Der Windows Sicherheitcenterdienst kann nicht gestartet werden

Treblig · 14.12.2012, 18:45

Hallo,
habe heute aufeinmal die Meldung bekommen "Der Windows Sicherheitcenterdienst kann nicht gestartet werden"
Als ich bei google.de danach suchte, wurde ich, also ich z.B einen Beitrag aus diesem Forum öffnen wollte automatisch auf eine andere Seite geleitet...habe auch hier im Forum bereits einige Beiträge dazu gelesen, nun wollte ich fragen ob ihr mir vielleicht helfen könntet ?

Grüße...

defogger_disabled:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:46 on 14/12/2012 (Gilbert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

OTL Dateien habe ich angehangen !

markusg · 14.12.2012, 20:19

hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL
[2012.12.14 17:43:43 | 000,126,976 | RHS- | M] () -- C:\Windows\SysWow64\RTCOMF.dll
[2012.12.14 17:43:43 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\ITMVGELMK.job
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die

+ E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

downloade get info:
http://markusg.trojaner-board.de/GetInfo.exe
doppelklicke die .exe
im selben ordner wird nun eine .txt erstellt:
summary-info.txt
diese doppelklicken und deren inhalt posten.

Frage:
hast du zum infektionszeitpunkt, bzw evtl. einen tag davor, etwas runtergeladen und instaliert bzw ausgeführt?
wurdest du beim besuch einer seite aufgefordert etwas zu instalieren bzw runterzuladen? diese infos hätte ich auch gern als private nachicht.

Treblig · 15.12.2012, 05:45

Nachdem ich den Text in die Textbox kopiert habe und auf den Fixbutton geklickt habe, kam dann das dabei raus:

All processes killed
========== OTL ==========
C:\Windows\SysWOW64\RTCOMF.dll moved successfully.
C:\Windows\Tasks\ITMVGELMK.job moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Gilbert
->Flash cache emptied: 554 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gilbert
->Temp folder emptied: 2234260197 bytes
->Temporary Internet Files folder emptied: 761424242 bytes
->Java cache emptied: 3961350 bytes
->FireFox cache emptied: 78178493 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 275712584 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.198,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12152012_053148

Files\Folders moved on Reboot...
C:\Users\Gilbert\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Den weiteren Schritt verstehe ich gerade nicht so ganz, welchen Ordner _OTL oder Movedfiles ?

Da ich heir irgendwie nichts finde, wo ich den Beitrag bearbeiten kann, schreibe ich es so...

System volume information: dwHighDateTime = 0x1cca9ee,dwLowDateTime = 0x50ec49b8
System32: dwHighDateTime = 0x1ca0431,dwLowDateTime = 0xfec9a6f8
dwSerialNumber = 0x9400d17e

markusg · 15.12.2012, 16:01

Hi,
sehr gut!
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Treblig · 15.12.2012, 19:43

Hat nichts gefunden:

19:40:11.0739 4464 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:40:11.0958 4464 ============================================================
19:40:11.0958 4464 Current date / time: 2012/12/15 19:40:11.0958
19:40:11.0958 4464 SystemInfo:
19:40:11.0958 4464
19:40:11.0958 4464 OS Version: 6.1.7601 ServicePack: 1.0
19:40:11.0958 4464 Product type: Workstation
19:40:11.0958 4464 ComputerName: GILBERT-PC
19:40:11.0958 4464 UserName: Gilbert
19:40:11.0958 4464 Windows directory: C:\Windows
19:40:11.0958 4464 System windows directory: C:\Windows
19:40:11.0958 4464 Running under WOW64
19:40:11.0958 4464 Processor architecture: Intel x64
19:40:11.0958 4464 Number of processors: 4
19:40:11.0958 4464 Page size: 0x1000
19:40:11.0958 4464 Boot type: Normal boot
19:40:11.0958 4464 ============================================================
19:40:13.0114 4464 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:18.0567 4464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:18.0598 4464 ============================================================
19:40:18.0598 4464 \Device\Harddisk1\DR1:
19:40:18.0598 4464 MBR partitions:
19:40:18.0598 4464 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:18.0598 4464 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
19:40:18.0598 4464 \Device\Harddisk0\DR0:
19:40:18.0598 4464 MBR partitions:
19:40:18.0598 4464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
19:40:18.0598 4464 ============================================================
19:40:18.0614 4464 C: <-> \Device\Harddisk1\DR1\Partition2
19:40:18.0645 4464 D: <-> \Device\Harddisk0\DR0\Partition1
19:40:18.0645 4464 ============================================================
19:40:18.0645 4464 Initialize success
19:40:18.0645 4464 ============================================================
19:41:01.0021 4968 ============================================================
19:41:01.0021 4968 Scan started
19:41:01.0021 4968 Mode: Manual; SigCheck; TDLFS;
19:41:01.0021 4968 ============================================================
19:41:02.0740 4968 ================ Scan system memory ========================
19:41:02.0740 4968 System memory - ok
19:41:02.0740 4968 ================ Scan services =============================
19:41:02.0880 4968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:41:03.0052 4968 1394ohci - ok
19:41:03.0115 4968 ACDaemon - ok
19:41:03.0146 4968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:41:03.0162 4968 ACPI - ok
19:41:03.0193 4968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:41:03.0271 4968 AcpiPmi - ok
19:41:03.0333 4968 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:41:03.0380 4968 AdobeARMservice - ok
19:41:03.0412 4968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:41:03.0443 4968 adp94xx - ok
19:41:03.0474 4968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:41:03.0505 4968 adpahci - ok
19:41:03.0521 4968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:41:03.0552 4968 adpu320 - ok
19:41:03.0568 4968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:41:03.0693 4968 AeLookupSvc - ok
19:41:03.0787 4968 [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc C:\Windows\syswow64\drivers\Afc.sys
19:41:04.0177 4968 Afc - ok
19:41:04.0240 4968 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:41:04.0287 4968 AFD - ok
19:41:04.0318 4968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:41:04.0349 4968 agp440 - ok
19:41:04.0365 4968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:41:04.0412 4968 ALG - ok
19:41:04.0443 4968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:41:04.0458 4968 aliide - ok
19:41:04.0474 4968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:41:04.0490 4968 amdide - ok
19:41:04.0505 4968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:41:04.0552 4968 AmdK8 - ok
19:41:04.0568 4968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:41:04.0599 4968 AmdPPM - ok
19:41:04.0630 4968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:41:04.0662 4968 amdsata - ok
19:41:04.0677 4968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:41:04.0708 4968 amdsbs - ok
19:41:04.0708 4968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:41:04.0740 4968 amdxata - ok
19:41:04.0787 4968 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:41:04.0849 4968 AntiVirSchedulerService - ok
19:41:04.0865 4968 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:41:04.0896 4968 AntiVirService - ok
19:41:04.0927 4968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:41:04.0990 4968 AppID - ok
19:41:05.0021 4968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:41:05.0099 4968 AppIDSvc - ok
19:41:05.0115 4968 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:41:05.0193 4968 Appinfo - ok
19:41:05.0208 4968 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:41:05.0271 4968 AppMgmt - ok
19:41:05.0302 4968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:41:05.0318 4968 arc - ok
19:41:05.0333 4968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:41:05.0380 4968 arcsas - ok
19:41:05.0396 4968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:41:05.0474 4968 AsyncMac - ok
19:41:05.0490 4968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:41:05.0505 4968 atapi - ok
19:41:05.0552 4968 [ CA4A0176FA380EFD45DE9D0ACB9E1F86 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:41:05.0630 4968 Ati External Event Utility - ok
19:41:05.0771 4968 [ AEAE4ABE6419923C037A0B2A157E1FC6 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:41:05.0912 4968 atikmdag - ok
19:41:05.0958 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:41:06.0005 4968 AudioEndpointBuilder - ok
19:41:06.0021 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:41:06.0083 4968 AudioSrv - ok
19:41:06.0099 4968 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:41:06.0130 4968 avgntflt - ok
19:41:06.0162 4968 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:41:06.0193 4968 avipbb - ok
19:41:06.0208 4968 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:41:06.0224 4968 avkmgr - ok
19:41:06.0255 4968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:41:06.0349 4968 AxInstSV - ok
19:41:06.0380 4968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:41:06.0427 4968 b06bdrv - ok
19:41:06.0458 4968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:41:06.0490 4968 b57nd60a - ok
19:41:06.0537 4968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:41:06.0568 4968 BDESVC - ok
19:41:06.0583 4968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:41:06.0662 4968 Beep - ok
19:41:06.0708 4968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:41:06.0802 4968 BFE - ok
19:41:06.0849 4968 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:41:06.0958 4968 BITS - ok
19:41:06.0990 4968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:41:07.0021 4968 blbdrive - ok
19:41:07.0052 4968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:41:07.0099 4968 bowser - ok
19:41:07.0115 4968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:41:07.0162 4968 BrFiltLo - ok
19:41:07.0162 4968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:41:07.0193 4968 BrFiltUp - ok
19:41:07.0224 4968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:41:07.0240 4968 Browser - ok
19:41:07.0255 4968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:41:07.0318 4968 Brserid - ok
19:41:07.0318 4968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:41:07.0365 4968 BrSerWdm - ok
19:41:07.0365 4968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:41:07.0396 4968 BrUsbMdm - ok
19:41:07.0412 4968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:41:07.0427 4968 BrUsbSer - ok
19:41:07.0474 4968 [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF C:\Windows\system32\DRIVERS\BthAudioHF.sys
19:41:07.0505 4968 BthAudioHF - ok
19:41:07.0521 4968 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
19:41:07.0568 4968 BthAvrcp - ok
19:41:07.0615 4968 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:41:07.0677 4968 BthEnum - ok
19:41:07.0693 4968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:41:07.0740 4968 BTHMODEM - ok
19:41:07.0771 4968 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:41:07.0818 4968 BthPan - ok
19:41:07.0880 4968 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:41:07.0943 4968 BTHPORT - ok
19:41:07.0974 4968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:41:08.0021 4968 bthserv - ok
19:41:08.0068 4968 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:41:08.0115 4968 BTHUSB - ok
19:41:08.0146 4968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:41:08.0208 4968 cdfs - ok
19:41:08.0255 4968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:41:08.0271 4968 cdrom - ok
19:41:08.0302 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:41:08.0380 4968 CertPropSvc - ok
19:41:08.0412 4968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:41:08.0427 4968 circlass - ok
19:41:08.0458 4968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:41:08.0474 4968 CLFS - ok
19:41:08.0537 4968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:41:08.0568 4968 clr_optimization_v2.0.50727_32 - ok
19:41:08.0630 4968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:41:08.0646 4968 clr_optimization_v2.0.50727_64 - ok
19:41:08.0693 4968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:41:08.0755 4968 clr_optimization_v4.0.30319_32 - ok
19:41:08.0802 4968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:41:08.0818 4968 clr_optimization_v4.0.30319_64 - ok
19:41:08.0849 4968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:41:08.0880 4968 CmBatt - ok
19:41:08.0896 4968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:41:08.0927 4968 cmdide - ok
19:41:08.0958 4968 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:41:09.0037 4968 CNG - ok
19:41:09.0068 4968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:41:09.0083 4968 Compbatt - ok
19:41:09.0099 4968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:41:09.0146 4968 CompositeBus - ok
19:41:09.0146 4968 COMSysApp - ok
19:41:09.0177 4968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:41:09.0193 4968 crcdisk - ok
19:41:09.0255 4968 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:41:09.0287 4968 CryptSvc - ok
19:41:09.0333 4968 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:41:09.0396 4968 CSC - ok
19:41:09.0427 4968 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:41:09.0474 4968 CscService - ok
19:41:09.0505 4968 [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
19:41:09.0537 4968 csr_a2dp - ok
19:41:09.0583 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:41:09.0646 4968 DcomLaunch - ok
19:41:09.0693 4968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:41:09.0771 4968 defragsvc - ok
19:41:09.0787 4968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:41:09.0849 4968 DfsC - ok
19:41:09.0880 4968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:41:09.0927 4968 Dhcp - ok
19:41:09.0943 4968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:41:10.0005 4968 discache - ok
19:41:10.0052 4968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:41:10.0083 4968 Disk - ok
19:41:10.0099 4968 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:41:10.0146 4968 dmvsc - ok
19:41:10.0177 4968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:41:10.0208 4968 Dnscache - ok
19:41:10.0240 4968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:41:10.0302 4968 dot3svc - ok
19:41:10.0333 4968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:41:10.0396 4968 DPS - ok
19:41:10.0427 4968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:41:10.0458 4968 drmkaud - ok
19:41:10.0505 4968 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:41:10.0552 4968 DXGKrnl - ok
19:41:10.0568 4968 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
19:41:10.0615 4968 E1G60 - ok
19:41:10.0646 4968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:41:10.0724 4968 EapHost - ok
19:41:10.0865 4968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:41:10.0958 4968 ebdrv - ok
19:41:11.0005 4968 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:41:11.0037 4968 EFS - ok
19:41:11.0083 4968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:41:11.0130 4968 ehRecvr - ok
19:41:11.0162 4968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:41:11.0193 4968 ehSched - ok
19:41:11.0224 4968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:41:11.0271 4968 elxstor - ok
19:41:11.0287 4968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:41:11.0333 4968 ErrDev - ok
19:41:11.0380 4968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:41:11.0443 4968 EventSystem - ok
19:41:11.0458 4968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:41:11.0521 4968 exfat - ok
19:41:11.0537 4968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:41:11.0615 4968 fastfat - ok
19:41:11.0646 4968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:41:11.0708 4968 Fax - ok
19:41:11.0724 4968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:41:11.0755 4968 fdc - ok
19:41:11.0787 4968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:41:11.0849 4968 fdPHost - ok
19:41:11.0865 4968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:41:11.0927 4968 FDResPub - ok
19:41:11.0958 4968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:41:11.0974 4968 FileInfo - ok
19:41:11.0990 4968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:41:12.0052 4968 Filetrace - ok
19:41:12.0068 4968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:41:12.0083 4968 flpydisk - ok
19:41:12.0130 4968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:41:12.0162 4968 FltMgr - ok
19:41:12.0208 4968 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:41:12.0271 4968 FontCache - ok
19:41:12.0318 4968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:41:12.0349 4968 FontCache3.0.0.0 - ok
19:41:12.0380 4968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:41:12.0396 4968 FsDepends - ok
19:41:12.0443 4968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:41:12.0458 4968 Fs_Rec - ok
19:41:12.0490 4968 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:41:12.0505 4968 fvevol - ok
19:41:12.0521 4968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:41:12.0552 4968 gagp30kx - ok
19:41:12.0583 4968 [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
19:41:12.0615 4968 ggflt - ok
19:41:12.0630 4968 [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
19:41:12.0662 4968 ggsemc - ok
19:41:12.0693 4968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:41:12.0740 4968 gpsvc - ok
19:41:12.0787 4968 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:41:12.0818 4968 gusvc - ok
19:41:12.0849 4968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:41:12.0880 4968 hcw85cir - ok
19:41:12.0943 4968 [ 41579CF682DE886C27F732F369EE3F46 ] hcwhdpvr C:\Windows\system32\DRIVERS\hcwhdpvr.sys
19:41:12.0974 4968 hcwhdpvr - ok
19:41:12.0990 4968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:41:13.0052 4968 HdAudAddService - ok
19:41:13.0068 4968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:13.0115 4968 HDAudBus - ok
19:41:13.0146 4968 [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService C:\Windows\System32\HFGService.dll
19:41:13.0193 4968 HFGService - ok
19:41:13.0208 4968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:41:13.0240 4968 HidBatt - ok
19:41:13.0271 4968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:41:13.0302 4968 HidBth - ok
19:41:13.0318 4968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:41:13.0349 4968 HidIr - ok
19:41:13.0380 4968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:41:13.0443 4968 hidserv - ok
19:41:13.0474 4968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:41:13.0490 4968 HidUsb - ok
19:41:13.0505 4968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:41:13.0583 4968 hkmsvc - ok
19:41:13.0615 4968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:41:13.0646 4968 HomeGroupListener - ok
19:41:13.0677 4968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:41:13.0724 4968 HomeGroupProvider - ok
19:41:13.0740 4968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:41:13.0771 4968 HpSAMD - ok
19:41:13.0802 4968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:41:13.0880 4968 HTTP - ok
19:41:13.0896 4968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:41:13.0912 4968 hwpolicy - ok
19:41:13.0927 4968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:41:13.0958 4968 i8042prt - ok
19:41:13.0990 4968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:41:14.0021 4968 iaStorV - ok
19:41:14.0052 4968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:41:14.0130 4968 idsvc - ok
19:41:14.0146 4968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:41:14.0177 4968 iirsp - ok
19:41:14.0208 4968 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:41:14.0287 4968 IKEEXT - ok
19:41:14.0380 4968 [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:41:14.0490 4968 IntcAzAudAddService - ok
19:41:14.0505 4968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:41:14.0521 4968 intelide - ok
19:41:14.0552 4968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:41:14.0599 4968 intelppm - ok
19:41:14.0630 4968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:41:14.0708 4968 IPBusEnum - ok
19:41:14.0708 4968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:14.0771 4968 IpFilterDriver - ok
19:41:14.0818 4968 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:41:14.0865 4968 iphlpsvc - ok
19:41:14.0865 4968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:41:14.0912 4968 IPMIDRV - ok
19:41:14.0943 4968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:41:15.0005 4968 IPNAT - ok
19:41:15.0037 4968 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:41:15.0083 4968 irda - ok
19:41:15.0099 4968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:41:15.0146 4968 IRENUM - ok
19:41:15.0177 4968 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
19:41:15.0208 4968 Irmon - ok
19:41:15.0240 4968 [ D2CA12736624BA636F8357DC3EF0757E ] irsir C:\Windows\system32\DRIVERS\irsir.sys
19:41:15.0287 4968 irsir - ok
19:41:15.0302 4968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:41:15.0333 4968 isapnp - ok
19:41:15.0349 4968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:41:15.0380 4968 iScsiPrt - ok
19:41:15.0412 4968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:15.0427 4968 kbdclass - ok
19:41:15.0458 4968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:41:15.0490 4968 kbdhid - ok
19:41:15.0505 4968 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:41:15.0521 4968 KeyIso - ok
19:41:15.0568 4968 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:41:15.0599 4968 KSecDD - ok
19:41:15.0646 4968 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:41:15.0677 4968 KSecPkg - ok
19:41:15.0693 4968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:41:15.0755 4968 ksthunk - ok
19:41:15.0787 4968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:41:15.0880 4968 KtmRm - ok
19:41:16.0005 4968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:41:16.0068 4968 LanmanServer - ok
19:41:16.0099 4968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:41:16.0162 4968 LanmanWorkstation - ok
19:41:16.0302 4968 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:41:16.0333 4968 LBTServ - ok
19:41:16.0365 4968 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:41:16.0396 4968 LHidFilt - ok
19:41:16.0412 4968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:41:16.0490 4968 lltdio - ok
19:41:16.0505 4968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:41:16.0583 4968 lltdsvc - ok
19:41:16.0599 4968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:41:16.0677 4968 lmhosts - ok
19:41:16.0693 4968 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:41:16.0708 4968 LMouFilt - ok
19:41:16.0740 4968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:41:16.0771 4968 LSI_FC - ok
19:41:16.0787 4968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:41:16.0818 4968 LSI_SAS - ok
19:41:16.0833 4968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:41:16.0865 4968 LSI_SAS2 - ok
19:41:16.0865 4968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:41:16.0912 4968 LSI_SCSI - ok
19:41:16.0927 4968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:41:17.0005 4968 luafv - ok
19:41:17.0068 4968 [ 07389F6925E490D2DB7882110E99921C ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
19:41:17.0083 4968 lvpepf64 - ok
19:41:17.0115 4968 [ 7F0BA3A6E8996F15693C6B7D81DA049E ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:41:17.0162 4968 LVRS64 - ok
19:41:17.0193 4968 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
19:41:17.0208 4968 LVUSBS64 - ok
19:41:17.0271 4968 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
19:41:17.0318 4968 MarvinBus - ok
19:41:17.0349 4968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:41:17.0380 4968 Mcx2Svc - ok
19:41:17.0396 4968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:41:17.0427 4968 megasas - ok
19:41:17.0427 4968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:41:17.0458 4968 MegaSR - ok
19:41:17.0505 4968 Microsoft SharePoint Workspace Audit Service - ok
19:41:17.0537 4968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:41:17.0599 4968 MMCSS - ok
19:41:17.0599 4968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:41:17.0662 4968 Modem - ok
19:41:17.0693 4968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:41:17.0724 4968 monitor - ok
19:41:17.0755 4968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:41:17.0787 4968 mouclass - ok
19:41:17.0818 4968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:41:17.0849 4968 mouhid - ok
19:41:17.0849 4968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:41:17.0865 4968 mountmgr - ok
19:41:17.0958 4968 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:41:18.0005 4968 MozillaMaintenance - ok
19:41:18.0021 4968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:41:18.0052 4968 mpio - ok
19:41:18.0068 4968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:41:18.0130 4968 mpsdrv - ok
19:41:18.0162 4968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:41:18.0224 4968 MpsSvc - ok
19:41:18.0240 4968 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:41:18.0287 4968 MRxDAV - ok
19:41:18.0318 4968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:18.0365 4968 mrxsmb - ok
19:41:18.0396 4968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:18.0427 4968 mrxsmb10 - ok
19:41:18.0458 4968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:18.0490 4968 mrxsmb20 - ok
19:41:18.0505 4968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:41:18.0521 4968 msahci - ok
19:41:18.0537 4968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:41:18.0568 4968 msdsm - ok
19:41:18.0583 4968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:41:18.0615 4968 MSDTC - ok
19:41:18.0662 4968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:41:18.0724 4968 Msfs - ok
19:41:18.0740 4968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:41:18.0802 4968 mshidkmdf - ok
19:41:18.0818 4968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:41:18.0849 4968 msisadrv - ok
19:41:18.0880 4968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:41:18.0943 4968 MSiSCSI - ok
19:41:18.0958 4968 msiserver - ok
19:41:18.0974 4968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:41:19.0037 4968 MSKSSRV - ok
19:41:19.0037 4968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:19.0099 4968 MSPCLOCK - ok
19:41:19.0130 4968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:41:19.0193 4968 MSPQM - ok
19:41:19.0208 4968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:41:19.0240 4968 MsRPC - ok
19:41:19.0255 4968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:19.0271 4968 mssmbios - ok
19:41:19.0287 4968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:41:19.0349 4968 MSTEE - ok
19:41:19.0365 4968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:41:19.0380 4968 MTConfig - ok
19:41:19.0396 4968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:41:19.0427 4968 Mup - ok
19:41:19.0458 4968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:41:19.0505 4968 napagent - ok
19:41:19.0537 4968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:41:19.0583 4968 NativeWifiP - ok
19:41:19.0693 4968 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:41:19.0708 4968 NAUpdate - ok
19:41:19.0771 4968 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:41:19.0818 4968 NDIS - ok
19:41:19.0833 4968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:41:19.0896 4968 NdisCap - ok
19:41:19.0927 4968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:19.0974 4968 NdisTapi - ok
19:41:19.0990 4968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:20.0068 4968 Ndisuio - ok
19:41:20.0083 4968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:20.0146 4968 NdisWan - ok
19:41:20.0177 4968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:41:20.0224 4968 NDProxy - ok
19:41:20.0240 4968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:41:20.0318 4968 NetBIOS - ok
19:41:20.0349 4968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:41:20.0396 4968 NetBT - ok
19:41:20.0412 4968 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:41:20.0427 4968 Netlogon - ok
19:41:20.0458 4968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:41:20.0537 4968 Netman - ok
19:41:20.0568 4968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:41:20.0662 4968 netprofm - ok
19:41:20.0693 4968 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:41:20.0724 4968 NetTcpPortSharing - ok
19:41:20.0755 4968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:41:20.0787 4968 nfrd960 - ok
19:41:20.0818 4968 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:41:20.0849 4968 NlaSvc - ok
19:41:20.0865 4968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:41:20.0927 4968 Npfs - ok
19:41:20.0958 4968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:41:21.0005 4968 nsi - ok
19:41:21.0021 4968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:41:21.0083 4968 nsiproxy - ok
19:41:21.0146 4968 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:41:21.0224 4968 Ntfs - ok
19:41:21.0255 4968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:41:21.0318 4968 Null - ok
19:41:21.0599 4968 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:41:22.0052 4968 nvlddmkm - ok
19:41:22.0083 4968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:41:22.0115 4968 nvraid - ok
19:41:22.0146 4968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:41:22.0162 4968 nvstor - ok
19:41:22.0224 4968 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:41:22.0255 4968 nvsvc - ok
19:41:22.0349 4968 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:41:22.0396 4968 nvUpdatusService - ok
19:41:22.0412 4968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:41:22.0443 4968 nv_agp - ok
19:41:22.0458 4968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:41:22.0490 4968 ohci1394 - ok
19:41:22.0521 4968 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:41:22.0552 4968 ose64 - ok
19:41:22.0677 4968 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:41:22.0802 4968 osppsvc - ok
19:41:22.0833 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:41:22.0865 4968 p2pimsvc - ok
19:41:22.0896 4968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:41:22.0943 4968 p2psvc - ok
19:41:22.0974 4968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:41:23.0005 4968 Parport - ok
19:41:23.0037 4968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:41:23.0068 4968 partmgr - ok
19:41:23.0083 4968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:41:23.0130 4968 PcaSvc - ok
19:41:23.0146 4968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:41:23.0177 4968 pci - ok
19:41:23.0193 4968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:41:23.0224 4968 pciide - ok
19:41:23.0240 4968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:41:23.0271 4968 pcmcia - ok
19:41:23.0287 4968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:41:23.0302 4968 pcw - ok
19:41:23.0333 4968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:41:23.0443 4968 PEAUTH - ok
19:41:23.0490 4968 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:41:23.0552 4968 PeerDistSvc - ok
19:41:23.0615 4968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:41:23.0677 4968 PerfHost - ok
19:41:23.0771 4968 [ 087A343DFC337F37723DD7912DE6B6CD ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
19:41:23.0865 4968 PID_PEPI - ok
19:41:23.0912 4968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:41:24.0021 4968 pla - ok
19:41:24.0052 4968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:41:24.0083 4968 PlugPlay - ok
19:41:24.0115 4968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:41:24.0146 4968 PNRPAutoReg - ok
19:41:24.0177 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:41:24.0193 4968 PNRPsvc - ok
19:41:24.0240 4968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:41:24.0318 4968 PolicyAgent - ok
19:41:24.0333 4968 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:41:24.0412 4968 Power - ok
19:41:24.0427 4968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:41:24.0505 4968 PptpMiniport - ok
19:41:24.0521 4968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:41:24.0568 4968 Processor - ok
19:41:24.0615 4968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:41:24.0646 4968 ProfSvc - ok
19:41:24.0677 4968 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:41:24.0693 4968 ProtectedStorage - ok
19:41:24.0708 4968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:41:24.0771 4968 Psched - ok
19:41:24.0818 4968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:41:24.0880 4968 ql2300 - ok
19:41:24.0912 4968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:41:24.0943 4968 ql40xx - ok
19:41:24.0958 4968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:41:24.0990 4968 QWAVE - ok
19:41:25.0005 4968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:41:25.0052 4968 QWAVEdrv - ok
19:41:25.0068 4968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:41:25.0130 4968 RasAcd - ok
19:41:25.0162 4968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:41:25.0224 4968 RasAgileVpn - ok
19:41:25.0224 4968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:41:25.0302 4968 RasAuto - ok
19:41:25.0318 4968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:25.0380 4968 Rasl2tp - ok
19:41:25.0412 4968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:41:25.0490 4968 RasMan - ok
19:41:25.0505 4968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:25.0568 4968 RasPppoe - ok
19:41:25.0599 4968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:41:25.0662 4968 RasSstp - ok
19:41:25.0693 4968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:41:25.0771 4968 rdbss - ok
19:41:25.0787 4968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:41:25.0818 4968 rdpbus - ok
19:41:25.0849 4968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:25.0896 4968 RDPCDD - ok
19:41:25.0912 4968 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:41:25.0943 4968 RDPDR - ok
19:41:25.0958 4968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:41:26.0021 4968 RDPENCDD - ok
19:41:26.0037 4968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:41:26.0083 4968 RDPREFMP - ok
19:41:26.0115 4968 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:41:26.0146 4968 RdpVideoMiniport - ok
19:41:26.0177 4968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:41:26.0208 4968 RDPWD - ok
19:41:26.0240 4968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:41:26.0271 4968 rdyboost - ok
19:41:26.0287 4968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:41:26.0349 4968 RemoteAccess - ok
19:41:26.0380 4968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:41:26.0443 4968 RemoteRegistry - ok
19:41:26.0490 4968 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:41:26.0537 4968 RFCOMM - ok
19:41:26.0583 4968 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:41:26.0615 4968 RichVideo - ok
19:41:26.0646 4968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:41:26.0693 4968 RpcEptMapper - ok
19:41:26.0724 4968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:41:26.0755 4968 RpcLocator - ok
19:41:26.0787 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:41:26.0849 4968 RpcSs - ok
19:41:26.0865 4968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:41:26.0927 4968 rspndr - ok
19:41:26.0958 4968 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:41:27.0037 4968 RTL8167 - ok
19:41:27.0052 4968 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:41:27.0083 4968 s3cap - ok
19:41:27.0115 4968 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:41:27.0130 4968 SamSs - ok
19:41:27.0146 4968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:41:27.0177 4968 sbp2port - ok
19:41:27.0208 4968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:41:27.0271 4968 SCardSvr - ok
19:41:27.0302 4968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:41:27.0365 4968 scfilter - ok
19:41:27.0412 4968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:41:27.0490 4968 Schedule - ok
19:41:27.0505 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:41:27.0552 4968 SCPolicySvc - ok
19:41:27.0583 4968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:41:27.0615 4968 SDRSVC - ok
19:41:27.0646 4968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:41:27.0693 4968 secdrv - ok
19:41:27.0724 4968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:41:27.0771 4968 seclogon - ok
19:41:27.0802 4968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:41:27.0849 4968 SENS - ok
19:41:27.0865 4968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:41:27.0912 4968 SensrSvc - ok
19:41:27.0927 4968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:41:27.0958 4968 Serenum - ok
19:41:27.0990 4968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:41:28.0021 4968 Serial - ok
19:41:28.0052 4968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:41:28.0083 4968 sermouse - ok
19:41:28.0115 4968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:41:28.0193 4968 SessionEnv - ok
19:41:28.0208 4968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:41:28.0240 4968 sffdisk - ok
19:41:28.0240 4968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:41:28.0271 4968 sffp_mmc - ok
19:41:28.0287 4968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:41:28.0333 4968 sffp_sd - ok
19:41:28.0333 4968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:41:28.0365 4968 sfloppy - ok
19:41:28.0396 4968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:41:28.0458 4968 SharedAccess - ok
19:41:28.0474 4968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:41:28.0521 4968 ShellHWDetection - ok
19:41:28.0552 4968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:41:28.0568 4968 SiSRaid2 - ok
19:41:28.0583 4968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:41:28.0615 4968 SiSRaid4 - ok
19:41:28.0677 4968 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:41:28.0771 4968 SkypeUpdate - ok
19:41:28.0802 4968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:41:28.0865 4968 Smb - ok
19:41:28.0896 4968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:41:28.0943 4968 SNMPTRAP - ok
19:41:29.0037 4968 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
19:41:29.0083 4968 Sony PC Companion - ok
19:41:29.0099 4968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:41:29.0130 4968 spldr - ok
19:41:29.0162 4968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:41:29.0208 4968 Spooler - ok
19:41:29.0302 4968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:41:29.0412 4968 sppsvc - ok
19:41:29.0427 4968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:41:29.0490 4968 sppuinotify - ok
19:41:29.0537 4968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:41:29.0599 4968 srv - ok
19:41:29.0615 4968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:41:29.0662 4968 srv2 - ok
19:41:29.0662 4968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:41:29.0693 4968 srvnet - ok
19:41:29.0724 4968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:41:29.0787 4968 SSDPSRV - ok
19:41:29.0802 4968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:41:29.0849 4968 SstpSvc - ok
19:41:29.0896 4968 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:41:29.0943 4968 Stereo Service - ok
19:41:29.0958 4968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:41:29.0990 4968 stexstor - ok
19:41:30.0021 4968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:41:30.0068 4968 stisvc - ok
19:41:30.0099 4968 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:41:30.0115 4968 storflt - ok
19:41:30.0146 4968 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:41:30.0177 4968 StorSvc - ok
19:41:30.0208 4968 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:41:30.0224 4968 storvsc - ok
19:41:30.0240 4968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:41:30.0255 4968 swenum - ok
19:41:30.0271 4968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:41:30.0349 4968 swprv - ok
19:41:30.0365 4968 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
19:41:30.0396 4968 Synth3dVsc - ok
19:41:30.0427 4968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:41:30.0505 4968 SysMain - ok
19:41:30.0521 4968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:41:30.0583 4968 TabletInputService - ok
19:41:30.0599 4968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:41:30.0662 4968 TapiSrv - ok
19:41:30.0677 4968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:41:30.0724 4968 TBS - ok
19:41:30.0787 4968 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:41:30.0880 4968 Tcpip - ok
19:41:30.0912 4968 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:41:30.0974 4968 TCPIP6 - ok
19:41:30.0990 4968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:41:31.0005 4968 tcpipreg - ok
19:41:31.0037 4968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:41:31.0068 4968 TDPIPE - ok
19:41:31.0099 4968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:41:31.0130 4968 TDTCP - ok
19:41:31.0146 4968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:41:31.0208 4968 tdx - ok
19:41:31.0224 4968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:41:31.0240 4968 TermDD - ok
19:41:31.0255 4968 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:41:31.0302 4968 terminpt - ok
19:41:31.0333 4968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:41:31.0427 4968 TermService - ok
19:41:31.0443 4968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:41:31.0458 4968 Themes - ok
19:41:31.0474 4968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:41:31.0521 4968 THREADORDER - ok
19:41:31.0537 4968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:41:31.0615 4968 TrkWks - ok
19:41:31.0662 4968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:41:31.0708 4968 TrustedInstaller - ok
19:41:31.0724 4968 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:31.0787 4968 tssecsrv - ok
19:41:31.0818 4968 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:41:31.0849 4968 TsUsbFlt - ok
19:41:31.0865 4968 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:41:31.0896 4968 TsUsbGD - ok
19:41:31.0912 4968 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:41:31.0943 4968 tsusbhub - ok
19:41:31.0974 4968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:41:32.0037 4968 tunnel - ok
19:41:32.0052 4968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:41:32.0083 4968 uagp35 - ok
19:41:32.0099 4968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:41:32.0162 4968 udfs - ok
19:41:32.0208 4968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:41:32.0240 4968 UI0Detect - ok
19:41:32.0255 4968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:41:32.0287 4968 uliagpkx - ok
19:41:32.0302 4968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:41:32.0349 4968 umbus - ok
19:41:32.0349 4968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:41:32.0380 4968 UmPass - ok
19:41:32.0396 4968 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:41:32.0443 4968 UmRdpService - ok
19:41:32.0474 4968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:41:32.0537 4968 upnphost - ok
19:41:32.0568 4968 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:41:32.0615 4968 usbaudio - ok
19:41:32.0646 4968 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:32.0677 4968 usbccgp - ok
19:41:32.0693 4968 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:41:32.0740 4968 usbcir - ok
19:41:32.0755 4968 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:41:32.0787 4968 usbehci - ok
19:41:32.0818 4968 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:41:32.0865 4968 usbhub - ok
19:41:32.0880 4968 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:41:32.0912 4968 usbohci - ok
19:41:32.0958 4968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:41:32.0990 4968 usbprint - ok
19:41:33.0021 4968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:33.0052 4968 USBSTOR - ok
19:41:33.0068 4968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:41:33.0115 4968 usbuhci - ok
19:41:33.0162 4968 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
19:41:33.0208 4968 usb_rndisx - ok
19:41:33.0240 4968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:41:33.0302 4968 UxSms - ok
19:41:33.0318 4968 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:41:33.0333 4968 VaultSvc - ok
19:41:33.0349 4968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:41:33.0380 4968 vdrvroot - ok
19:41:33.0396 4968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:41:33.0490 4968 vds - ok
19:41:33.0505 4968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:33.0537 4968 vga - ok
19:41:33.0552 4968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:41:33.0615 4968 VgaSave - ok
19:41:33.0615 4968 VGPU - ok
19:41:33.0630 4968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:41:33.0662 4968 vhdmp - ok
19:41:33.0677 4968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:41:33.0708 4968 viaide - ok
19:41:33.0740 4968 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:41:33.0787 4968 vmbus - ok
19:41:33.0802 4968 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:41:33.0833 4968 VMBusHID - ok
19:41:33.0849 4968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:41:33.0880 4968 volmgr - ok
19:41:33.0880 4968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:41:33.0912 4968 volmgrx - ok
19:41:33.0927 4968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:41:33.0958 4968 volsnap - ok
19:41:33.0990 4968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:41:34.0021 4968 vsmraid - ok
19:41:34.0083 4968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:41:34.0177 4968 VSS - ok
19:41:34.0193 4968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:41:34.0240 4968 vwifibus - ok
19:41:34.0255 4968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:41:34.0333 4968 W32Time - ok
19:41:34.0349 4968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:41:34.0380 4968 WacomPen - ok
19:41:34.0412 4968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:41:34.0490 4968 WANARP - ok
19:41:34.0490 4968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:41:34.0537 4968 Wanarpv6 - ok
19:41:34.0599 4968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:41:34.0662 4968 wbengine - ok
19:41:34.0693 4968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:41:34.0724 4968 WbioSrvc - ok
19:41:34.0740 4968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:41:34.0802 4968 wcncsvc - ok
19:41:34.0818 4968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:41:34.0849 4968 WcsPlugInService - ok
19:41:34.0880 4968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:41:34.0912 4968 Wd - ok
19:41:34.0958 4968 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:41:35.0021 4968 Wdf01000 - ok
19:41:35.0037 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:41:35.0099 4968 WdiServiceHost - ok
19:41:35.0099 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:41:35.0130 4968 WdiSystemHost - ok
19:41:35.0146 4968 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:41:35.0208 4968 WebClient - ok
19:41:35.0240 4968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:41:35.0302 4968 Wecsvc - ok
19:41:35.0318 4968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:41:35.0380 4968 wercplsupport - ok
19:41:35.0396 4968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:41:35.0443 4968 WerSvc - ok
19:41:35.0458 4968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:41:35.0521 4968 WfpLwf - ok
19:41:35.0537 4968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:41:35.0568 4968 WIMMount - ok
19:41:35.0583 4968 WinDefend - ok
19:41:35.0583 4968 WinHttpAutoProxySvc - ok
19:41:35.0630 4968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:41:35.0693 4968 Winmgmt - ok
19:41:35.0755 4968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:41:35.0849 4968 WinRM - ok
19:41:35.0896 4968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:41:35.0927 4968 WinUsb - ok
19:41:35.0958 4968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:41:36.0021 4968 Wlansvc - ok
19:41:36.0052 4968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:41:36.0068 4968 WmiAcpi - ok
19:41:36.0099 4968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:41:36.0130 4968 wmiApSrv - ok
19:41:36.0162 4968 WMPNetworkSvc - ok
19:41:36.0193 4968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:41:36.0208 4968 WPCSvc - ok
19:41:36.0224 4968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:41:36.0271 4968 WPDBusEnum - ok
19:41:36.0287 4968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:41:36.0333 4968 ws2ifsl - ok
19:41:36.0349 4968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:41:36.0396 4968 wscsvc - ok
19:41:36.0412 4968 WSearch - ok
19:41:36.0505 4968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:41:36.0568 4968 wuauserv - ok
19:41:36.0615 4968 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:41:36.0662 4968 WudfPf - ok
19:41:36.0693 4968 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:41:36.0708 4968 WUDFRd - ok
19:41:36.0724 4968 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:41:36.0771 4968 wudfsvc - ok
19:41:36.0802 4968 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:41:36.0833 4968 WwanSvc - ok
19:41:36.0880 4968 ================ Scan global ===============================
19:41:36.0896 4968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:41:36.0927 4968 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:41:36.0943 4968 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:41:36.0974 4968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:41:36.0990 4968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:41:36.0990 4968 [Global] - ok
19:41:36.0990 4968 ================ Scan MBR ==================================
19:41:37.0005 4968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:41:37.0255 4968 \Device\Harddisk1\DR1 - ok
19:41:37.0255 4968 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:41:37.0708 4968 \Device\Harddisk0\DR0 - ok
19:41:37.0708 4968 ================ Scan VBR ==================================
19:41:37.0708 4968 [ 980AC4428AE3267021C53A12EF9EF052 ] \Device\Harddisk1\DR1\Partition1
19:41:37.0708 4968 \Device\Harddisk1\DR1\Partition1 - ok
19:41:37.0724 4968 [ 0AA1F3E95933AD0589D452C567DBBFFC ] \Device\Harddisk1\DR1\Partition2
19:41:37.0724 4968 \Device\Harddisk1\DR1\Partition2 - ok
19:41:37.0724 4968 [ CD71B2DA44501A298CBC34BB237B5754 ] \Device\Harddisk0\DR0\Partition1
19:41:37.0724 4968 \Device\Harddisk0\DR0\Partition1 - ok
19:41:37.0724 4968 ============================================================
19:41:37.0724 4968 Scan finished
19:41:37.0724 4968 ============================================================
19:41:37.0755 2552 Detected object count: 0
19:41:37.0755 2552 Actual detected object count: 0

Der Upload über den UpChannel hat problemlos geklappt, sollte ich dich dran erinnern

markusg · 15.12.2012, 19:43

Kannst du mir nen Gefallen tun, und den Upload noch mal machen, hab die Datei versehens gelöscht :-(

Treblig · 15.12.2012, 19:49

Jopp, habs gerade nochmal hochgeladen

markusg · 15.12.2012, 20:25

Danke dir :-)
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Treblig · 16.12.2012, 08:22

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-12-14.01 - Gilbert 16.12.2012   7:44.1.4 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.49.1031.18.4095.2471 [GMT 1:00]
ausgeführt von:: c:\users\Gilbert\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-16 bis 2012-12-16  ))))))))))))))))))))))))))))))
.
.
2012-12-16 06:57 . 2012-12-16 06:57	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-12-16 06:57 . 2012-12-16 06:57	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-15 04:31 . 2012-12-15 13:21	--------	d-----w-	C:\_OTL
2012-12-14 14:11 . 2012-12-14 17:15	--------	d-----w-	c:\users\Gilbert\AppData\Local\Unity
2012-12-14 13:23 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C818B5E-87E2-41EF-A52C-D4240EAF69B7}\mpengine.dll
2012-12-13 13:13 . 2012-11-09 05:45	2048	----a-w-	c:\windows\system32\tzres.dll
2012-12-13 13:12 . 2012-10-04 17:38	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-09 12:53 . 2012-12-09 14:01	--------	d-----w-	c:\programdata\tmp
2012-12-09 12:53 . 2012-12-09 12:53	--------	d-----w-	c:\programdata\hps
2012-12-09 12:45 . 2012-12-14 17:14	--------	d-----w-	c:\program files (x86)\OnlineFotoservice
2012-11-25 13:43 . 2012-11-25 13:43	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2012-11-19 13:28 . 2012-09-24 22:16	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-17 08:47 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-17 08:47 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-17 08:47 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-17 08:47 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-17 08:38 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-17 08:38 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-17 08:38 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-17 08:38 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-17 08:38 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-17 08:38 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-17 08:38 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 14:59 . 2011-10-10 15:51	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-10-30 11:57 . 2012-10-30 11:57	796672	----a-w-	c:\windows\SysWow64\cttrwr.dll
2012-10-27 07:26 . 2012-01-29 13:53	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2012-10-23 18:19 . 2012-10-23 18:19	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-23 18:19 . 2011-11-23 16:38	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-11-28 13:25	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 13:25	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 13:25	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-10 19:24 . 2012-10-26 17:24	52584	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-10-10 19:23 . 2012-10-10 19:23	247144	----a-w-	c:\windows\system32\nvinitx.dll
2012-10-10 19:23 . 2012-10-10 19:23	1867112	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 19:23 . 2012-10-10 19:23	18252136	----a-w-	c:\windows\system32\nvd3dumx.dll
2012-10-10 19:23 . 2012-10-10 19:23	1482600	----a-w-	c:\windows\system32\nvdispgenco64.dll
2012-10-10 19:23 . 2012-10-10 19:23	6127464	----a-w-	c:\windows\SysWow64\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23	2574696	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2012-10-10 19:23 . 2012-10-10 19:23	25256296	----a-w-	c:\windows\system32\nvcompiler.dll
2012-10-10 19:23 . 2012-10-10 19:23	831848	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2012-10-10 19:23 . 2012-10-10 19:23	202600	----a-w-	c:\windows\SysWow64\nvinit.dll
2012-10-10 19:23 . 2012-10-10 19:23	7414632	----a-w-	c:\windows\system32\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23	2731880	----a-w-	c:\windows\system32\nvapi64.dll
2012-10-10 19:23 . 2012-10-26 17:24	60776	----a-w-	c:\windows\system32\OpenCL.dll
2012-10-10 19:23 . 2012-10-10 19:23	973672	----a-w-	c:\windows\system32\nvumdshimx.dll
2012-10-10 19:23 . 2012-10-10 19:23	14922600	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-10-10 19:23 . 2012-10-10 19:23	9146728	----a-w-	c:\windows\system32\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23	7697768	----a-w-	c:\windows\SysWow64\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23	2218344	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-10-10 19:23 . 2012-10-10 19:23	12501352	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 19:22 . 2012-10-10 19:22	2428776	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-10-10 19:22 . 2012-10-10 19:22	26331496	----a-w-	c:\windows\system32\nvoglv64.dll
2012-10-10 19:22 . 2012-10-10 19:22	1760104	----a-w-	c:\windows\system32\nvdispco64.dll
2012-10-10 19:22 . 2012-10-10 19:22	15309160	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-10-10 19:22 . 2012-10-10 19:22	2747240	----a-w-	c:\windows\system32\nvcuvid.dll
2012-10-10 19:22 . 2012-10-10 19:22	19906920	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2012-10-10 19:22 . 2012-10-10 19:22	13443944	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 19:22 . 2012-10-10 19:22	17559912	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2012-10-04 16:40 . 2012-12-13 13:13	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-10-02 19:51 . 2012-10-26 17:25	3536817	----a-w-	c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-10-26 17:25	3293544	----a-w-	c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-10-26 17:25	6200680	----a-w-	c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-10-26 17:25	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-10-26 17:25	891240	----a-w-	c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-10-26 17:25	2557800	----a-w-	c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-10-26 17:25	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-10-02 11:15 . 2012-10-02 11:15	430952	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-09-28 18:23 . 2012-09-13 12:39	821736	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-09-28 18:23 . 2012-01-03 16:24	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phonostar-PlayerTimer"="c:\program files (x86)\phonostar-Player\phonostarTimer.exe" [2012-04-03 41472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-05-27 413696]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2012-02-06 296056]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-28 1406248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-06-09 13352]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\DRIVERS\hcwhdpvr.sys [2011-07-28 183168]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Gilbert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\apl7gg85.default\
FF - ExtSQL: 2012-11-07 11:06; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\apl7gg85.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-ArcSoft Connection Service - c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Wow6432Node-HKLM-Run-WinCast - e:\cdsetup\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-16  08:19:59
ComboFix-quarantined-files.txt  2012-12-16 07:19
.
Vor Suchlauf: 10 Verzeichnis(se), 414.500.605.952 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 414.141.353.984 Bytes frei
.
- - End Of File - - 0E55FDB35EF5FA5EA0F3EA7F61A741BC

--- --- ---

markusg · 16.12.2012, 17:36

Läuft das Sicherheitscenter wieder?
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Treblig · 17.12.2012, 08:00

Morgen,
also ob der Trojaner nun weg ist, weiß ich nicht.
Das Sicherheitscenter scheint aber wieder zu laufen, kann ich das irgendwo nachgucken ? Zumindest ist unten rechts bei dem Symbol kein X mehr da und es wird nicht mehr angezeigt das das Center deaktiviert ist. Nun steht doch ich solle doch mit Windows Defender den PC überprüfen lassen. Soll ich dies tun ?
Zurzeit lasse ich Maylwarebytes komplettt durchsuchen

Grüße
Gilbert

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.17.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gilbert :: GILBERT-PC [Administrator]

17.12.2012 07:34:52
mbam-log-2012-12-17 (07-34-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 553648
Laufzeit: 1 Stunde(n), 26 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

markusg · 17.12.2012, 11:08

Hi,
ja, kannst ihn ja laufen lassen, poste dann die Funde, falls es welche gibt, ich nems aber nicht an :-)
Danach:
lade den CCleaner standard:
CCleaner Download - CCleaner 3.25.1872
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Treblig · 17.12.2012, 11:33

Okay, Trojaner dürfte dann weg sein

Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 23.11.2011 6,00MB 11.1.102.55 -> Notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 23.10.2012 6,00MB 11.4.402.287 -> Notwendig
Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 27.10.2012 122MB 10.1.4 -> Notwendig
ArcSoft TotalMedia Extreme ArcSoft 21.04.2012 2.0.45.12 -> Notwendig
Avira Free Antivirus Avira 14.11.2012 105MB 12.1.9.1236 -> Notwendig
Bridge Builder 2 Halycon Media 30.10.2012 -> Notwendig
CANON iMAGE GATEWAY MyCamera Download Plugin Canon Inc. 20.06.2012 3.1.1.2 -> Notwendig
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 20.06.2012 1.9.0.9 -> Notwendig
Canon MOV Decoder Canon Inc. 20.06.2012 1.8.0.7 -> Notwendig
Canon MOV Encoder Canon Inc. 20.06.2012 1.6.0.1 -> Notwendig
Canon MovieEdit Task for ZoomBrowser EX Canon Inc. 20.06.2012 3.7.0.4 -> Notwendig
Canon Utilities Digital Photo Professional 3.10 Canon Inc. 20.06.2012 3.10.2.0 -> Notwendig
Canon Utilities EOS Utility Canon Inc. 20.06.2012 2.10.2.0 -> Notwendig
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX Canon Inc. 20.06.2012 1.0.0.10 -> Notwendig
Canon Utilities PhotoStitch Canon Inc. 20.06.2012 3.1.22.46 -> Notwendig
Canon Utilities Picture Style Editor Canon Inc. 20.06.2012 1.9.0.0 -> Notwendig
Canon Utilities ZoomBrowser EX Canon Inc. 20.06.2012 6.7.0.24 -> Notwendig
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 20.06.2012 1.5.0.9 -> Notwendig
CCleaner Piriform 25.11.2012 3.25 -> Notwendig / Unnötig ?
CyberLink PhotoNow CyberLink Corp. 18.01.2012 20,8MB 1.1.6622 -> Notwendig
CyberLink PowerDirector CyberLink Corp. 18.01.2012 326MB 8.0.1930 -> Notwendig
Eisenbahn.exe Professional 6.0 Trend 13.03.2012 6.00.0000 -> Notwendig
Euro Truck Simulator 2 SCS Software 25.10.2012 1,59GB 1.0.2 -> Notwendig
Fraps (remove only) 12.03.2012 -> Unnötig
Free YouTube to MP3 Converter version 3.11.35.1031 DVDVideoSoft Ltd. 07.11.2012 61,9MB 3.11.35.1031 -> Unnötig
Google Earth Google 19.05.2012 108MB 6.2.2.6613 -> Notwendig
ICQ7.7 ICQ 23.11.2011 7.7 -> Notwendig
IndustrieGigant 2 - Addon JoWooD Productions Software AG 10.12.2011 572MB 2.0.0 -> Notwendig
Java 7 Update 9 Oracle 28.09.2012 128MB 7.0.90 -> Notwendig
Java(TM) 6 Update 35 Oracle 13.09.2012 95,7MB 6.0.350 -> Notwendig
Logitech SetPoint 6.32 Logitech 29.01.2012 39,0MB 6.32.20 -> Notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 10.10.2011 38,8MB 4.0.30319 -> Notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 10.10.2011 2,93MB 4.0.30319 -> Notwendig
Microsoft Office Professional Plus 2010 Microsoft Corporation 24.11.2011 14.0.6029.1000 -> Notwendig
Microsoft Silverlight Microsoft Corporation 09.05.2012 80,3MB 4.1.10329.0 -> Notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 24.01.2012 260KB 8.0.50727.4053 -> Notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 250KB 8.0.50727.4053 -> Notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 22.12.2011 300KB 8.0.59193 -> Notwendig
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 23.11.2011 708KB 8.0.61000 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 29.01.2012 788KB 9.0.30729 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 30.01.2012 788KB 9.0.30729.6161 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 09.12.2012 234KB 9.0.30729 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 23.11.2011 596KB 9.0.30729 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 28.07.2012 224KB 9.0.30729.4148 -> Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 25.11.2011 600KB 9.0.30729.6161 -> Notwendig
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 25.11.2011 12,2MB 10.0.40219 -> Notwendig
MozBackup 1.5.1 Pavel Cvrcek 23.11.2011 -> Notwendig
Mozilla Firefox 17.0.1 (x86 de) Mozilla 07.12.2012 46,8MB 17.0.1 -> Notwendig
Mozilla Maintenance Service Mozilla 07.12.2012 329KB 17.0.1 -> Notwendig
Mozilla Thunderbird 17.0 (x86 de) Mozilla 25.11.2012 41,9MB 17.0 -> Notwendig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 29.07.2012 1,27MB 4.20.9870.0 -> Unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 29.07.2012 1,33MB 4.20.9876.0 -> Unbekannt
Nero BackItUp 10 Nero AG 28.07.2012 109MB 5.6.11000.11.100 -> Notwendig
Nero Burning ROM 10 Nero AG 28.07.2012 167MB 10.2.11000.12.100 -> Notwendig
Nero BurnRights 10 Nero AG 28.07.2012 6,14MB 4.2.10300.0.102 -> Unnötig
Nero CoverDesigner 10 Nero AG 28.07.2012 77,4MB 5.2.10700.7.100 -> Unnötig
Nero DiscSpeed 10 Nero AG 28.07.2012 7,21MB 6.2.10300.1.100 -> Unnötig
Nero Express 10 Nero AG 28.07.2012 164MB 10.2.11100.12.100 -> Notwendig
Nero InfoTool 10 Nero AG 28.07.2012 8,06MB 7.2.10300.5.100 -> Unnötig
Nero MediaHub 10 Nero AG 28.07.2012 179MB 1.2.12300.27.100 -> Unnötig
Nero Multimedia Suite 10 Nero AG 28.07.2012 1,55GB 10.5.10500 -> Unnötig
Nero Recode 10 Nero AG 28.07.2012 92,2MB 4.8.10400.3.100 -> Unnötig
Nero RescueAgent 10 Nero AG 28.07.2012 6,53MB 3.2.10600.7.100 -> Unnötig
Nero SoundTrax 10 Nero AG 28.07.2012 95,0MB 4.8.10200.1.100 -> Unnötig
Nero StartSmart 10 Nero AG 28.07.2012 143MB 10.2.11100.10.100 -> Unnötig
Nero Update Nero AG 28.07.2012 1,43MB 1.0.0018 -> Unnötig
Nero Vision 10 Nero AG 28.07.2012 223MB 7.2.14700.9.100 -> Unnötig
Nero WaveEditor 10 Nero AG 28.07.2012 76,4MB 5.8.10400.2.100 -> Unnötig
NVIDIA 3D Vision Treiber 306.97 NVIDIA Corporation 26.10.2012 306.97 -> Notwendig
NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 26.10.2012 306.97 -> Notwendig
NVIDIA Update 1.10.8 NVIDIA Corporation 26.10.2012 1.10.8 -> Notwendig
phonostar-Player Version 3.02.6 12.06.2012 42,8MB -> Notwendig
Picasa 3 Google, Inc. 23.11.2011 3.8 -> Notwendig
Pinnacle Video Treiber Pinnacle Systems 18.01.2012 2,73MB 12.1.0.030 -> Notwendig
QuickTime Apple Inc. 23.11.2011 77,8MB 7.50.61.0 -> Unnötig
RealPlayer RealNetworks 06.02.2012 -> Unnötig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 23.11.2011 6.0.1.6482 -> Notwendig
Skype Click to Call Skype Technologies S.A. 31.05.2012 13,7MB 5.10.9560 -> Unbekannt
Skype™ 5.10 Skype Technologies S.A. 21.07.2012 19,2MB 5.10.116 -> Notwendig
Sony Ericsson Update Engine Sony Ericsson Communications AB 09.06.2012 2.12.6.63 -> Notwendig
Sony Image Data Suite Sony Corporation 05.12.2011 3.2.00.15160 -> Notwendig
Sony PC Companion 2.10.079 Sony 03.07.2012 19,3MB 2.10.079 -> Notwendig
Transport Gigant GOLD UIG GmbH 21.03.2012 1,01GB -> Notwendig
VLC media player 1.1.11 VideoLAN 23.11.2011 1.1.11 -> Notwendig
Windows Media Player Firefox Plugin Microsoft Corp 26.11.2011 296KB 1.0.0.8 -> Notwendig
WinRAR 4.01 (64-Bit) win.rar GmbH 06.12.2011 4.01.0 -> Notwendig
Zusi 2.4 Carsten Hoelscher 11.03.2012 2.4 -> Notwendig

Kann ich den CCleaner, TDSS Killer, OTL , Combofix usw. eigentlich nun löschen / deeinstallieren und die Textdateien davon auch entfernen ?

Auf der 2. Festplatte habe ich noch so einen komischen Ordner namens "$RECYCLE.BIN" was ist das für ein Ordner ??

markusg · 17.12.2012, 18:15

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Fraps
Free YouTube
Java : alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
RealPlayer
Immer mit der Ruhe, wir löschen schon alles :-)
die Logs kannst du löschen, den CCleaner würde ich behalten und von Zeit zu Zeit nutzen.
Der Ordner ist der Papierkorb

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste
mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Treblig · 17.12.2012, 19:03

Alles klar, Vielen Dank schonmal für deine Hilfe !!

# AdwCleaner v2.101 - Datei am 17/12/2012 um 19:02:02 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : Gilbert - GILBERT-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Gilbert\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default
Datei : C:\Users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\apl7gg85.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [847 octets] - [17/12/2012 19:02:02]

########## EOF - C:\AdwCleaner[R1].txt - [906 octets] ##########

# Ausgeführt unter : C:\Users\Gilbert\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default
Datei : C:\Users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\apl7gg85.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [847 octets] - [17/12/2012 19:02:02]

########## EOF - C:\AdwCleaner[R1].txt - [906 octets] ##########

15.12.2012, 19:43	#6
markusg /// Malware-holic	Der Windows Sicherheitcenterdienst kann nicht gestartet werden Kannst du mir nen Gefallen tun, und den Upload noch mal machen, hab die Datei versehens gelöscht :-( __________________ --> Der Windows Sicherheitcenterdienst kann nicht gestartet werden

Der Windows Sicherheitcenterdienst kann nicht gestartet werden

Plagegeister aller Art und deren Bekämpfung: Der Windows Sicherheitcenterdienst kann nicht gestartet werden