Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Cybercrime Investigation Virus (https://www.trojaner-board.de/126867-cybercrime-investigation-virus.html)

spigi01 11.11.2012 20:42
Cybercrime Investigation Virus
 
Nawas soll ich sagen....:eek:
Im abgesicherten Modus mit Netzwerktreibernkommt auch immer wieder diese fake -Meldung betr. Cybercrime.
Ich habe bereits eine CD mit OTLPENet.exe gebrannt, aber jedesmal wenn ich via optical drive boote, stellt mir mein Windows 7 Laptop ab????

Geschätzte Trojaner-Board Helfer

Ich weiss ich hätte zuerst einen eigenen Thread eröffnen sollen, bin aber leider etwas ungeduldig gewesen, gestern abend.
In der Zwischenzeit ist es mir gelungen von der OTLPE CD zu booten und einen Scan durchzuführen. :abklatsch:
Ich wäre sehr dankbar, wenn mir jemand weiter helfen könnte.

Gruss M

markusg 12.11.2012 13:35
hi,
wie soll das denn genau ohne die scan ergebnisse ablaufen? bitte poste sie, dann werden wir sicher was machen können.

spigi01 12.11.2012 15:25
Hallo,
Ich kann von meinem verseuchten Laptop nicht aufs Internet...
Jetzt habe ich OTL.Txt auf einen USB Stick kopiert, aber wie poste ich nun das Log hier im Forum, von einem gesunden 2. Gerät?

Lg mark

Also in Zukunft versuche ich vor dem Fragen selber raus zu finden wie was gemacht wird!!!:crazy:
Ich hoffe das ist richtig so:

Code:
OTL logfile created on: 11/12/2012 3:09:22 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.34% Space Free | Partition Type: NTFS
Drive D: | 111.69 Gb Total Space | 1.91 Gb Free Space | 1.71% Space Free | Partition Type: NTFS
Drive E: | 493.71 Mb Total Space | 308.21 Mb Free Space | 62.43% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/01 18:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/01 17:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/05/01 17:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/12 04:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/05/10 09:40:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/06 00:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/04/27 03:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/04/24 17:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/16 14:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/26 12:38:28 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2011/05/13 11:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot] -- D:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 11:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/05/10 01:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/03 09:48:44 | 000,625,224 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 17:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2007/11/02 06:22:38 | 000,105,896 | ---- | M] (MCCI) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)
DRV - [2007/11/02 06:22:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217obex.sys -- (s217obex)
DRV - [2007/11/02 06:22:38 | 000,024,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)
DRV - [2007/11/02 06:22:36 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217mdm.sys -- (s217mdm)
DRV - [2007/11/02 06:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)
DRV - [2007/11/02 06:22:36 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217mdfl.sys -- (s217mdfl)
DRV - [2007/05/11 10:31:36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Fusion(UVC)
DRV - [2007/05/11 10:31:22 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/11 10:30:04 | 001,921,184 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.unhooked.ch/2008/spotguide/
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 A0 EF 2D 22 0F CC 01  [binary data]
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
 
 
O1 HOSTS File: ([2012/05/31 05:33:57 | 000,000,027 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Color LaserJet CM1312 MFP Series Fax] D:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKU\Mark_Bachmann_ON_D..\Run: [OfficeSyncProcess] D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Mark_Bachmann_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {48580E34-E37A-454A-8EC4-FC7598B01D77} hxxp://chkr-web.ifolor.net/app_support/1/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Mark_Bachmann_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Mark_Bachmann_ON_D Winlogon: Shell - (C:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat) - D:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat ()
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/08 04:58:33 | 000,000,000 | ---D | C] -- D:\Users\Mark Bachmann\Documents\California 2012
[2011/05/14 07:07:28 | 000,399,736 | ---- | C] (BitTorrent, Inc.) -- D:\Program Files\uTorrent.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/11/12 00:57:58 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/11/12 00:57:54 | 000,000,047 | ---- | M] () -- D:\Users\Mark Bachmann\AppData\Roaming\msconfig.ini
[2012/11/12 00:53:55 | 1603,772,416 | -HS- | M] () -- D:\hiberfil.sys
[2012/11/12 00:12:57 | 000,001,108 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/11 14:16:43 | 000,014,640 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/11 14:16:42 | 000,014,640 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/11 10:59:11 | 000,001,112 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/09 03:08:56 | 000,002,320 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/05 07:48:50 | 000,657,676 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/11/05 07:48:50 | 000,618,912 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/11/05 07:48:50 | 000,131,016 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/11/05 07:48:50 | 000,107,232 | ---- | M] () -- D:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012/11/10 10:29:11 | 000,000,047 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Roaming\msconfig.ini
[2012/06/04 04:13:11 | 000,000,024 | ---- | C] () -- D:\Windows\VWCMIM.INI
[2012/02/11 10:03:49 | 000,007,625 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Local\Resmon.ResmonCfg
[2012/01/12 08:55:34 | 000,003,259 | ---- | C] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/01/11 06:00:16 | 000,053,248 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat
[2011/08/01 06:09:38 | 000,003,584 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/05 03:31:31 | 000,252,928 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
[2011/07/05 03:29:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2011/05/13 02:01:45 | 000,000,608 | -HS- | C] () -- D:\Windows\System32\winzvprt5.sys
[2011/05/13 02:01:45 | 000,000,222 | ---- | C] () -- D:\Windows\System32\hppfaxprinter5.ini
[2011/05/13 01:59:13 | 000,000,190 | ---- | C] () -- D:\Windows\System32\AddPort.ini
[2011/05/13 01:57:52 | 000,000,739 | ---- | C] () -- D:\Windows\hpntwksetup.ini
[2011/05/13 01:54:06 | 000,199,121 | ---- | C] () -- D:\Windows\hppins11.dat
[2011/05/13 01:54:06 | 000,005,707 | ---- | C] () -- D:\Windows\hppmdl11.dat
[2011/05/13 01:53:06 | 000,000,665 | ---- | C] () -- D:\Windows\System32\hppapr11.dat
[2011/05/10 09:28:14 | 000,000,000 | ---- | C] () -- D:\Windows\HPMProp.INI
[2011/05/10 08:48:34 | 000,140,288 | ---- | C] () -- D:\Windows\System32\igfxtvcx.dll
[2009/12/02 12:39:02 | 020,317,504 | ---- | C] () -- D:\Windows\System32\TrueSuiteCoInst02020000.dll
[2009/09/23 12:16:08 | 002,050,952 | ---- | C] () -- D:\Windows\System32\igkrng400.bin
[2009/07/14 03:47:43 | 000,657,676 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2009/07/14 03:47:43 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2009/07/14 03:47:43 | 000,131,016 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2009/07/14 03:47:43 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,481,240 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,618,912 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,107,232 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2007/05/11 09:12:54 | 000,057,126 | ---- | C] () -- D:\Windows\System32\lvcoinst.ini
[2001/07/06 21:00:00 | 000,003,254 | ---- | C] () -- D:\Windows\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2011/07/27 10:15:50 | 000,000,000 | ---D | M] -- D:\ProgramData\Acoustica
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2012/05/31 08:44:17 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2011/12/11 10:29:36 | 000,000,000 | ---D | M] -- D:\ProgramData\bookfactory.ch
[2011/05/31 08:07:01 | 000,000,000 | ---D | M] -- D:\ProgramData\CREALOGIX
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/05/10 09:15:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Downloaded Installations
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/05/11 10:09:53 | 000,000,000 | ---D | M] -- D:\ProgramData\Swiss International Airlines
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/05/10 09:15:18 | 000,000,000 | ---D | M] -- D:\ProgramData\TrueSuite
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/05/12 15:46:32 | 000,000,000 | ---D | M] -- D:\ProgramData\WindSolutions
[2011/05/11 09:28:49 | 000,000,000 | ---D | M] -- D:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/07/13 23:53:46 | 000,031,876 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
:daumenhoc Gruss M

markusg 12.11.2012 18:08
hi
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
:OTL
O20 - HKU\Mark_Bachmann_ON_D Winlogon: Shell - (C:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat) - D:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat
()
:Files
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

spigi01 13.11.2012 08:31
Vielen Dank für die schnelle Antwort. Ich musste gestern abend nochmals aus dem Haus und habe das infiszierte Gerät ausgeschaltet. Nun bring ich es nicht mehr dazu von der CD hochzufahren.:mad:

Einmal hats mir
Code:
File ohci 1394.sys caused an unexpected error (8192) at line 5964 in d:\xpsprtm\base\boot\setup\setup.c
Press any key to continue
angezeigt und nach drücken des ANYKEY stellt der Rechner einfach ab

Bei weiteren Versuchen startet zwar die CD und Starting Reatogo-X-PE... wird angezeigt, aber irgendwann, während des Prozesses, stellt die Kiste einfach ab.:killpc:

Hast du ne Idee, wie ich den wieder ab CD booten kann; neue CD brennen oder so???

Gruss

Beharrlichkeit zahlt sich aus :applaus:

PC gebootet, nun warte ich auf den reboot und hoffe dann die neuen Logs posten zu können.

So, Run Fix wurde ausgeführt, das automatische rebooten hat allerdings nicht so richtig geklappt. Nach einer Stunde habe ich abgeschaltet (5sec. Pwr switch) und dann konnte ich tatsächlich im abgesicherten modus mit Netzwerkreibern aufstarten. Leider hat es mir kein OTL.txt gezeigt.
Allerdings habe ich nach dem Run Fix vor dem Ausschalten nochmals eine Scan gemacht mit folgendem Log:

Code:
OTL logfile created on: 11/13/2012 10:02:22 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.34% Space Free | Partition Type: NTFS
Drive D: | 111.69 Gb Total Space | 1.94 Gb Free Space | 1.73% Space Free | Partition Type: NTFS
Drive E: | 493.71 Mb Total Space | 308.16 Mb Free Space | 62.42% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/01 18:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/01 17:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/05/01 17:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/12 04:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/05/10 09:40:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/06 00:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/04/27 03:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/04/24 17:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/16 14:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/26 12:38:28 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2011/05/13 11:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot] -- D:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 11:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/05/10 01:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/03 09:48:44 | 000,625,224 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 17:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2007/11/02 06:22:38 | 000,105,896 | ---- | M] (MCCI) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)
DRV - [2007/11/02 06:22:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217obex.sys -- (s217obex)
DRV - [2007/11/02 06:22:38 | 000,024,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)
DRV - [2007/11/02 06:22:36 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217mdm.sys -- (s217mdm)
DRV - [2007/11/02 06:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)
DRV - [2007/11/02 06:22:36 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\s217mdfl.sys -- (s217mdfl)
DRV - [2007/05/11 10:31:36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Fusion(UVC)
DRV - [2007/05/11 10:31:22 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/11 10:30:04 | 001,921,184 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.unhooked.ch/2008/spotguide/
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 A0 EF 2D 22 0F CC 01  [binary data]
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Mark_Bachmann_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
 
 
O1 HOSTS File: ([2012/05/31 05:33:57 | 000,000,027 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Color LaserJet CM1312 MFP Series Fax] D:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKU\Mark_Bachmann_ON_D..\Run: [OfficeSyncProcess] D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Mark_Bachmann_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {48580E34-E37A-454A-8EC4-FC7598B01D77} hxxp://chkr-web.ifolor.net/app_support/1/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Mark_Bachmann_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/13 09:20:37 | 002,237,440 | R--- | C] (OldTimer Tools) -- D:\OTLPE.exe
[2012/11/13 09:20:30 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/11/08 04:58:33 | 000,000,000 | ---D | C] -- D:\Users\Mark Bachmann\Documents\California 2012
[2011/05/14 07:07:28 | 000,399,736 | ---- | C] (BitTorrent, Inc.) -- D:\Program Files\uTorrent.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/11/13 02:54:36 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/11/13 02:54:36 | 000,000,047 | ---- | M] () -- D:\Users\Mark Bachmann\AppData\Roaming\msconfig.ini
[2012/11/13 02:36:40 | 000,657,676 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/11/13 02:36:40 | 000,618,912 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/11/13 02:36:40 | 000,131,016 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/11/13 02:36:40 | 000,107,232 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/11/13 02:35:26 | 000,001,108 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/13 02:32:29 | 1603,772,416 | -HS- | M] () -- D:\hiberfil.sys
[2012/11/11 14:16:43 | 000,014,640 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/11 14:16:42 | 000,014,640 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/11 10:59:11 | 000,001,112 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
 
========== Files Created - No Company Name ==========
 
[2012/11/10 10:29:11 | 000,000,047 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Roaming\msconfig.ini
[2012/06/04 04:13:11 | 000,000,024 | ---- | C] () -- D:\Windows\VWCMIM.INI
[2012/02/11 10:03:49 | 000,007,625 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Local\Resmon.ResmonCfg
[2012/01/12 08:55:34 | 000,003,259 | ---- | C] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/01 06:09:38 | 000,003,584 | ---- | C] () -- D:\Users\Mark Bachmann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/05 03:31:31 | 000,252,928 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
[2011/07/05 03:29:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2011/05/13 02:01:45 | 000,000,608 | -HS- | C] () -- D:\Windows\System32\winzvprt5.sys
[2011/05/13 02:01:45 | 000,000,222 | ---- | C] () -- D:\Windows\System32\hppfaxprinter5.ini
[2011/05/13 01:59:13 | 000,000,190 | ---- | C] () -- D:\Windows\System32\AddPort.ini
[2011/05/13 01:57:52 | 000,000,739 | ---- | C] () -- D:\Windows\hpntwksetup.ini
[2011/05/13 01:54:06 | 000,199,121 | ---- | C] () -- D:\Windows\hppins11.dat
[2011/05/13 01:54:06 | 000,005,707 | ---- | C] () -- D:\Windows\hppmdl11.dat
[2011/05/13 01:53:06 | 000,000,665 | ---- | C] () -- D:\Windows\System32\hppapr11.dat
[2011/05/10 09:28:14 | 000,000,000 | ---- | C] () -- D:\Windows\HPMProp.INI
[2011/05/10 08:48:34 | 000,140,288 | ---- | C] () -- D:\Windows\System32\igfxtvcx.dll
[2009/12/02 12:39:02 | 020,317,504 | ---- | C] () -- D:\Windows\System32\TrueSuiteCoInst02020000.dll
[2009/09/23 12:16:08 | 002,050,952 | ---- | C] () -- D:\Windows\System32\igkrng400.bin
[2009/07/14 03:47:43 | 000,657,676 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2009/07/14 03:47:43 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2009/07/14 03:47:43 | 000,131,016 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2009/07/14 03:47:43 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,481,240 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,618,912 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,107,232 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2007/05/11 09:12:54 | 000,057,126 | ---- | C] () -- D:\Windows\System32\lvcoinst.ini
[2001/07/06 21:00:00 | 000,003,254 | ---- | C] () -- D:\Windows\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2011/07/27 10:15:50 | 000,000,000 | ---D | M] -- D:\ProgramData\Acoustica
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2012/05/31 08:44:17 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2011/12/11 10:29:36 | 000,000,000 | ---D | M] -- D:\ProgramData\bookfactory.ch
[2011/05/31 08:07:01 | 000,000,000 | ---D | M] -- D:\ProgramData\CREALOGIX
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/05/10 09:15:14 | 000,000,000 | ---D | M] -- D:\ProgramData\Downloaded Installations
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/05/11 10:09:53 | 000,000,000 | ---D | M] -- D:\ProgramData\Swiss International Airlines
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/05/10 09:15:18 | 000,000,000 | ---D | M] -- D:\ProgramData\TrueSuite
[2011/05/10 08:40:30 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/05/12 15:46:32 | 000,000,000 | ---D | M] -- D:\ProgramData\WindSolutions
[2011/05/11 09:28:49 | 000,000,000 | ---D | M] -- D:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/07/13 23:53:46 | 000,032,380 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
Hoffe, das hilft weiter.

LG M

Hallo

Ich habe in der Zwischenzeit Malwarebytes Anti-Maleware installiert, einen Scan gemacht und folgendes Log erhalten:

Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.13.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Mark Bachmann :: MARKBACHMANN-PC [Administrator]

13.11.2012 16:49:15
mbam-log-2012-11-13 (16-49-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202383
Laufzeit: 10 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent) -> Daten: explorer.exe,C:\Users\Mark Bachmann\AppData\Roaming\msconfig.dat -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Mark Bachmann\0.8200605970315423.exe (Trojan.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
zusätzlich hat ein AVIRA scan folgenden Fund gemacht, den ich in Quarantäne geschickt habe. Ereigniss Bericht:

Code:
Die Datei 'C:\Users\Mark Bachmann\0.8200605970315423.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Rogue.KD.785039' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53042ee0.qua' verschoben!
Kann mir jemand bitte weiterhelfen, ich gehe nicht davon aus, dass es das schon war und mein Laptop bereits wieder suber ist....:nono:

Besten Dank im voraus

markusg 13.11.2012 22:19
hab ich irgendwas von nem avira scan geschrieben? mach ausschließlich das, was hier steht.
starte mal in den normalen modus, sollte wieder gehen.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

spigi01 14.11.2012 07:22
Sorry wegen AVIRA :stirn:
Hier das TDSS Killer Log:

Code:
07:16:04.0706 3344  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:16:04.0955 3344  ============================================================
07:16:04.0955 3344  Current date / time: 2012/11/14 07:16:04.0955
07:16:04.0955 3344  SystemInfo:
07:16:04.0955 3344 
07:16:04.0955 3344  OS Version: 6.1.7601 ServicePack: 1.0
07:16:04.0955 3344  Product type: Workstation
07:16:04.0955 3344  ComputerName: MARKBACHMANN-PC
07:16:04.0955 3344  UserName: Mark Bachmann
07:16:04.0955 3344  Windows directory: C:\Windows
07:16:04.0955 3344  System windows directory: C:\Windows
07:16:04.0955 3344  Processor architecture: Intel x86
07:16:04.0955 3344  Number of processors: 2
07:16:04.0955 3344  Page size: 0x1000
07:16:04.0955 3344  Boot type: Normal boot
07:16:04.0955 3344  ============================================================
07:16:06.0297 3344  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:16:06.0297 3344  ============================================================
07:16:06.0297 3344  \Device\Harddisk0\DR0:
07:16:06.0297 3344  MBR partitions:
07:16:06.0297 3344  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:16:06.0297 3344  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
07:16:06.0297 3344  ============================================================
07:16:06.0312 3344  C: <-> \Device\Harddisk0\DR0\Partition2
07:16:06.0312 3344  ============================================================
07:16:06.0312 3344  Initialize success
07:16:06.0312 3344  ============================================================
07:18:10.0489 0352  ============================================================
07:18:10.0489 0352  Scan started
07:18:10.0489 0352  Mode: Manual; SigCheck; TDLFS;
07:18:10.0489 0352  ============================================================
07:18:10.0707 0352  ================ Scan system memory ========================
07:18:10.0707 0352  System memory - ok
07:18:10.0707 0352  ================ Scan services =============================
07:18:10.0941 0352  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:18:11.0019 0352  1394ohci - ok
07:18:11.0050 0352  [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer  C:\Windows\system32\DRIVERS\Accelerometer.sys
07:18:11.0066 0352  Accelerometer - ok
07:18:11.0144 0352  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:18:11.0191 0352  ACPI - ok
07:18:11.0206 0352  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
07:18:11.0222 0352  AcpiPmi - ok
07:18:11.0316 0352  [ FB9ECE3F7B8A03E474E611031AD4CD23 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
07:18:11.0362 0352  ADIHdAudAddService - ok
07:18:11.0409 0352  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
07:18:11.0425 0352  adp94xx - ok
07:18:11.0472 0352  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
07:18:11.0487 0352  adpahci - ok
07:18:11.0503 0352  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
07:18:11.0518 0352  adpu320 - ok
07:18:11.0534 0352  [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
07:18:11.0550 0352  AEADIFilters - ok
07:18:11.0581 0352  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
07:18:11.0596 0352  AeLookupSvc - ok
07:18:11.0690 0352  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD            C:\Windows\system32\drivers\afd.sys
07:18:11.0721 0352  AFD - ok
07:18:11.0799 0352  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
07:18:11.0846 0352  AgereSoftModem - ok
07:18:11.0908 0352  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
07:18:11.0940 0352  agp440 - ok
07:18:11.0971 0352  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx        C:\Windows\system32\DRIVERS\djsvs.sys
07:18:11.0986 0352  aic78xx - ok
07:18:12.0049 0352  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG            C:\Windows\System32\alg.exe
07:18:12.0080 0352  ALG - ok
07:18:12.0142 0352  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:18:12.0174 0352  aliide - ok
07:18:12.0236 0352  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:18:12.0267 0352  amdagp - ok
07:18:12.0283 0352  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:18:12.0298 0352  amdide - ok
07:18:12.0361 0352  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
07:18:12.0376 0352  AmdK8 - ok
07:18:12.0376 0352  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
07:18:12.0392 0352  AmdPPM - ok
07:18:12.0454 0352  [ D320BF87125326F996D4904FE24300FC ] amdsata        C:\Windows\system32\drivers\amdsata.sys
07:18:12.0486 0352  amdsata - ok
07:18:12.0501 0352  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
07:18:12.0517 0352  amdsbs - ok
07:18:12.0532 0352  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
07:18:12.0548 0352  amdxata - ok
07:18:12.0642 0352  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:18:12.0673 0352  AntiVirSchedulerService - ok
07:18:12.0735 0352  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:18:12.0751 0352  AntiVirService - ok
07:18:12.0766 0352  [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
07:18:12.0798 0352  AntiVirWebService - ok
07:18:12.0876 0352  [ AEA177F783E20150ACE5383EE368DA19 ] AppID          C:\Windows\system32\drivers\appid.sys
07:18:12.0922 0352  AppID - ok
07:18:12.0969 0352  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:18:13.0000 0352  AppIDSvc - ok
07:18:13.0047 0352  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo        C:\Windows\System32\appinfo.dll
07:18:13.0125 0352  Appinfo - ok
07:18:13.0203 0352  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:18:13.0219 0352  Apple Mobile Device - ok
07:18:13.0266 0352  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt        C:\Windows\System32\appmgmts.dll
07:18:13.0312 0352  AppMgmt - ok
07:18:13.0328 0352  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc            C:\Windows\system32\DRIVERS\arc.sys
07:18:13.0344 0352  arc - ok
07:18:13.0359 0352  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
07:18:13.0375 0352  arcsas - ok
07:18:13.0390 0352  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:18:13.0422 0352  AsyncMac - ok
07:18:13.0484 0352  [ 338C86357871C167A96AB976519BF59E ] atapi          C:\Windows\system32\drivers\atapi.sys
07:18:13.0515 0352  atapi - ok
07:18:13.0562 0352  [ BEFE54E9BC648A3C79C917A63B6EE7DA ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
07:18:13.0593 0352  ATSwpWDF - ok
07:18:13.0671 0352  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:18:13.0718 0352  AudioEndpointBuilder - ok
07:18:13.0734 0352  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:18:13.0765 0352  Audiosrv - ok
07:18:13.0812 0352  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
07:18:13.0827 0352  avgntflt - ok
07:18:13.0890 0352  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
07:18:13.0905 0352  avipbb - ok
07:18:13.0936 0352  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
07:18:13.0952 0352  avkmgr - ok
07:18:14.0014 0352  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:18:14.0061 0352  AxInstSV - ok
07:18:14.0108 0352  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbdx.sys
07:18:14.0124 0352  b06bdrv - ok
07:18:14.0155 0352  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
07:18:14.0186 0352  b57nd60x - ok
07:18:14.0217 0352  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
07:18:14.0233 0352  BDESVC - ok
07:18:14.0264 0352  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:18:14.0295 0352  Beep - ok
07:18:14.0373 0352  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE            C:\Windows\System32\bfe.dll
07:18:14.0420 0352  BFE - ok
07:18:14.0498 0352  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
07:18:14.0545 0352  BITS - ok
07:18:14.0560 0352  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:18:14.0576 0352  blbdrive - ok
07:18:14.0638 0352  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:18:14.0670 0352  Bonjour Service - ok
07:18:14.0701 0352  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:18:14.0716 0352  bowser - ok
07:18:14.0748 0352  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:18:14.0763 0352  BrFiltLo - ok
07:18:14.0763 0352  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:18:14.0779 0352  BrFiltUp - ok
07:18:14.0857 0352  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
07:18:14.0904 0352  BridgeMP - ok
07:18:14.0950 0352  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser        C:\Windows\System32\browser.dll
07:18:14.0997 0352  Browser - ok
07:18:14.0997 0352  [ 845B8CE732E67F3B4133164868C666EA ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
07:18:15.0013 0352  Brserid - ok
07:18:15.0044 0352  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:18:15.0060 0352  BrSerWdm - ok
07:18:15.0060 0352  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:18:15.0091 0352  BrUsbMdm - ok
07:18:15.0106 0352  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:18:15.0122 0352  BrUsbSer - ok
07:18:15.0200 0352  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
07:18:15.0231 0352  BthEnum - ok
07:18:15.0247 0352  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
07:18:15.0262 0352  BTHMODEM - ok
07:18:15.0294 0352  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
07:18:15.0309 0352  BthPan - ok
07:18:15.0372 0352  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
07:18:15.0418 0352  BTHPORT - ok
07:18:15.0481 0352  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv        C:\Windows\system32\bthserv.dll
07:18:15.0528 0352  bthserv - ok
07:18:15.0637 0352  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
07:18:15.0668 0352  BTHUSB - ok
07:18:15.0793 0352  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:18:15.0840 0352  cdfs - ok
07:18:16.0027 0352  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
07:18:16.0074 0352  cdrom - ok
07:18:16.0120 0352  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc    C:\Windows\System32\certprop.dll
07:18:16.0152 0352  CertPropSvc - ok
07:18:16.0183 0352  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
07:18:16.0198 0352  circlass - ok
07:18:16.0245 0352  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
07:18:16.0261 0352  CLFS - ok
07:18:16.0339 0352  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:18:16.0370 0352  clr_optimization_v2.0.50727_32 - ok
07:18:16.0464 0352  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:18:16.0495 0352  clr_optimization_v4.0.30319_32 - ok
07:18:16.0526 0352  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:18:16.0542 0352  CmBatt - ok
07:18:16.0588 0352  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:18:16.0620 0352  cmdide - ok
07:18:16.0682 0352  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG            C:\Windows\system32\Drivers\cng.sys
07:18:16.0729 0352  CNG - ok
07:18:16.0744 0352  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:18:16.0760 0352  Compbatt - ok
07:18:16.0838 0352  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
07:18:16.0885 0352  CompositeBus - ok
07:18:16.0885 0352  COMSysApp - ok
07:18:16.0916 0352  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
07:18:16.0932 0352  crcdisk - ok
07:18:17.0010 0352  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:18:17.0041 0352  CryptSvc - ok
07:18:17.0103 0352  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC            C:\Windows\system32\drivers\csc.sys
07:18:17.0150 0352  CSC - ok
07:18:17.0212 0352  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
07:18:17.0244 0352  CscService - ok
07:18:17.0290 0352  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:18:17.0322 0352  DcomLaunch - ok
07:18:17.0337 0352  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc      C:\Windows\System32\defragsvc.dll
07:18:17.0368 0352  defragsvc - ok
07:18:17.0415 0352  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:18:17.0462 0352  DfsC - ok
07:18:17.0540 0352  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:18:17.0602 0352  Dhcp - ok
07:18:17.0649 0352  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
07:18:17.0680 0352  discache - ok
07:18:17.0758 0352  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
07:18:17.0790 0352  Disk - ok
07:18:17.0821 0352  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:18:17.0836 0352  Dnscache - ok
07:18:17.0883 0352  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc        C:\Windows\System32\dot3svc.dll
07:18:17.0914 0352  dot3svc - ok
07:18:17.0977 0352  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS            C:\Windows\system32\dps.dll
07:18:18.0008 0352  DPS - ok
07:18:18.0024 0352  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
07:18:18.0039 0352  drmkaud - ok
07:18:18.0086 0352  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
07:18:18.0117 0352  DXGKrnl - ok
07:18:18.0164 0352  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost        C:\Windows\System32\eapsvc.dll
07:18:18.0195 0352  EapHost - ok
07:18:18.0414 0352  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv          C:\Windows\system32\DRIVERS\evbdx.sys
07:18:18.0460 0352  ebdrv - ok
07:18:18.0538 0352  [ 81951F51E318AECC2D68559E47485CC4 ] EFS            C:\Windows\System32\lsass.exe
07:18:18.0570 0352  EFS - ok
07:18:18.0663 0352  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
07:18:18.0694 0352  ehRecvr - ok
07:18:18.0726 0352  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched        C:\Windows\ehome\ehsched.exe
07:18:18.0741 0352  ehSched - ok
07:18:18.0804 0352  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
07:18:18.0835 0352  elxstor - ok
07:18:18.0850 0352  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:18:18.0866 0352  ErrDev - ok
07:18:18.0913 0352  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem    C:\Windows\system32\es.dll
07:18:18.0944 0352  EventSystem - ok
07:18:18.0975 0352  [ 2DC9108D74081149CC8B651D3A26207F ] exfat          C:\Windows\system32\drivers\exfat.sys
07:18:19.0006 0352  exfat - ok
07:18:19.0022 0352  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
07:18:19.0053 0352  fastfat - ok
07:18:19.0147 0352  [ 967EA5B213E9984CBE270205DF37755B ] Fax            C:\Windows\system32\fxssvc.exe
07:18:19.0194 0352  Fax - ok
07:18:19.0209 0352  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
07:18:19.0225 0352  fdc - ok
07:18:19.0272 0352  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost        C:\Windows\system32\fdPHost.dll
07:18:19.0287 0352  fdPHost - ok
07:18:19.0303 0352  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
07:18:19.0334 0352  FDResPub - ok
07:18:19.0365 0352  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:18:19.0365 0352  FileInfo - ok
07:18:19.0381 0352  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
07:18:19.0412 0352  Filetrace - ok
07:18:19.0428 0352  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:18:19.0443 0352  flpydisk - ok
07:18:19.0459 0352  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:18:19.0474 0352  FltMgr - ok
07:18:19.0521 0352  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache      C:\Windows\system32\FntCache.dll
07:18:19.0537 0352  FontCache - ok
07:18:19.0615 0352  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:18:19.0646 0352  FontCache3.0.0.0 - ok
07:18:19.0677 0352  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
07:18:19.0708 0352  FsDepends - ok
07:18:19.0755 0352  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:18:19.0771 0352  Fs_Rec - ok
07:18:19.0833 0352  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:18:19.0849 0352  fvevol - ok
07:18:19.0896 0352  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
07:18:19.0911 0352  gagp30kx - ok
07:18:19.0958 0352  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:18:19.0974 0352  GEARAspiWDM - ok
07:18:20.0036 0352  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc          C:\Windows\System32\gpsvc.dll
07:18:20.0083 0352  gpsvc - ok
07:18:20.0176 0352  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
07:18:20.0208 0352  gupdate - ok
07:18:20.0208 0352  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
07:18:20.0223 0352  gupdatem - ok
07:18:20.0286 0352  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:18:20.0301 0352  gusvc - ok
07:18:20.0332 0352  [ E19BC597A0B13BBE6A7E3612F6F8D8A6 ] HBtnKey        C:\Windows\system32\DRIVERS\cpqbttn.sys
07:18:20.0348 0352  HBtnKey - ok
07:18:20.0379 0352  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:18:20.0395 0352  hcw85cir - ok
07:18:20.0473 0352  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:18:20.0520 0352  HdAudAddService - ok
07:18:20.0598 0352  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
07:18:20.0629 0352  HDAudBus - ok
07:18:20.0629 0352  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
07:18:20.0644 0352  HidBatt - ok
07:18:20.0660 0352  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
07:18:20.0676 0352  HidBth - ok
07:18:20.0707 0352  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
07:18:20.0722 0352  HidIr - ok
07:18:20.0738 0352  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv        C:\Windows\System32\hidserv.dll
07:18:20.0769 0352  hidserv - ok
07:18:20.0847 0352  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
07:18:20.0878 0352  HidUsb - ok
07:18:20.0941 0352  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:18:20.0988 0352  hkmsvc - ok
07:18:21.0050 0352  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:18:21.0081 0352  HomeGroupListener - ok
07:18:21.0128 0352  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:18:21.0144 0352  HomeGroupProvider - ok
07:18:21.0206 0352  [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
07:18:21.0206 0352  hpdskflt - ok
07:18:21.0315 0352  [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
07:18:21.0331 0352  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
07:18:21.0331 0352  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
07:18:21.0346 0352  [ DF446BA625CC441617843E87798CE048 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
07:18:21.0346 0352  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
07:18:21.0346 0352  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
07:18:21.0409 0352  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:18:21.0456 0352  HpSAMD - ok
07:18:21.0471 0352  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv          C:\Windows\system32\Hpservice.exe
07:18:21.0487 0352  hpsrv - ok
07:18:21.0565 0352  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:18:21.0612 0352  HTTP - ok
07:18:21.0658 0352  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:18:21.0690 0352  hwpolicy - ok
07:18:21.0752 0352  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
07:18:21.0783 0352  i8042prt - ok
07:18:21.0861 0352  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
07:18:21.0892 0352  iaStorV - ok
07:18:22.0017 0352  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:18:22.0048 0352  idsvc - ok
07:18:22.0298 0352  [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:18:22.0376 0352  igfx - ok
07:18:22.0485 0352  [ 4173FF5708F3236CF25195FECD742915 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
07:18:22.0516 0352  iirsp - ok
07:18:22.0610 0352  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:18:22.0657 0352  IKEEXT - ok
07:18:22.0719 0352  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
07:18:22.0735 0352  intelide - ok
07:18:22.0782 0352  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:18:22.0797 0352  intelppm - ok
07:18:22.0813 0352  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
07:18:22.0844 0352  IPBusEnum - ok
07:18:22.0860 0352  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:18:22.0891 0352  IpFilterDriver - ok
07:18:22.0969 0352  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:18:23.0016 0352  iphlpsvc - ok
07:18:23.0062 0352  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
07:18:23.0094 0352  IPMIDRV - ok
07:18:23.0109 0352  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
07:18:23.0140 0352  IPNAT - ok
07:18:23.0218 0352  [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:18:23.0250 0352  iPod Service - ok
07:18:23.0281 0352  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:18:23.0296 0352  IRENUM - ok
07:18:23.0359 0352  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:18:23.0390 0352  isapnp - ok
07:18:23.0452 0352  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:18:23.0484 0352  iScsiPrt - ok
07:18:23.0515 0352  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
07:18:23.0530 0352  kbdclass - ok
07:18:23.0562 0352  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
07:18:23.0577 0352  kbdhid - ok
07:18:23.0608 0352  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
07:18:23.0624 0352  KeyIso - ok
07:18:23.0671 0352  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:18:23.0702 0352  KSecDD - ok
07:18:23.0764 0352  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
07:18:23.0780 0352  KSecPkg - ok
07:18:23.0827 0352  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm          C:\Windows\system32\msdtckrm.dll
07:18:23.0858 0352  KtmRm - ok
07:18:23.0889 0352  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
07:18:23.0920 0352  LanmanServer - ok
07:18:23.0952 0352  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:18:23.0983 0352  LanmanWorkstation - ok
07:18:24.0030 0352  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:18:24.0061 0352  lltdio - ok
07:18:24.0092 0352  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
07:18:24.0123 0352  lltdsvc - ok
07:18:24.0154 0352  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts        C:\Windows\System32\lmhsvc.dll
07:18:24.0186 0352  lmhosts - ok
07:18:24.0217 0352  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
07:18:24.0232 0352  LSI_FC - ok
07:18:24.0232 0352  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
07:18:24.0248 0352  LSI_SAS - ok
07:18:24.0264 0352  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:18:24.0279 0352  LSI_SAS2 - ok
07:18:24.0295 0352  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:18:24.0310 0352  LSI_SCSI - ok
07:18:24.0342 0352  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv          C:\Windows\system32\drivers\luafv.sys
07:18:24.0373 0352  luafv - ok
07:18:24.0513 0352  [ B0456B8A332135C1216FF2374B584161 ] lvpopflt        C:\Windows\system32\DRIVERS\lvpopflt.sys
07:18:24.0560 0352  lvpopflt - ok
07:18:24.0638 0352  [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
07:18:24.0654 0352  LVUSBSta - ok
07:18:24.0841 0352  [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC          C:\Windows\system32\DRIVERS\lvuvc.sys
07:18:24.0919 0352  LVUVC - ok
07:18:24.0981 0352  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
07:18:25.0012 0352  MBAMProtector - ok
07:18:25.0122 0352  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:18:25.0168 0352  MBAMScheduler - ok
07:18:25.0215 0352  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:18:25.0246 0352  MBAMService - ok
07:18:25.0293 0352  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
07:18:25.0340 0352  Mcx2Svc - ok
07:18:25.0356 0352  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
07:18:25.0371 0352  megasas - ok
07:18:25.0402 0352  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
07:18:25.0418 0352  MegaSR - ok
07:18:25.0480 0352  Microsoft SharePoint Workspace Audit Service - ok
07:18:25.0496 0352  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS          C:\Windows\system32\mmcss.dll
07:18:25.0527 0352  MMCSS - ok
07:18:25.0543 0352  [ F001861E5700EE84E2D4E52C712F4964 ] Modem          C:\Windows\system32\drivers\modem.sys
07:18:25.0558 0352  Modem - ok
07:18:25.0590 0352  [ 79D10964DE86B292320E9DFE02282A23 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
07:18:25.0605 0352  monitor - ok
07:18:25.0668 0352  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
07:18:25.0699 0352  mouclass - ok
07:18:25.0730 0352  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:18:25.0746 0352  mouhid - ok
07:18:25.0808 0352  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:18:25.0824 0352  mountmgr - ok
07:18:25.0870 0352  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:18:25.0886 0352  mpio - ok
07:18:25.0902 0352  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:18:25.0917 0352  mpsdrv - ok
07:18:25.0995 0352  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:18:26.0058 0352  MpsSvc - ok
07:18:26.0104 0352  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:18:26.0151 0352  MRxDAV - ok
07:18:26.0214 0352  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:18:26.0245 0352  mrxsmb - ok
07:18:26.0292 0352  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:18:26.0323 0352  mrxsmb10 - ok
07:18:26.0354 0352  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:18:26.0370 0352  mrxsmb20 - ok
07:18:26.0432 0352  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
07:18:26.0463 0352  msahci - ok
07:18:26.0510 0352  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
07:18:26.0541 0352  msdsm - ok
07:18:26.0588 0352  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC          C:\Windows\System32\msdtc.exe
07:18:26.0604 0352  MSDTC - ok
07:18:26.0682 0352  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:18:26.0713 0352  Msfs - ok
07:18:26.0728 0352  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
07:18:26.0760 0352  mshidkmdf - ok
07:18:26.0775 0352  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:18:26.0791 0352  msisadrv - ok
07:18:26.0853 0352  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
07:18:26.0884 0352  MSiSCSI - ok
07:18:26.0884 0352  msiserver - ok
07:18:26.0931 0352  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
07:18:26.0962 0352  MSKSSRV - ok
07:18:26.0978 0352  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:18:27.0009 0352  MSPCLOCK - ok
07:18:27.0009 0352  [ F456E973590D663B1073E9C463B40932 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
07:18:27.0040 0352  MSPQM - ok
07:18:27.0072 0352  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
07:18:27.0087 0352  MsRPC - ok
07:18:27.0134 0352  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
07:18:27.0150 0352  mssmbios - ok
07:18:27.0181 0352  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
07:18:27.0212 0352  MSTEE - ok
07:18:27.0212 0352  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
07:18:27.0228 0352  MTConfig - ok
07:18:27.0259 0352  [ 159FAD02F64E6381758C990F753BCC80 ] Mup            C:\Windows\system32\Drivers\mup.sys
07:18:27.0274 0352  Mup - ok
07:18:27.0337 0352  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
07:18:27.0368 0352  napagent - ok
07:18:27.0415 0352  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
07:18:27.0430 0352  NativeWifiP - ok
07:18:27.0524 0352  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:18:27.0555 0352  NDIS - ok
07:18:27.0586 0352  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
07:18:27.0618 0352  NdisCap - ok
07:18:27.0649 0352  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:18:27.0680 0352  NdisTapi - ok
07:18:27.0727 0352  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
07:18:27.0774 0352  Ndisuio - ok
07:18:27.0836 0352  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
07:18:27.0883 0352  NdisWan - ok
07:18:27.0914 0352  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
07:18:27.0961 0352  NDProxy - ok
07:18:28.0008 0352  [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:18:28.0008 0352  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:18:28.0008 0352  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:18:28.0054 0352  [ 1352E1648213551923A0A822E441553C ] Netaapl        C:\Windows\system32\DRIVERS\netaapl.sys
07:18:28.0086 0352  Netaapl - ok
07:18:28.0132 0352  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
07:18:28.0179 0352  NetBIOS - ok
07:18:28.0226 0352  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
07:18:28.0288 0352  NetBT - ok
07:18:28.0304 0352  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
07:18:28.0320 0352  Netlogon - ok
07:18:28.0366 0352  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
07:18:28.0398 0352  Netman - ok
07:18:28.0413 0352  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
07:18:28.0460 0352  netprofm - ok
07:18:28.0507 0352  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:18:28.0522 0352  NetTcpPortSharing - ok
07:18:28.0710 0352  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
07:18:28.0788 0352  netw5v32 - ok
07:18:28.0834 0352  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
07:18:28.0850 0352  nfrd960 - ok
07:18:28.0897 0352  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:18:28.0959 0352  NlaSvc - ok
07:18:28.0975 0352  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:18:29.0006 0352  Npfs - ok
07:18:29.0022 0352  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi            C:\Windows\system32\nsisvc.dll
07:18:29.0053 0352  nsi - ok
07:18:29.0068 0352  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:18:29.0100 0352  nsiproxy - ok
07:18:29.0224 0352  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:18:29.0271 0352  Ntfs - ok
07:18:29.0287 0352  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
07:18:29.0318 0352  Null - ok
07:18:29.0349 0352  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:18:29.0365 0352  nvraid - ok
07:18:29.0427 0352  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:18:29.0458 0352  nvstor - ok
07:18:29.0505 0352  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:18:29.0521 0352  nv_agp - ok
07:18:29.0583 0352  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:18:29.0599 0352  ohci1394 - ok
07:18:29.0661 0352  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:18:29.0677 0352  ose - ok
07:18:29.0911 0352  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:18:30.0020 0352  osppsvc - ok
07:18:30.0051 0352  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:18:30.0082 0352  p2pimsvc - ok
07:18:30.0098 0352  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:18:30.0114 0352  p2psvc - ok
07:18:30.0160 0352  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
07:18:30.0176 0352  Parport - ok
07:18:30.0223 0352  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr        C:\Windows\system32\drivers\partmgr.sys
07:18:30.0238 0352  partmgr - ok
07:18:30.0254 0352  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
07:18:30.0270 0352  Parvdm - ok
07:18:30.0285 0352  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:18:30.0301 0352  PcaSvc - ok
07:18:30.0363 0352  [ 673E55C3498EB970088E812EA820AA8F ] pci            C:\Windows\system32\drivers\pci.sys
07:18:30.0394 0352  pci - ok
07:18:30.0410 0352  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
07:18:30.0426 0352  pciide - ok
07:18:30.0441 0352  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
07:18:30.0457 0352  pcmcia - ok
07:18:30.0472 0352  [ 250F6B43D2B613172035C6747AEEB19F ] pcw            C:\Windows\system32\drivers\pcw.sys
07:18:30.0488 0352  pcw - ok
07:18:30.0535 0352  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:18:30.0582 0352  PEAUTH - ok
07:18:30.0644 0352  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
07:18:30.0691 0352  PeerDistSvc - ok
07:18:30.0831 0352  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla            C:\Windows\system32\pla.dll
07:18:30.0894 0352  pla - ok
07:18:30.0956 0352  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:18:30.0972 0352  PlugPlay - ok
07:18:30.0987 0352  [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:18:30.0987 0352  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:18:30.0987 0352  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:18:31.0018 0352  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
07:18:31.0034 0352  PNRPAutoReg - ok
07:18:31.0050 0352  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
07:18:31.0081 0352  PNRPsvc - ok
07:18:31.0143 0352  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
07:18:31.0190 0352  PolicyAgent - ok
07:18:31.0237 0352  [ F87D30E72E03D579A5199CCB3831D6EA ] Power          C:\Windows\system32\umpo.dll
07:18:31.0268 0352  Power - ok
07:18:31.0315 0352  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:18:31.0362 0352  PptpMiniport - ok
07:18:31.0377 0352  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
07:18:31.0393 0352  Processor - ok
07:18:31.0455 0352  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc        C:\Windows\system32\profsvc.dll
07:18:31.0502 0352  ProfSvc - ok
07:18:31.0518 0352  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:18:31.0533 0352  ProtectedStorage - ok
07:18:31.0564 0352  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:18:31.0596 0352  Psched - ok
07:18:31.0674 0352  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
07:18:31.0705 0352  ql2300 - ok
07:18:31.0736 0352  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
07:18:31.0752 0352  ql40xx - ok
07:18:31.0798 0352  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE          C:\Windows\system32\qwave.dll
07:18:31.0830 0352  QWAVE - ok
07:18:31.0861 0352  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:18:31.0876 0352  QWAVEdrv - ok
07:18:31.0876 0352  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:18:31.0908 0352  RasAcd - ok
07:18:31.0954 0352  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
07:18:31.0986 0352  RasAgileVpn - ok
07:18:32.0001 0352  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto        C:\Windows\System32\rasauto.dll
07:18:32.0032 0352  RasAuto - ok
07:18:32.0048 0352  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
07:18:32.0079 0352  Rasl2tp - ok
07:18:32.0142 0352  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
07:18:32.0204 0352  RasMan - ok
07:18:32.0220 0352  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:18:32.0251 0352  RasPppoe - ok
07:18:32.0266 0352  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
07:18:32.0298 0352  RasSstp - ok
07:18:32.0360 0352  [ D528BC58A489409BA40334EBF96A311B ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
07:18:32.0407 0352  rdbss - ok
07:18:32.0422 0352  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
07:18:32.0454 0352  rdpbus - ok
07:18:32.0500 0352  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:18:32.0532 0352  RDPCDD - ok
07:18:32.0578 0352  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
07:18:32.0625 0352  RDPDR - ok
07:18:32.0641 0352  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:18:32.0672 0352  RDPENCDD - ok
07:18:32.0688 0352  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:18:32.0719 0352  RDPREFMP - ok
07:18:32.0766 0352  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
07:18:32.0812 0352  RDPWD - ok
07:18:32.0875 0352  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:18:32.0906 0352  rdyboost - ok
07:18:32.0937 0352  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:18:32.0968 0352  RemoteAccess - ok
07:18:33.0000 0352  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:18:33.0031 0352  RemoteRegistry - ok
07:18:33.0078 0352  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
07:18:33.0093 0352  RFCOMM - ok
07:18:33.0093 0352  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:18:33.0140 0352  RpcEptMapper - ok
07:18:33.0140 0352  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
07:18:33.0171 0352  RpcLocator - ok
07:18:33.0187 0352  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs          C:\Windows\system32\rpcss.dll
07:18:33.0218 0352  RpcSs - ok
07:18:33.0265 0352  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:18:33.0312 0352  rspndr - ok
07:18:33.0343 0352  [ 0266151DE3F36429F6AC3C4B28085061 ] s217bus        C:\Windows\system32\DRIVERS\s217bus.sys
07:18:33.0358 0352  s217bus - ok
07:18:33.0374 0352  [ A43C0AF0E46BE7EF0C7E8CCF0F058600 ] s217mdfl        C:\Windows\system32\DRIVERS\s217mdfl.sys
07:18:33.0390 0352  s217mdfl - ok
07:18:33.0405 0352  [ 005F5DED1ED8F8A9D2399D765EAD20F1 ] s217mdm        C:\Windows\system32\DRIVERS\s217mdm.sys
07:18:33.0421 0352  s217mdm - ok
07:18:33.0452 0352  [ 11CC5D7F992799E7E75D018E9C018563 ] s217nd5        C:\Windows\system32\DRIVERS\s217nd5.sys
07:18:33.0468 0352  s217nd5 - ok
07:18:33.0499 0352  [ 0F9F4045799AFB66B85EEF999D0609EC ] s217obex        C:\Windows\system32\DRIVERS\s217obex.sys
07:18:33.0530 0352  s217obex - ok
07:18:33.0546 0352  [ 1C91E1023F07B6407D84B5A43537D984 ] s217unic        C:\Windows\system32\DRIVERS\s217unic.sys
07:18:33.0561 0352  s217unic - ok
07:18:33.0608 0352  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
07:18:33.0639 0352  s3cap - ok
07:18:33.0670 0352  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs          C:\Windows\system32\lsass.exe
07:18:33.0686 0352  SamSs - ok
07:18:33.0717 0352  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:18:33.0733 0352  sbp2port - ok
07:18:33.0764 0352  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:18:33.0795 0352  SCardSvr - ok
07:18:33.0811 0352  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:18:33.0842 0352  scfilter - ok
07:18:33.0936 0352  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
07:18:33.0982 0352  Schedule - ok
07:18:33.0998 0352  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc    C:\Windows\System32\certprop.dll
07:18:34.0029 0352  SCPolicySvc - ok
07:18:34.0076 0352  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:18:34.0123 0352  SDRSVC - ok
07:18:34.0154 0352  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:18:34.0185 0352  secdrv - ok
07:18:34.0216 0352  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
07:18:34.0279 0352  seclogon - ok
07:18:34.0279 0352  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
07:18:34.0310 0352  SENS - ok
07:18:34.0357 0352  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:18:34.0372 0352  SensrSvc - ok
07:18:34.0388 0352  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
07:18:34.0404 0352  Serenum - ok
07:18:34.0419 0352  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:18:34.0435 0352  Serial - ok
07:18:34.0466 0352  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
07:18:34.0482 0352  sermouse - ok
07:18:34.0544 0352  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:18:34.0606 0352  SessionEnv - ok
07:18:34.0638 0352  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
07:18:34.0653 0352  sffdisk - ok
07:18:34.0669 0352  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:18:34.0684 0352  sffp_mmc - ok
07:18:34.0684 0352  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
07:18:34.0700 0352  sffp_sd - ok
07:18:34.0747 0352  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
07:18:34.0762 0352  sfloppy - ok
07:18:34.0794 0352  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:18:34.0840 0352  SharedAccess - ok
07:18:34.0903 0352  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:18:34.0950 0352  ShellHWDetection - ok
07:18:34.0965 0352  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:18:34.0981 0352  sisagp - ok
07:18:35.0012 0352  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:18:35.0028 0352  SiSRaid2 - ok
07:18:35.0043 0352  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
07:18:35.0059 0352  SiSRaid4 - ok
07:18:35.0137 0352  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
07:18:35.0168 0352  SkypeUpdate - ok
07:18:35.0215 0352  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb            C:\Windows\system32\DRIVERS\smb.sys
07:18:35.0262 0352  Smb - ok
07:18:35.0293 0352  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:18:35.0308 0352  SNMPTRAP - ok
07:18:35.0355 0352  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr          C:\Windows\system32\drivers\spldr.sys
07:18:35.0371 0352  spldr - ok
07:18:35.0418 0352  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler        C:\Windows\System32\spoolsv.exe
07:18:35.0449 0352  Spooler - ok
07:18:35.0605 0352  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
07:18:35.0683 0352  sppsvc - ok
07:18:35.0730 0352  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
07:18:35.0761 0352  sppuinotify - ok
07:18:35.0823 0352  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv            C:\Windows\system32\DRIVERS\srv.sys
07:18:35.0839 0352  srv - ok
07:18:35.0870 0352  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:18:35.0886 0352  srv2 - ok
07:18:35.0901 0352  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:18:35.0917 0352  srvnet - ok
07:18:35.0948 0352  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
07:18:35.0979 0352  SSDPSRV - ok
07:18:36.0026 0352  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
07:18:36.0042 0352  ssmdrv - ok
07:18:36.0042 0352  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
07:18:36.0073 0352  SstpSvc - ok
07:18:36.0120 0352  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
07:18:36.0135 0352  stexstor - ok
07:18:36.0166 0352  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
07:18:36.0182 0352  StillCam - ok
07:18:36.0244 0352  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
07:18:36.0276 0352  StiSvc - ok
07:18:36.0322 0352  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
07:18:36.0354 0352  storflt - ok
07:18:36.0385 0352  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc        C:\Windows\system32\storsvc.dll
07:18:36.0400 0352  StorSvc - ok
07:18:36.0432 0352  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
07:18:36.0463 0352  storvsc - ok
07:18:36.0525 0352  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
07:18:36.0556 0352  swenum - ok
07:18:36.0603 0352  [ A28BD92DF340E57B024BA433165D34D7 ] swprv          C:\Windows\System32\swprv.dll
07:18:36.0634 0352  swprv - ok
07:18:36.0744 0352  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain        C:\Windows\system32\sysmain.dll
07:18:36.0790 0352  SysMain - ok
07:18:36.0853 0352  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:18:36.0900 0352  TabletInputService - ok
07:18:36.0962 0352  [ 613BF4820361543956909043A265C6AC ] TapiSrv        C:\Windows\System32\tapisrv.dll
07:18:36.0993 0352  TapiSrv - ok
07:18:37.0040 0352  [ B799D9FDB26111737F58288D8DC172D9 ] TBS            C:\Windows\System32\tbssvc.dll
07:18:37.0087 0352  TBS - ok
07:18:37.0196 0352  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
07:18:37.0243 0352  Tcpip - ok
07:18:37.0274 0352  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:18:37.0321 0352  TCPIP6 - ok
07:18:37.0368 0352  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:18:37.0414 0352  tcpipreg - ok
07:18:37.0461 0352  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:18:37.0492 0352  TDPIPE - ok
07:18:37.0555 0352  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
07:18:37.0570 0352  TDTCP - ok
07:18:37.0617 0352  [ B459575348C20E8121D6039DA063C704 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
07:18:37.0680 0352  tdx - ok
07:18:37.0695 0352  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
07:18:37.0711 0352  TermDD - ok
07:18:37.0773 0352  [ 382C804C92811BE57829D8E550A900E2 ] TermService    C:\Windows\System32\termsrv.dll
07:18:37.0820 0352  TermService - ok
07:18:37.0851 0352  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
07:18:37.0867 0352  Themes - ok
07:18:37.0882 0352  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER    C:\Windows\system32\mmcss.dll
07:18:37.0914 0352  THREADORDER - ok
07:18:37.0945 0352  [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM            C:\Windows\system32\drivers\tpm.sys
07:18:37.0960 0352  TPM - ok
07:18:37.0976 0352  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
07:18:38.0007 0352  TrkWks - ok
07:18:38.0101 0352  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:18:38.0148 0352  TrustedInstaller - ok
07:18:38.0194 0352  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:18:38.0226 0352  tssecsrv - ok
07:18:38.0304 0352  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:18:38.0335 0352  TsUsbFlt - ok
07:18:38.0413 0352  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:18:38.0460 0352  tunnel - ok
07:18:38.0491 0352  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
07:18:38.0506 0352  uagp35 - ok
07:18:38.0569 0352  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:18:38.0616 0352  udfs - ok
07:18:38.0647 0352  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
07:18:38.0662 0352  UI0Detect - ok
07:18:38.0725 0352  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:18:38.0756 0352  uliagpkx - ok
07:18:38.0772 0352  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus          C:\Windows\system32\drivers\umbus.sys
07:18:38.0787 0352  umbus - ok
07:18:38.0818 0352  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
07:18:38.0834 0352  UmPass - ok
07:18:38.0881 0352  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
07:18:38.0912 0352  UmRdpService - ok
07:18:38.0943 0352  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
07:18:38.0990 0352  upnphost - ok
07:18:39.0021 0352  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL        C:\Windows\system32\Drivers\usbaapl.sys
07:18:39.0037 0352  USBAAPL - ok
07:18:39.0099 0352  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:18:39.0130 0352  usbaudio - ok
07:18:39.0146 0352  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp        C:\Windows\system32\drivers\usbccgp.sys
07:18:39.0162 0352  usbccgp - ok
07:18:39.0208 0352  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:18:39.0240 0352  usbcir - ok
07:18:39.0255 0352  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
07:18:39.0271 0352  usbehci - ok
07:18:39.0302 0352  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:18:39.0333 0352  usbhub - ok
07:18:39.0333 0352  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
07:18:39.0349 0352  usbohci - ok
07:18:39.0380 0352  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:18:39.0411 0352  usbprint - ok
07:18:39.0458 0352  [ F991AB9CC6B908DB552166768176896A ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:18:39.0474 0352  USBSTOR - ok
07:18:39.0520 0352  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
07:18:39.0536 0352  usbuhci - ok
07:18:39.0567 0352  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms          C:\Windows\System32\uxsms.dll
07:18:39.0583 0352  UxSms - ok
07:18:39.0598 0352  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
07:18:39.0614 0352  VaultSvc - ok
07:18:39.0630 0352  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:18:39.0645 0352  vdrvroot - ok
07:18:39.0692 0352  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds            C:\Windows\System32\vds.exe
07:18:39.0739 0352  vds - ok
07:18:39.0770 0352  [ 17C408214EA61696CEC9C66E388B14F3 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
07:18:39.0786 0352  vga - ok
07:18:39.0801 0352  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave        C:\Windows\System32\drivers\vga.sys
07:18:39.0832 0352  VgaSave - ok
07:18:39.0879 0352  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
07:18:39.0895 0352  vhdmp - ok
07:18:39.0926 0352  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:18:39.0942 0352  viaagp - ok
07:18:39.0957 0352  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7          C:\Windows\system32\DRIVERS\viac7.sys
07:18:39.0973 0352  ViaC7 - ok
07:18:40.0020 0352  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
07:18:40.0035 0352  viaide - ok
07:18:40.0082 0352  [ C2F2911156FDC7817C52829C86DA494E ] vmbus          C:\Windows\system32\drivers\vmbus.sys
07:18:40.0113 0352  vmbus - ok
07:18:40.0129 0352  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
07:18:40.0144 0352  VMBusHID - ok
07:18:40.0160 0352  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:18:40.0176 0352  volmgr - ok
07:18:40.0207 0352  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
07:18:40.0222 0352  volmgrx - ok
07:18:40.0238 0352  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
07:18:40.0254 0352  volsnap - ok
07:18:40.0285 0352  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
07:18:40.0300 0352  vsmraid - ok
07:18:40.0394 0352  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS            C:\Windows\system32\vssvc.exe
07:18:40.0441 0352  VSS - ok
07:18:40.0456 0352  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
07:18:40.0472 0352  vwifibus - ok
07:18:40.0534 0352  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time        C:\Windows\system32\w32time.dll
07:18:40.0566 0352  W32Time - ok
07:18:40.0597 0352  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
07:18:40.0612 0352  WacomPen - ok
07:18:40.0690 0352  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:18:40.0737 0352  WANARP - ok
07:18:40.0753 0352  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:18:40.0784 0352  Wanarpv6 - ok
07:18:40.0893 0352  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
07:18:40.0924 0352  WatAdminSvc - ok
07:18:41.0034 0352  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
07:18:41.0080 0352  wbengine - ok
07:18:41.0127 0352  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:18:41.0158 0352  WbioSrvc - ok
07:18:41.0221 0352  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc        C:\Windows\System32\wcncsvc.dll
07:18:41.0252 0352  wcncsvc - ok
07:18:41.0283 0352  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:18:41.0299 0352  WcsPlugInService - ok
07:18:41.0330 0352  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
07:18:41.0346 0352  Wd - ok
07:18:41.0377 0352  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:18:41.0408 0352  Wdf01000 - ok
07:18:41.0439 0352  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:18:41.0455 0352  WdiServiceHost - ok
07:18:41.0455 0352  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost  C:\Windows\system32\wdi.dll
07:18:41.0486 0352  WdiSystemHost - ok
07:18:41.0533 0352  [ A9D880F97530D5B8FEE278923349929D ] WebClient      C:\Windows\System32\webclnt.dll
07:18:41.0564 0352  WebClient - ok
07:18:41.0580 0352  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:18:41.0611 0352  Wecsvc - ok
07:18:41.0611 0352  [ AC804569BB2364FB6017370258A4091B ] wercplsupport  C:\Windows\System32\wercplsupport.dll
07:18:41.0642 0352  wercplsupport - ok
07:18:41.0674 0352  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:18:41.0705 0352  WerSvc - ok
07:18:41.0737 0352  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:18:41.0752 0352  WfpLwf - ok
07:18:41.0768 0352  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:18:41.0783 0352  WIMMount - ok
07:18:41.0861 0352  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
07:18:41.0908 0352  WinDefend - ok
07:18:41.0924 0352  WinHttpAutoProxySvc - ok
07:18:41.0986 0352  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
07:18:42.0033 0352  Winmgmt - ok
07:18:42.0158 0352  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM          C:\Windows\system32\WsmSvc.dll
07:18:42.0205 0352  WinRM - ok
07:18:42.0298 0352  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:18:42.0329 0352  WinUsb - ok
07:18:42.0392 0352  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc        C:\Windows\System32\wlansvc.dll
07:18:42.0439 0352  Wlansvc - ok
07:18:42.0485 0352  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
07:18:42.0532 0352  WmiAcpi - ok
07:18:42.0563 0352  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:18:42.0579 0352  wmiApSrv - ok
07:18:42.0688 0352  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
07:18:42.0735 0352  WMPNetworkSvc - ok
07:18:42.0766 0352  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:18:42.0782 0352  WPCSvc - ok
07:18:42.0829 0352  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:18:42.0860 0352  WPDBusEnum - ok
07:18:42.0891 0352  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
07:18:42.0922 0352  ws2ifsl - ok
07:18:42.0938 0352  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
07:18:42.0953 0352  wscsvc - ok
07:18:42.0985 0352  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
07:18:43.0000 0352  WSDPrintDevice - ok
07:18:43.0000 0352  WSearch - ok
07:18:43.0125 0352  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
07:18:43.0172 0352  wuauserv - ok
07:18:43.0234 0352  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:18:43.0297 0352  WudfPf - ok
07:18:43.0343 0352  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:18:43.0421 0352  WUDFRd - ok
07:18:43.0453 0352  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
07:18:43.0484 0352  wudfsvc - ok
07:18:43.0515 0352  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc        C:\Windows\System32\wwansvc.dll
07:18:43.0562 0352  WwanSvc - ok
07:18:43.0640 0352  ================ Scan global ===============================
07:18:43.0702 0352  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
07:18:43.0749 0352  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
07:18:43.0780 0352  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
07:18:43.0811 0352  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
07:18:43.0858 0352  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
07:18:43.0858 0352  [Global] - ok
07:18:43.0858 0352  ================ Scan MBR ==================================
07:18:43.0874 0352  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:18:44.0170 0352  \Device\Harddisk0\DR0 - ok
07:18:44.0170 0352  ================ Scan VBR ==================================
07:18:44.0170 0352  [ CE491615B4C7214F08FEF38A76EC1503 ] \Device\Harddisk0\DR0\Partition1
07:18:44.0170 0352  \Device\Harddisk0\DR0\Partition1 - ok
07:18:44.0217 0352  [ CA8B0DFDED686013FFBAE896772428A1 ] \Device\Harddisk0\DR0\Partition2
07:18:44.0217 0352  \Device\Harddisk0\DR0\Partition2 - ok
07:18:44.0217 0352  ============================================================
07:18:44.0217 0352  Scan finished
07:18:44.0217 0352  ============================================================
07:18:44.0217 4368  Detected object count: 4
07:18:44.0217 4368  Actual detected object count: 4
07:19:29.0582 4368  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
07:19:29.0582 4368  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:19:29.0582 4368  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:19:29.0582 4368  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:19:29.0582 4368  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:19:29.0582 4368  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:19:29.0597 4368  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:19:29.0597 4368  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

spigi01 16.11.2012 11:48
Hallo

Ich kann mir ja vorstellen, dass ihr viel zu tun habt, wenn ich so im Forum rumschaue, trotzdem wäre ich sehr froh, wenn ich einen neuen Vorschlag erhalten würde, wie ich weiter verfahren soll....

Besten Dank

markusg 16.11.2012 12:37
Hi
sieht schon mal gut aus.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

spigi01 17.11.2012 18:35
Hi
Anbei das ComboFix Log:
Code:
ComboFix 12-11-16.02 - Mark Bachmann 17.11.2012  18:08:23.5.2 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.41.1031.18.2039.957 [GMT 1:00]
ausgeführt von:: c:\users\Mark Bachmann\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-10-17 bis 2012-11-17  ))))))))))))))))))))))))))))))
.
.
2012-11-17 17:20 . 2012-11-17 17:20        --------        d-----w-        c:\users\Public\AppData\Local\temp
2012-11-17 17:20 . 2012-11-17 17:20        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-11-13 15:48 . 2012-11-13 15:48        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-11-13 15:48 . 2012-09-29 18:54        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-11-13 15:44 . 2012-10-12 05:56        6918632        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD759742-1DD7-4830-9FE1-6A89C41BB516}\mpengine.dll
2012-11-13 14:20 . 2011-07-13 02:55        2237440        ----a-r-        C:\OTLPE.exe
2012-11-13 14:20 . 2012-11-13 14:20        --------        d-----w-        C:\_OTL
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-14 18:28 . 2012-10-11 09:43        2048        ----a-w-        c:\windows\system32\tzres.dll
2012-08-31 17:18 . 2012-10-11 02:14        1211760        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-11 02:10        3968880        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-11 02:10        3914096        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57 . 2012-10-11 09:44        172544        ----a-w-        c:\windows\system32\wintrust.dll
2012-08-24 06:59 . 2012-09-24 12:15        1800704        ----a-w-        c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-24 12:15        1129472        ----a-w-        c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-24 12:15        1427968        ----a-w-        c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-24 12:15        142848        ----a-w-        c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-24 12:15        420864        ----a-w-        c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-24 12:15        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-12 09:59        1292144        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 09:59        712048        ----a-w-        c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 09:59        240496        ----a-w-        c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 09:59        187760        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12 . 2012-09-26 05:36        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe
2012-08-20 17:40 . 2012-10-11 09:43        169984        ----a-w-        c:\windows\system32\winsrv.dll
2012-08-20 17:40 . 2012-10-11 09:43        293376        ----a-w-        c:\windows\system32\KernelBase.dll
2012-08-20 17:37 . 2012-10-11 09:43        271360        ----a-w-        c:\windows\system32\conhost.exe
2012-08-20 17:32 . 2012-10-11 09:43        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        5120        ---ha-w-        c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 09:43        6144        ---ha-w-        c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 09:43        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 09:43        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 09:43        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-05-14 12:07 . 2011-05-14 12:07        399736        ----a-w-        c:\program files\uTorrent.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 2453504]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-16 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Mark Bachmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CrewLink Offline HUB.appref-ms [2012-1-12 354]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - SASDIFSV
*Deregistered* - SASKUTIL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-10 16:15]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-10 16:15]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.unhooked.ch/2008/spotguide/
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: {48580E34-E37A-454A-8EC4-FC7598B01D77} - hxxp://chkr-web.ifolor.net/app_support/1/ActiveX/IfolorUploader_chkr.cab
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-11-17  18:23:09
ComboFix-quarantined-files.txt  2012-11-17 17:23
ComboFix2.txt  2012-11-17 16:54
.
Vor Suchlauf: 2'843'172'864 Bytes frei
Nach Suchlauf: 2'665'394'176 Bytes frei
.
- - End Of File - - CA4861ECCC482A151706C81F772297D9

markusg 19.11.2012 17:45
hi
lade den CCleaner standard:
CCleaner Download - CCleaner 3.24.1850
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

spigi01 20.11.2012 13:48
CCleaner .txt:

Bei den notwendigen bin ich sicher, dass ich sie brauche, bei den unbekannten kenne ich mich zuwenig gut aus um genau zu wissen, was ich davon brauche und was nicht....

Code:
Acoustica Effects Pack        Acoustica, Inc        04.06.2012                3.0        UNBEKANNT
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        19.06.2012        6.00MB        11.3.300.257        NOTWENDIG
Apple Application Support        Apple Inc.        02.05.2012        60.9MB        2.1.7        UNBEKANNT
Apple Mobile Device Support        Apple Inc.        02.05.2012        24.1MB        5.1.1.4        UNBEKANNT
Apple Software Update        Apple Inc.        27.06.2011        2.25MB        2.1.3.127        UNBEKANNT
AuthenTec TrueSuite        AuthenTec, Inc.        10.05.2011        6.54MB        2.0.0.57        UNBEKANNT
Avira Free Antivirus        Avira        17.11.2012        124MB        12.1.9.1236        NOTWENDIG
Avira SearchFree Toolbar plus Web Protection        Ask.com        27.05.2012        3.78MB        1.15.1.0        UNBEKANNT
Bonjour        Apple Inc.        24.10.2011        1.02MB        3.0.0.10        UNBEKANNT
CCleaner        Piriform        24.10.2012                3.24
CLX.PayMaker        CREALOGIX        31.05.2011        155MB        1.7.32.0        NOTWENDIG
Crewlink-Offline        Swiss International Airlines        31.05.2012                1.2.3103.30        NOTWENDIG
Google Chrome        Google Inc.        19.06.2012                23.0.1271.64        UNBEKANNT
Google Toolbar for Internet Explorer        Google Inc.        19.09.2012                7.4.3230.2052        UNBEKANNT
HP Color LaserJet CM1312 MFP Series 5.1        HP        04.06.2012                5.1        NOTWENDIG
HP Imaging Device Functions 10.0        HP        04.06.2012                10.0        NOTWENDIG
Intel(R) Graphics Media Accelerator Driver        Intel Corporation        04.06.2012        54.2MB        8.15.10.1930        NOTWENDIG
Intel(R) TV Wizard        Intel Corporation        04.06.2012        UNBEKANNT
iTunes        Apple Inc.        02.05.2012        157MB        10.6.1.7        NOTWENDIG
Java(TM) 7 Update 5        Oracle        18.06.2012        99.3MB        7.0.50        UNBEKANNT
JavaFX 2.1.1        Oracle Corporation        18.06.2012        20.8MB        2.1.1        UNBEKANNT
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        04.06.2012        38.8MB        4.0.30319        UNBEKANNT
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        04.06.2012        2.93MB        4.0.30319        UNBEKANNT
Microsoft Office Professional Plus 2010        Microsoft Corporation        04.06.2012                14.0.6029.1000        NOTWENDIG
Microsoft SQL Server Compact 3.5 SP2 ENU        Microsoft Corporation        12.01.2012        3.39MB        3.5.8080.0        UNBEKANNT
Microsoft Sync Framework 2.1 Core Components (x86) ENU        Microsoft Corporation        12.01.2012        0.98MB        2.1.1648.0        UNBEKANNT
Microsoft Sync Framework 2.1 Database Providers (x86) ENU        Microsoft Corporation        12.01.2012        1.04MB        3.1.1648.0        UNBEKANNT
Microsoft Sync Framework 2.1 Provider Services (x86) ENU        Microsoft Corporation        12.01.2012        2.27MB        2.1.1648.0        UNBEKANNT
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        10.05.2011        596KB        9.0.30729.4148        UNBEKANNT
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        17.06.2011        600KB        9.0.30729.6161        UNBEKANNT
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        13.01.2012        15.0MB        10.0.40219        UNBEKANNT
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        02.06.2011        35.0KB        4.20.9870.0        UNBEKANNT
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        02.06.2011        1.33MB        4.20.9876.0        UNBEKANNT
Opera 12.02        Opera Software ASA        12.09.2012                12.02.1578        NOTWENDIG
PDF-Viewer        Tracker Software Products Ltd        18.06.2012        39.0MB        2.5.201.0        NOTWENDIG
Private Tax 2010        Abraxas Informatik AG        04.06.2012                1.1.4.587        NOTWENDIG
Private Tax 2011 1.3        Information Factory AG        04.06.2012                1.3        NOTWENDIG
QuickTime        Apple Inc.        09.09.2011        73.0MB        7.70.80.34        UNBEKANNT
Skype Toolbars        Skype Technologies S.A.        23.07.2011        7.50MB        5.5.7896        UNBEKANNT
Skype™ 5.10        Skype Technologies S.A.        02.09.2012        19.4MB        5.10.116        NOTWENDIG
SoundMAX        Analog Devices        07.08.2011                6.10.1.5240        UNBEKANNT
TuneAid 3.76        DigiDNA        16.05.2011        10.1MB        3.76        UNBEKANNT
WinRAR 4.11 (32-Bit)        win.rar GmbH        04.06.2012                4.11.0        UNBEKANNT
µTorrent                04.06.2012                2.2.1        UNBEKANNT
Danke für die Hilfe

markusg 20.11.2012 20:25
Deinstaliere:
Avira SearchFree
Google : alle
Java: alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Skype Toolbars
µTorrent
öffne ccleaner, analysieren starten.
PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

spigi01 21.11.2012 18:32
Die angegebenen Programme sind gelöscht, Java neu installiert, CCleaner hat analysiert.
CCleaner meldet
Code:
ANALYSE komplett - (416.345 Sek)
----------------------------------------------------------------------------------------------------
406MB zu entfernen. (Ungefähre Größe)
----------------------------------------------------------------------------------------------------

Details der zu löschenden Dateien (Hinweis: Es wurden noch keine Dateien gelöscht)
----------------------------------------------------------------------------------------------------
und darunter sind haufenweise Dateien aufgelistet.
Soll ich jetzt STARTE CCLEANER drücken oder eben einfach den Compi neu starten???:confused:

markusg 21.11.2012 19:11
Hi
Starte ccleaner, klicken, abwarten bis er durch ist, pc neustarten.
und dann weiter mit AdwCleaner


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:03 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19