:41.0247 4376  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:31:41.0277 4376  RichVideo - ok
23:31:41.0317 4376  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
23:31:41.0367 4376  RpcLocator - ok
23:31:41.0437 4376  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs          C:\Windows\system32\rpcss.dll
23:31:41.0487 4376  RpcSs - ok
23:31:41.0537 4376  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:31:41.0587 4376  rspndr - ok
23:31:41.0607 4376  [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169        C:\Windows\system32\DRIVERS\Rtlh86.sys
23:31:41.0677 4376  RTL8169 - ok
23:31:41.0717 4376  [ 0D1C1B0DE2819FE1EA25098183130B64 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
23:31:41.0757 4376  RTSTOR - ok
23:31:41.0777 4376  [ A3E186B4B935905B829219502557314E ] SamSs          C:\Windows\system32\lsass.exe
23:31:41.0807 4376  SamSs - ok
23:31:41.0827 4376  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:31:41.0867 4376  sbp2port - ok
23:31:41.0907 4376  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:31:41.0947 4376  SCardSvr - ok
23:31:41.0997 4376  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
23:31:42.0127 4376  Schedule - ok
23:31:42.0167 4376  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc    C:\Windows\System32\certprop.dll
23:31:42.0207 4376  SCPolicySvc - ok
23:31:42.0267 4376  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:31:42.0327 4376  SDRSVC - ok
23:31:42.0377 4376  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:31:42.0477 4376  secdrv - ok
23:31:42.0497 4376  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
23:31:42.0547 4376  seclogon - ok
23:31:42.0587 4376  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
23:31:42.0657 4376  SENS - ok
23:31:42.0697 4376  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum        C:\Windows\system32\drivers\serenum.sys
23:31:42.0777 4376  Serenum - ok
23:31:42.0797 4376  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
23:31:42.0877 4376  Serial - ok
23:31:42.0907 4376  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:31:42.0957 4376  sermouse - ok
23:31:42.0997 4376  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:31:43.0057 4376  SessionEnv - ok
23:31:43.0087 4376  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
23:31:43.0127 4376  sffdisk - ok
23:31:43.0157 4376  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:31:43.0217 4376  sffp_mmc - ok
23:31:43.0247 4376  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
23:31:43.0307 4376  sffp_sd - ok
23:31:43.0337 4376  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
23:31:43.0437 4376  sfloppy - ok
23:31:43.0477 4376  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:31:43.0547 4376  ShellHWDetection - ok
23:31:43.0607 4376  [ 4346D5BBDDE7756D8614A3F193D60984 ] Si3531          C:\Windows\system32\DRIVERS\Si3531.sys
23:31:43.0627 4376  Si3531 - ok
23:31:43.0657 4376  [ E853C341BBF4AC0007A8DB0858DBB09D ] SiFilter        C:\Windows\system32\DRIVERS\SiWinAcc.sys
23:31:43.0677 4376  SiFilter - ok
23:31:43.0717 4376  [ D80E6F142EB4963E82A8537DD745F51B ] SiRemFil        C:\Windows\system32\DRIVERS\SiRemFil.sys
23:31:43.0737 4376  SiRemFil - ok
23:31:43.0787 4376  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:31:43.0817 4376  sisagp - ok
23:31:43.0837 4376  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
23:31:43.0867 4376  SiSRaid2 - ok
23:31:43.0897 4376  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:31:43.0927 4376  SiSRaid4 - ok
23:31:44.0047 4376  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc          C:\Windows\system32\SLsvc.exe
23:31:44.0477 4376  slsvc - ok
23:31:44.0597 4376  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
23:31:44.0657 4376  SLUINotify - ok
23:31:44.0717 4376  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
23:31:44.0797 4376  Smb - ok
23:31:44.0847 4376  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:31:44.0867 4376  SNMPTRAP - ok
23:31:44.0907 4376  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr          C:\Windows\system32\drivers\spldr.sys
23:31:44.0927 4376  spldr - ok
23:31:44.0987 4376  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler        C:\Windows\System32\spoolsv.exe
23:31:45.0047 4376  Spooler - ok
23:31:45.0117 4376  [ A80CD850D69D996C832BEA37E3A6AA1E ] sptd            C:\Windows\System32\Drivers\sptd.sys
23:31:45.0227 4376  sptd - ok
23:31:45.0287 4376  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv            C:\Windows\system32\DRIVERS\srv.sys
23:31:45.0347 4376  srv - ok
23:31:45.0397 4376  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:31:45.0457 4376  srv2 - ok
23:31:45.0497 4376  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:31:45.0537 4376  srvnet - ok
23:31:45.0587 4376  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
23:31:45.0637 4376  SSDPSRV - ok
23:31:45.0667 4376  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
23:31:45.0687 4376  ssmdrv - ok
23:31:45.0727 4376  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
23:31:45.0757 4376  SstpSvc - ok
23:31:45.0807 4376  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:31:45.0857 4376  StillCam - ok
23:31:45.0947 4376  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
23:31:46.0067 4376  stisvc - ok
23:31:46.0107 4376  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:31:46.0127 4376  swenum - ok
23:31:46.0187 4376  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv          C:\Windows\System32\swprv.dll
23:31:46.0287 4376  swprv - ok
23:31:46.0327 4376  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
23:31:46.0347 4376  Symc8xx - ok
23:31:46.0397 4376  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
23:31:46.0427 4376  Sym_hi - ok
23:31:46.0457 4376  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
23:31:46.0477 4376  Sym_u3 - ok
23:31:46.0547 4376  [ 4C6DE67EBB6C487F7690A373FCFDE279 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
23:31:46.0567 4376  SynTP - ok
23:31:46.0637 4376  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain        C:\Windows\system32\sysmain.dll
23:31:46.0717 4376  SysMain - ok
23:31:46.0777 4376  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:31:46.0817 4376  TabletInputService - ok
23:31:46.0867 4376  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv        C:\Windows\System32\tapisrv.dll
23:31:46.0957 4376  TapiSrv - ok
23:31:46.0987 4376  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS            C:\Windows\System32\tbssvc.dll
23:31:47.0047 4376  TBS - ok
23:31:47.0117 4376  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
23:31:47.0297 4376  Tcpip - ok
23:31:47.0357 4376  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
23:31:47.0487 4376  Tcpip6 - ok
23:31:47.0547 4376  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:31:47.0597 4376  tcpipreg - ok
23:31:47.0627 4376  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:31:47.0677 4376  TDPIPE - ok
23:31:47.0707 4376  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
23:31:47.0757 4376  TDTCP - ok
23:31:47.0797 4376  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
23:31:47.0847 4376  tdx - ok
23:31:47.0867 4376  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:31:47.0897 4376  TermDD - ok
23:31:47.0947 4376  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService    C:\Windows\System32\termsrv.dll
23:31:48.0037 4376  TermService - ok
23:31:48.0087 4376  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
23:31:48.0117 4376  Themes - ok
23:31:48.0157 4376  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER    C:\Windows\system32\mmcss.dll
23:31:48.0207 4376  THREADORDER - ok
23:31:48.0247 4376  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
23:31:48.0317 4376  TrkWks - ok
23:31:48.0377 4376  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:31:48.0417 4376  TrustedInstaller - ok
23:31:48.0447 4376  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:31:48.0507 4376  tssecsrv - ok
23:31:48.0547 4376  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
23:31:48.0607 4376  tunmp - ok
23:31:48.0627 4376  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:31:48.0667 4376  tunnel - ok
23:31:48.0697 4376  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:31:48.0717 4376  uagp35 - ok
23:31:48.0767 4376  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:31:48.0807 4376  udfs - ok
23:31:48.0867 4376  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
23:31:48.0917 4376  UI0Detect - ok
23:31:48.0977 4376  [ 02F1F0D0BAE4FE2C3CA14C2ED447B13A ] UimBus          C:\Windows\system32\DRIVERS\UimBus.sys
23:31:48.0987 4376  UimBus - ok
23:31:49.0027 4376  [ 73CC9C7BDDB33377B6E957BE12DCCC0F ] Uim_IM          C:\Windows\system32\Drivers\Uim_IM.sys
23:31:49.0047 4376  Uim_IM - ok
23:31:49.0087 4376  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:31:49.0117 4376  uliagpkx - ok
23:31:49.0157 4376  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci        C:\Windows\system32\drivers\uliahci.sys
23:31:49.0187 4376  uliahci - ok
23:31:49.0217 4376  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
23:31:49.0237 4376  UlSata - ok
23:31:49.0267 4376  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
23:31:49.0297 4376  ulsata2 - ok
23:31:49.0337 4376  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
23:31:49.0387 4376  umbus - ok
23:31:49.0457 4376  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
23:31:49.0527 4376  upnphost - ok
23:31:49.0587 4376  [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL        C:\Windows\system32\Drivers\usbaapl.sys
23:31:49.0617 4376  USBAAPL - ok
23:31:49.0657 4376  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
23:31:49.0717 4376  usbccgp - ok
23:31:49.0737 4376  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:31:49.0827 4376  usbcir - ok
23:31:49.0887 4376  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
23:31:49.0937 4376  usbehci - ok
23:31:49.0967 4376  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:31:50.0017 4376  usbhub - ok
23:31:50.0037 4376  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci        C:\Windows\system32\drivers\usbohci.sys
23:31:50.0117 4376  usbohci - ok
23:31:50.0167 4376  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:31:50.0227 4376  usbprint - ok
23:31:50.0267 4376  [ A508C9BD8724980512136B039BBA65E9 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
23:31:50.0317 4376  usbscan - ok
23:31:50.0357 4376  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:31:50.0407 4376  USBSTOR - ok
23:31:50.0437 4376  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
23:31:50.0487 4376  usbuhci - ok
23:31:50.0537 4376  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:31:50.0607 4376  usbvideo - ok
23:31:50.0677 4376  [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
23:31:50.0717 4376  usb_rndisx - ok
23:31:50.0767 4376  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms          C:\Windows\System32\uxsms.dll
23:31:50.0817 4376  UxSms - ok
23:31:50.0857 4376  [ CD88D1B7776DC17A119049742EC07EB4 ] vds            C:\Windows\System32\vds.exe
23:31:50.0947 4376  vds - ok
23:31:50.0997 4376  [ 87B06E1F30B749A114F74622D013F8D4 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
23:31:51.0057 4376  vga - ok
23:31:51.0077 4376  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave        C:\Windows\System32\drivers\vga.sys
23:31:51.0147 4376  VgaSave - ok
23:31:51.0167 4376  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:31:51.0197 4376  viaagp - ok
23:31:51.0217 4376  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7          C:\Windows\system32\drivers\viac7.sys
23:31:51.0267 4376  ViaC7 - ok
23:31:51.0297 4376  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
23:31:51.0317 4376  viaide - ok
23:31:51.0337 4376  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:31:51.0367 4376  volmgr - ok
23:31:51.0397 4376  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
23:31:51.0437 4376  volmgrx - ok
23:31:51.0487 4376  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
23:31:51.0517 4376  volsnap - ok
23:31:51.0557 4376  [ 587253E09325E6BF226B299774B728A9 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
23:31:51.0587 4376  vsmraid - ok
23:31:51.0657 4376  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS            C:\Windows\system32\vssvc.exe
23:31:51.0827 4376  VSS - ok
23:31:51.0877 4376  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time        C:\Windows\system32\w32time.dll
23:31:51.0937 4376  W32Time - ok
23:31:51.0967 4376  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:31:52.0047 4376  WacomPen - ok
23:31:52.0057 4376  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:31:52.0107 4376  Wanarp - ok
23:31:52.0117 4376  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:31:52.0157 4376  Wanarpv6 - ok
23:31:52.0187 4376  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc        C:\Windows\System32\wcncsvc.dll
23:31:52.0227 4376  wcncsvc - ok
23:31:52.0277 4376  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:31:52.0317 4376  WcsPlugInService - ok
23:31:52.0337 4376  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
23:31:52.0367 4376  Wd - ok
23:31:52.0397 4376  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:31:52.0507 4376  Wdf01000 - ok
23:31:52.0547 4376  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:31:52.0607 4376  WdiServiceHost - ok
23:31:52.0617 4376  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost  C:\Windows\system32\wdi.dll
23:31:52.0667 4376  WdiSystemHost - ok
23:31:52.0737 4376  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient      C:\Windows\System32\webclnt.dll
23:31:52.0777 4376  WebClient - ok
23:31:52.0827 4376  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:31:52.0877 4376  Wecsvc - ok
23:31:52.0907 4376  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
23:31:52.0967 4376  wercplsupport - ok
23:31:53.0007 4376  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:31:53.0047 4376  WerSvc - ok
23:31:53.0067 4376  WinHttpAutoProxySvc - ok
23:31:53.0147 4376  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
23:31:53.0187 4376  Winmgmt - ok
23:31:53.0247 4376  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM          C:\Windows\system32\WsmSvc.dll
23:31:53.0417 4376  WinRM - ok
23:31:53.0477 4376  [ F0FE933E27F1E2A83FF322A0693A4724 ] WisLMSvc        C:\Program Files\Launch Manager\WisLMSvc.exe
23:31:53.0497 4376  WisLMSvc ( UnsignedFile.Multi.Generic ) - warning
23:31:53.0497 4376  WisLMSvc - detected UnsignedFile.Multi.Generic (1)
23:31:53.0547 4376  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc        C:\Windows\System32\wlansvc.dll
23:31:53.0667 4376  Wlansvc - ok
23:31:53.0787 4376  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:31:53.0957 4376  wlidsvc - ok
23:31:53.0997 4376  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
23:31:54.0067 4376  WmiAcpi - ok
23:31:54.0137 4376  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:31:54.0177 4376  wmiApSrv - ok
23:31:54.0267 4376  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
23:31:54.0427 4376  WMPNetworkSvc - ok
23:31:54.0487 4376  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:31:54.0547 4376  WPCSvc - ok
23:31:54.0607 4376  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:31:54.0657 4376  WPDBusEnum - ok
23:31:54.0697 4376  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
23:31:54.0757 4376  WpdUsb - ok
23:31:54.0797 4376  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
23:31:54.0857 4376  ws2ifsl - ok
23:31:54.0907 4376  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
23:31:54.0947 4376  WSDPrintDevice - ok
23:31:54.0947 4376  WSearch - ok
23:31:54.0997 4376  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:31:55.0057 4376  WUDFRd - ok
23:31:55.0087 4376  [ 575A4190D989F64732119E4114045A4F ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
23:31:55.0157 4376  wudfsvc - ok
23:31:55.0197 4376  [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid          C:\Windows\system32\Drivers\x10hid.sys
23:31:55.0217 4376  X10Hid - ok
23:31:55.0277 4376  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets        C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
23:31:55.0277 4376  x10nets ( UnsignedFile.Multi.Generic ) - warning
23:31:55.0277 4376  x10nets - detected UnsignedFile.Multi.Generic (1)
23:31:55.0337 4376  [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
23:31:55.0357 4376  XUIF - ok
23:31:55.0407 4376  ================ Scan global ===============================
23:31:55.0437 4376  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:31:55.0487 4376  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:31:55.0557 4376  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:31:55.0627 4376  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:31:55.0627 4376  [Global] - ok
23:31:55.0637 4376  ================ Scan MBR ==================================
23:31:55.0647 4376  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:31:56.0497 4376  \Device\Harddisk0\DR0 - ok
23:31:56.0497 4376  ================ Scan VBR ==================================
23:31:56.0497 4376  [ E05128336B477B324B7645A3F02D7A9C ] \Device\Harddisk0\DR0\Partition1
23:31:56.0507 4376  \Device\Harddisk0\DR0\Partition1 - ok
23:31:56.0537 4376  [ 749C2DF9A6A7D4102A87C17984F0AE5E ] \Device\Harddisk0\DR0\Partition2
23:31:56.0547 4376  \Device\Harddisk0\DR0\Partition2 - ok
23:31:56.0547 4376  ============================================================
23:31:56.0547 4376  Scan finished
23:31:56.0547 4376  ============================================================
23:31:56.0567 5128  Detected object count: 8
23:31:56.0567 5128  Actual detected object count: 8
23:32:23.0197 5128  Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0197 5128  Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0197 5128  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0197 5128  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0197 5128  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0207 5128  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0207 5128  omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0207 5128  omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0207 5128  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0207 5128  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0217 5128  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0217 5128  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0217 5128  WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0217 5128  WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:32:23.0217 5128  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:23.0217 5128  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank und dir einen schönen Urlaub.

Gruß
Exedcuter

cosinus 30.08.2012 12:46
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

exedcuter 31.08.2012 21:26
Hallo Cosinus,

ich hoffe du hattest einen schönen Urlaub, anbei das Log des Combofix:

Combofix Logfile:
Code:
ComboFix 12-08-30.05 - Patti 31.08.2012  21:34:28.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.3070.1986 [GMT 2:00]
ausgeführt von:: c:\users\Patti\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Patti\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\windows\system32\
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-28 bis 2012-08-31  ))))))))))))))))))))))))))))))
.
.
2012-08-31 20:11 . 2012-08-31 20:11        --------        d-----w-        c:\users\Ines\AppData\Local\temp
2012-08-31 20:11 . 2012-08-31 20:11        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-08-20 20:21 . 2012-08-20 20:21        --------        d-----w-        C:\_OTL
2012-08-18 15:00 . 2012-08-18 15:00        --------        d-----w-        c:\users\Ines\AppData\Local\Macromedia
2012-08-18 14:52 . 2012-08-18 14:52        --------        d-----w-        c:\users\Ines\AppData\Roaming\HPAppData
2012-08-13 09:09 . 2012-08-13 09:09        --------        d-----w-        c:\program files\ESET
2012-08-09 07:33 . 2012-08-09 07:33        --------        d-----w-        c:\users\Patti\AppData\Roaming\Malwarebytes
2012-08-09 07:32 . 2012-08-09 07:32        --------        d-----w-        c:\programdata\Malwarebytes
2012-08-09 07:32 . 2012-08-09 07:32        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-08-09 07:32 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-08-03 18:39 . 2012-06-29 08:44        6891424        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED2AC7B4-CFA6-422B-A72C-19337A11ECDC}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 20:12 . 2012-07-30 17:10        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-08-17 20:12 . 2011-09-01 20:17        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-05 20:24 . 2009-10-22 21:01        279552        ----a-w-        c:\windows\system32\services.exe
2012-07-29 18:58 . 2012-07-29 18:58        57344        ----a-r-        c:\users\Patti\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2012-07-29 18:55 . 2008-07-23 09:19        106496        ----a-w-        c:\windows\system32\ATL71.DLL
2012-06-13 13:40 . 2012-07-11 21:27        2047488        ----a-w-        c:\windows\system32\win32k.sys
2012-06-05 16:47 . 2012-07-11 20:10        1401856        ----a-w-        c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 20:10        1248768        ----a-w-        c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 20:10        440704        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-23 06:56        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 06:56        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 06:56        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 06:56        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 06:56        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 06:56        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 06:56        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-07-23 21:28 . 2011-03-25 23:04        136672        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
2011-08-24 17:36 . 2011-08-24 17:36        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-20 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-20 8501792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-20 81920]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]
"RtHDVCpl"="RtHDVCpl.exe" [2007-12-17 4718592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Loader resident.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Photo Loader resident.lnk
backup=c:\windows\pss\Photo Loader resident.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2009-08-05 10:17        224712        ----a-w-        c:\program files\DAEMON Tools Pro\DTProAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-10-03 13:44        178712        ----a-w-        c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-02-28 16:07        1828136        ----a-w-        c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-06-08 11:02        21432        ----a-w-        c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-06-08 11:02        3521464        ----a-w-        c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-02-18 15:29        2221352        ----a-w-        c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 10:17        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-02-09 18:51        71216        ----a-w-        c:\program files\HomeCinema\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37        37888        ----a-w-        c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23        1008184        ----a-w-        c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
HPService        REG_MULTI_SZ          HPSLPSVC
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 20:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Patti\AppData\Roaming\Mozilla\Firefox\Profiles\s066d2hq.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
HKLM-Run-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BFE]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpsSvc]
"ImagePath"="."
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Softex\OmniPass\OmniServ.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\Softex\OmniPass\opvapp.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-31  22:21:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-31 20:20
.
Vor Suchlauf: 12 Verzeichnis(se), 15.681.978.368 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 16.546.480.128 Bytes frei
.
- - End Of File - - A96A601AB64B93D8880243E54D322923
--- --- ---


Viele Grüße
exedcuter

cosinus 01.09.2012 10:28
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

exedcuter 02.09.2012 21:23
Hallo Cosinus,

habe jetzt alles wie gewünscht durchlaufen lassen:

Anbei das Log vom gmer habe ich aus Versehen nur in den Zwischenspeicher und dann irgendwie verloren, deshalb jetzt nur die Logs vom Osam und aswMBR.

Osam:

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:43:45 on 02.09.2012

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 15.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"Startup.cpl" - ? - C:\Windows\system32\Startup.cpl  (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"dgderdrv" (dgderdrv) - "Devguru Co., Ltd" - C:\Windows\System32\drivers\dgderdrv.sys
"hotcore3" (hotcore3) - "Paragon Software Group" - C:\Windows\System32\drivers\hotcore3.sys
"Hotkey" (Hotkey) - ? - C:\Windows\system32\drivers\Hotkey.sys  (File found, but it contains no detailed information)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"pwloapow" (pwloapow) - ? - C:\Users\Patti\AppData\Local\Temp\pwloapow.sys  (Hidden registry entry, rootkit activity | File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
{CCFE56EE-C7DE-44EE-A160-4553A5A912C9} "OmniPass Shell Extension" - ? -  (File not found | COM-object registry key not found)
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{D0CE97A0-415B-42E9-B251-34393AF2D5F6} "Softex OmniPass Encrypted File" - "Softex Inc." - C:\Program Files\Softex\OmniPass\opfolderext.dll
{D5B1944E-DB4E-482E-B3F1-DB05827F0978} "Softex OmniPass Encrypted Folder" - "Softex Inc." - C:\Program Files\Softex\OmniPass\opfolderext.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{855F3B16-6D32-4fe6-8A56-BBB695989046} "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10c.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Patti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"KiesPDLR" - ? - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HotkeyApp" - "Wistron" - "C:\Program Files\Launch Manager\HotkeyApp.exe"
"LaunchAp" - ? - "C:\Program Files\Launch Manager\LaunchAp.exe"
"LMgrOSD" - "Wistron Corp." - "C:\Program Files\Launch Manager\OSD.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Nikon Message Center 2" - "Nikon Corporation" - C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"OmniPass" - ? - C:\Program Files\Softex\OmniPass\scureapp.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Wbutton" - "Wistron" - "C:\Program Files\Launch Manager\Wbutton.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PCL hpz3l4v2" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l4v2.dll
"PCL hpz3l5mu" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l5mu.dll
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"BBUpdate" (BBUpdate) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
"BFE" (BFE) - ? - .  (File not found)
"BingBar Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"MpsSvc" (MpsSvc) - ? - .  (File not found)
"Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Softex OmniPass Service" (omniserv) - "Softex Inc." - C:\Program Files\Softex\OmniPass\OmniServ.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
"WisLMSvc" (WisLMSvc) - "Wistron Corp." - C:\Program Files\Launch Manager\WisLMSvc.exe
"X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Und nun das Log vom aswMBR:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-02 21:45:49
-----------------------------
21:45:49.954    OS Version: Windows 6.0.6002 Service Pack 2
21:45:49.954    Number of processors: 2 586 0xF0D
21:45:49.954    ComputerName: PATTI-PC  UserName: Patti
21:45:51.701    Initialize success
21:52:00.944    AVAST engine defs: 12090201
21:53:09.849    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:53:09.849    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
21:53:10.707    Disk 0 MBR read successfully
21:53:10.707    Disk 0 MBR scan
21:53:10.723    Disk 0 Windows VISTA default MBR code
21:53:10.723    Disk 0 Partition - 00    0F Extended LBA            50699 MB offset 521309250
21:53:10.910    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        83211 MB offset 63
21:53:11.097    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      171333 MB offset 170417520
21:53:11.191    Disk 0 Partition - 00    05    Extended            50697 MB offset 521309312
21:53:11.269    Disk 0 Partition 3 00    0B        FAT32 MSWIN4.1    50697 MB offset 521309313
21:53:11.612    Disk 0 scanning sectors +625142448
21:53:12.610    Disk 0 scanning C:\Windows\system32\drivers
21:54:32.498    Service scanning
21:54:59.439    Modules scanning
21:56:28.109    Disk 0 trace - called modules:
21:56:28.156    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
21:56:28.172    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a17400]
21:56:28.172    3 CLASSPNP.SYS[8a9a18b3] -> nt!IofCallDriver -> [0x85548700]
21:56:28.187    5 acpi.sys[806a06bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8554f028]
21:56:29.108    AVAST engine scan C:\Windows
21:56:45.925    AVAST engine scan C:\Windows\system32
22:00:25.105    AVAST engine scan C:\Windows\system32\drivers
22:00:41.812    AVAST engine scan C:\Users\Patti
22:11:05.126    AVAST engine scan C:\ProgramData
22:15:25.833    Scan finished successfully
22:16:49.886    Disk 0 MBR has been saved successfully to "C:\Users\Patti\Desktop\MBR.dat"
22:16:49.901    The log file has been saved successfully to "C:\Users\Patti\Desktop\aswMBR.txt"
Danke nochmal und viele Grüße
Exedcuter:daumenhoc

cosinus 03.09.2012 19:49
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:27 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19