Trojaner - Sicherheitscenter oder Treiber wird deaktiviert

Hannem · 22.01.2013, 11:03

Hallo,

Habe eine lange Leidensgeschichte.

Nun, ich downloade viel, früher vor allem, es scheint mir so als ob ich mir damals die Viren eingefangen habe, 1 Jahr ca. her oder vom vielen Filme schauen, auch einige Monate her.

Doch es fing erst ca vor 2 Wochen an. Mein Email Account wurde gehackt. Seitdem habe ich vieles versucht. Viele neue Software , Sicherheitsoftware geladen. Nicht hilft wirklich.

Mein Computer stürzt immer wieder ab. Eine Fehlermeldung erhalte ich kurz davor:
Sicherheitscenter deaktiviert.
Manchmal kommt auch die Fehlermeldung: Antreiber deaktiviert und mein Computer stürzt ab.

Was mir wichtig ist.

Ich will zumindest alle meine Dateien, ca 150Gb, größtenteils handelt es sich um Programme, Filme, Bücher sichern.
Dazu alle meine Lesezeichen, da ich für beide Jahrelang Zeit investiert habe.

Folgende Probleme:
a.
Ich habe pro Monat nur 25 Gb, wie sichere ich meine Daten ab um diese nach dem aufsetzen wieder zu übernehmen?
b.
Wie surfe ich sicher? Linux Browser aber Windowssystem?
Ich brauche nur das Internet.
c.
Wie downloade ich sicher?
Wenn ich zb. Ein Torrent ziehe kann ich zwar den Link kontrollieren aber nicht dessen Inhalt welches gedownloadet wird.
d.
Ist ein wiederherstellen meines Laptops noch möglich? Muss ich neu aufsetzen?
e.
Welche Methoden empfiehlst du mir, um mir diesen Ärger in Zukunft zu ersparen?
d.
Ich habe schon mehrfach Viren bzw. Trojaner gefunden und gelöscht. Adaware spürte sie damals auf.
Darunter:
trojaWare.win32.pkdMorphine.ungefährAn@95958456

lg

markusg · 22.01.2013, 11:50

Hi
keine torrents laden, keine illegalen streams nutzen usw. dann bist du sicher.
mehr empfehlungen wie du dir torrents lädst, bekommst du hier nicht.
Datensicherung:
gesichert werden nur Bilder, Dokumente, Musik, videos, keine Programme, keine ausführbaren dateien.
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

Hannem · 22.01.2013, 12:00

hi,

5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.

Was meinst du damit genau?

Meine Programme lassen sich also nicht retten?

In Zukunft die Finger davon zu lassen hört sich sehr vernünftig an.
Würde es auch gehen, wenn ich mir einen neuen Computer kaufe und diesen nur noch zum Bücher lesen, Filme anschauen verwende.

Du weißt nicht welche Bedeutung diese Bücher und Programme für mich haben. Leider.

Demnach würde ich mit diesem Laptop offline gehen und auch nicht mehr online sein.

lg

markusg · 22.01.2013, 12:01

hi,
die bücher kannst du sichern, die filme auch.
zur prüfung der Daten wollte ich später kommen.
du kannst das Gerät schon wieder online bringen, nach dem wir es neu aufgesetzt haben.
Programme bzw ganze instalationen lassen sich eh nicht sichern, und instalationsdateien sichert man aus sicherheitsgründen nicht mit.

Hannem · 22.01.2013, 12:08

Hi,

Ich weiß leider nicht genau was du damit meinst:
Programme bzw ganze instalationen lassen sich eh nicht sichern, und instalationsdateien sichert man aus sicherheitsgründen

Wichtig ist mir folgendes:

Ich würde gerne einige Programme sichern:
Damit sind Programme gemeint wie 7 Speed Reading Software.

Ich weiß nicht was du damit genau meinst?
Microsoft Office wird sich wohl schwer sichern lassen.

lg

Letzte Frage: (Da ich wegen der Prüfung im Lernstress bin und mich wohl etwas später darum kümmern werde.) Ich habe keine externe Festplatte, geht es auch ohne?

lg

markusg · 22.01.2013, 12:19

hi
du kannst keine ganzen instalationen sichern, und da du torrents nutzt und daher die herkunft deiner Programme zweifelhalft ist, solltest du keine setups sichern.
na, du brauchst schon irgend nen datenträger, wo du das zeug speichers.

Hannem · 22.01.2013, 12:45

Leider weiß ich immer noch nicht was du mit ganze Installationen meinst.

Ja, ich werde mir mit meinem nächsten Bafog eine externe Festplatte kaufen.

Was bedeutet "setup" welche ich nicht sichern darf.

Wie soll ich überprüfen ob nicht doch Trojaner oder dergleichen in meinen Daten sind?
Die meisten sind aus sehr sicherer Quelle, bei älteren bin ich mir unsicher.
Desweiteren verwende ich keine Torrents mehr bzw. werde es vermeiden da es den Stress nicht wert ist.

Soll ich in Zukunft nicht einfach Linux-Browser verwenden und die Sache passiert mir nicht mehr. Diese soll ja sehr sicher sein gegenüber Viren etc.
Ps.
Wie erlerne ich selber ein Experte in diesem Gebiet zu werden?

lg

markusg · 22.01.2013, 13:15

hi
ich meine mit ganze instalationen, das du nicht einen ordner aus programme, oder den ganzen programme ordner sichern kannst, denn die fertig instalierten programme laufen nicht mehr, wenn du sie wieder auf ein anderes System kopierst.
die Daten können wir prüfen, wenn das system neu aufgesetzt und abgesichert ist.
was meinst du mit linux browser.
du kannst dein System komplett auf linux umstellen, dann laufen aber keine Spiele mehr. aber auch unter windows kannst du einiges tu, dazu aber nach der Datensicherung

wir bieten ne ausbildung:
http://www.trojaner-board.de/88896-a...ner-board.html

Hannem · 22.01.2013, 13:28

Hi,

Ich meine sowas wie das hier:

BrowserLinux 501

Also dies bedeutet, Programme muss ich neu installieren

Datensicherung geht bei mir dann leider erst ab dem 7. Februar, wenn ich mein Geld habe.
Melde mich dann, hoffe dass mein Laptop bis dahin noch funktioniert.
Tipps dazu?

lg
Ps.
Für die Ausbildung bin ich interessiert. Muss mir nur die Zeit dafür genau einteilen bevor man sich für so etwas entscheidet. Wenn dann richtig machen.

markusg · 22.01.2013, 13:37

den Browser kenn ich nicht, aber da geht auch jeder Andere.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten

Hannem · 22.01.2013, 15:34

Hallo,

Eine Gefahr wurde gefunden.

Wie poste ich den Log?

lg

15:31:14.0088 6764 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:31:14.0442 6764 ============================================================
15:31:14.0442 6764 Current date / time: 2013/01/22 15:31:14.0442
15:31:14.0442 6764 SystemInfo:
15:31:14.0442 6764
15:31:14.0443 6764 OS Version: 6.1.7601 ServicePack: 1.0
15:31:14.0443 6764 Product type: Workstation
15:31:14.0443 6764 ComputerName: SATURN-PC
15:31:14.0443 6764 UserName: saturn
15:31:14.0443 6764 Windows directory: C:\windows
15:31:14.0443 6764 System windows directory: C:\windows
15:31:14.0443 6764 Running under WOW64
15:31:14.0443 6764 Processor architecture: Intel x64
15:31:14.0443 6764 Number of processors: 4
15:31:14.0444 6764 Page size: 0x1000
15:31:14.0444 6764 Boot type: Normal boot
15:31:14.0444 6764 ============================================================
15:31:19.0114 6764 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:19.0155 6764 ============================================================
15:31:19.0155 6764 \Device\Harddisk0\DR0:
15:31:19.0161 6764 MBR partitions:
15:31:19.0161 6764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
15:31:19.0161 6764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x16600000
15:31:19.0180 6764 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x18E33000, BlocksNum 0x21552800
15:31:19.0180 6764 ============================================================
15:31:19.0238 6764 C: <-> \Device\Harddisk0\DR0\Partition2
15:31:19.0386 6764 D: <-> \Device\Harddisk0\DR0\Partition3
15:31:19.0386 6764 ============================================================
15:31:19.0387 6764 Initialize success
15:31:19.0387 6764 ============================================================
15:31:48.0688 6564 ============================================================
15:31:48.0688 6564 Scan started
15:31:48.0688 6564 Mode: Manual; SigCheck; TDLFS;
15:31:48.0688 6564 ============================================================
15:31:50.0521 6564 ================ Scan system memory ========================
15:31:50.0522 6564 System memory - ok
15:31:50.0522 6564 ================ Scan services =============================
15:31:50.0740 6564 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:31:51.0038 6564 1394ohci - ok
15:31:51.0101 6564 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:31:51.0150 6564 ACPI - ok
15:31:51.0182 6564 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:31:51.0306 6564 AcpiPmi - ok
15:31:51.0431 6564 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
15:31:51.0798 6564 Ad-Aware Service - ok
15:31:51.0906 6564 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:52.0164 6564 AdobeARMservice - ok
15:31:52.0318 6564 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:52.0615 6564 AdobeFlashPlayerUpdateSvc - ok
15:31:52.0685 6564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
15:31:52.0764 6564 adp94xx - ok
15:31:52.0817 6564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
15:31:52.0880 6564 adpahci - ok
15:31:52.0937 6564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
15:31:53.0019 6564 adpu320 - ok
15:31:53.0054 6564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:31:53.0285 6564 AeLookupSvc - ok
15:31:53.0352 6564 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
15:31:53.0450 6564 AFD - ok
15:31:53.0496 6564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
15:31:53.0549 6564 agp440 - ok
15:31:53.0581 6564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
15:31:53.0630 6564 ALG - ok
15:31:53.0658 6564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
15:31:53.0706 6564 aliide - ok
15:31:53.0725 6564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
15:31:53.0773 6564 amdide - ok
15:31:53.0808 6564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
15:31:53.0880 6564 AmdK8 - ok
15:31:53.0908 6564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
15:31:53.0990 6564 AmdPPM - ok
15:31:54.0041 6564 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:31:54.0096 6564 amdsata - ok
15:31:54.0123 6564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
15:31:54.0179 6564 amdsbs - ok
15:31:54.0202 6564 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:31:54.0255 6564 amdxata - ok
15:31:54.0314 6564 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\windows\system32\Drivers\ssadadb.sys
15:31:54.0382 6564 androidusb - ok
15:31:54.0430 6564 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
15:31:54.0648 6564 AppID - ok
15:31:54.0671 6564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:31:54.0769 6564 AppIDSvc - ok
15:31:54.0787 6564 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
15:31:54.0904 6564 Appinfo - ok
15:31:54.0999 6564 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:55.0243 6564 Apple Mobile Device - ok
15:31:55.0290 6564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
15:31:55.0351 6564 arc - ok
15:31:55.0368 6564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
15:31:55.0431 6564 arcsas - ok
15:31:55.0556 6564 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:31:55.0666 6564 aspnet_state - ok
15:31:55.0718 6564 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
15:31:55.0785 6564 aswFsBlk - ok
15:31:55.0813 6564 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
15:31:55.0883 6564 aswMonFlt - ok
15:31:55.0920 6564 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
15:31:55.0994 6564 aswRdr - ok
15:31:56.0043 6564 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys
15:31:56.0177 6564 aswSnx - ok
15:31:56.0214 6564 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys
15:31:56.0300 6564 aswSP - ok
15:31:56.0335 6564 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\windows\system32\drivers\aswTdi.sys
15:31:56.0410 6564 aswTdi - ok
15:31:56.0446 6564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:31:56.0579 6564 AsyncMac - ok
15:31:56.0628 6564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
15:31:56.0664 6564 atapi - ok
15:31:56.0758 6564 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\windows\system32\DRIVERS\athrx.sys
15:31:57.0499 6564 athr - ok
15:31:57.0562 6564 [ 0655AF77FC9D50C803CB658ACD67BEE8 ] athrusb C:\windows\system32\DRIVERS\athrxusb.sys
15:31:58.0396 6564 athrusb - ok
15:31:58.0460 6564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:31:58.0610 6564 AudioEndpointBuilder - ok
15:31:58.0627 6564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
15:31:58.0761 6564 AudioSrv - ok
15:31:58.0859 6564 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:31:58.0916 6564 avast! Antivirus - ok
15:31:58.0961 6564 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
15:31:59.0109 6564 AxInstSV - ok
15:31:59.0165 6564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
15:31:59.0246 6564 b06bdrv - ok
15:31:59.0327 6564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
15:31:59.0426 6564 b57nd60a - ok
15:31:59.0483 6564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
15:31:59.0536 6564 BDESVC - ok
15:31:59.0557 6564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
15:31:59.0655 6564 Beep - ok
15:31:59.0715 6564 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
15:31:59.0857 6564 BFE - ok
15:31:59.0917 6564 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
15:32:00.0100 6564 BITS - ok
15:32:00.0142 6564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:32:00.0230 6564 blbdrive - ok
15:32:00.0298 6564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:32:00.0400 6564 Bonjour Service - ok
15:32:00.0440 6564 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:32:00.0521 6564 bowser - ok
15:32:00.0551 6564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
15:32:00.0634 6564 BrFiltLo - ok
15:32:00.0669 6564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
15:32:00.0729 6564 BrFiltUp - ok
15:32:00.0764 6564 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
15:32:00.0819 6564 Browser - ok
15:32:00.0847 6564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:32:00.0934 6564 Brserid - ok
15:32:00.0954 6564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:32:01.0033 6564 BrSerWdm - ok
15:32:01.0063 6564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:32:01.0167 6564 BrUsbMdm - ok
15:32:01.0174 6564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:32:01.0276 6564 BrUsbSer - ok
15:32:01.0344 6564 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
15:32:01.0411 6564 BthEnum - ok
15:32:01.0439 6564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
15:32:01.0535 6564 BTHMODEM - ok
15:32:01.0577 6564 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
15:32:01.0673 6564 BthPan - ok
15:32:01.0727 6564 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
15:32:01.0803 6564 BTHPORT - ok
15:32:01.0847 6564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
15:32:01.0947 6564 bthserv - ok
15:32:01.0974 6564 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
15:32:02.0042 6564 BTHUSB - ok
15:32:02.0078 6564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:32:02.0199 6564 cdfs - ok
15:32:02.0270 6564 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:32:02.0318 6564 cdrom - ok
15:32:02.0356 6564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
15:32:02.0476 6564 CertPropSvc - ok
15:32:02.0514 6564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
15:32:02.0596 6564 circlass - ok
15:32:02.0632 6564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
15:32:02.0679 6564 CLFS - ok
15:32:02.0740 6564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:32:02.0814 6564 clr_optimization_v2.0.50727_32 - ok
15:32:02.0852 6564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:32:02.0926 6564 clr_optimization_v2.0.50727_64 - ok
15:32:02.0992 6564 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:32:03.0136 6564 clr_optimization_v4.0.30319_32 - ok
15:32:03.0159 6564 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:32:03.0205 6564 clr_optimization_v4.0.30319_64 - ok
15:32:03.0240 6564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:32:03.0303 6564 CmBatt - ok
15:32:03.0457 6564 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:32:03.0605 6564 cmdAgent - ok
15:32:03.0684 6564 [ 2D6DC31AA55BFF702519235DEF0DA68E ] cmderd C:\windows\system32\DRIVERS\cmderd.sys
15:32:03.0737 6564 cmderd - ok
15:32:03.0786 6564 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\windows\system32\DRIVERS\cmdguard.sys
15:32:03.0847 6564 cmdGuard - ok
15:32:03.0872 6564 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\windows\system32\DRIVERS\cmdhlp.sys
15:32:03.0919 6564 cmdHlp - ok
15:32:03.0952 6564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
15:32:04.0002 6564 cmdide - ok
15:32:04.0040 6564 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
15:32:04.0125 6564 CNG - ok
15:32:04.0148 6564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:32:04.0201 6564 Compbatt - ok
15:32:04.0230 6564 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
15:32:04.0330 6564 CompositeBus - ok
15:32:04.0350 6564 COMSysApp - ok
15:32:04.0470 6564 cpuz132 - ok
15:32:04.0496 6564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
15:32:04.0551 6564 crcdisk - ok
15:32:04.0596 6564 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
15:32:04.0672 6564 CryptSvc - ok
15:32:04.0733 6564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
15:32:04.0872 6564 DcomLaunch - ok
15:32:04.0925 6564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
15:32:05.0070 6564 defragsvc - ok
15:32:05.0118 6564 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:32:05.0236 6564 DfsC - ok
15:32:05.0276 6564 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
15:32:05.0352 6564 Dhcp - ok
15:32:05.0372 6564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
15:32:05.0495 6564 discache - ok
15:32:05.0534 6564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
15:32:05.0576 6564 Disk - ok
15:32:05.0607 6564 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:32:05.0660 6564 Dnscache - ok
15:32:05.0696 6564 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
15:32:05.0822 6564 dot3svc - ok
15:32:05.0847 6564 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
15:32:05.0970 6564 DPS - ok
15:32:06.0003 6564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:32:06.0094 6564 drmkaud - ok
15:32:06.0150 6564 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:32:06.0220 6564 DXGKrnl - ok
15:32:06.0259 6564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
15:32:06.0388 6564 EapHost - ok
15:32:06.0485 6564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
15:32:06.0654 6564 ebdrv - ok
15:32:06.0696 6564 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
15:32:06.0742 6564 EFS - ok
15:32:06.0813 6564 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:32:06.0957 6564 ehRecvr - ok
15:32:06.0981 6564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
15:32:07.0057 6564 ehSched - ok
15:32:07.0107 6564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
15:32:07.0178 6564 elxstor - ok
15:32:07.0193 6564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
15:32:07.0279 6564 ErrDev - ok
15:32:07.0344 6564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
15:32:07.0479 6564 EventSystem - ok
15:32:07.0543 6564 [ 8ADACFFAD67394C711698EA074CE3BAB ] ewusbnet C:\windows\system32\DRIVERS\ewusbnet.sys
15:32:07.0655 6564 ewusbnet - ok
15:32:07.0684 6564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
15:32:07.0807 6564 exfat - ok
15:32:07.0834 6564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
15:32:07.0955 6564 fastfat - ok
15:32:08.0007 6564 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
15:32:08.0084 6564 Fax - ok
15:32:08.0122 6564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
15:32:08.0205 6564 fdc - ok
15:32:08.0247 6564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
15:32:08.0380 6564 fdPHost - ok
15:32:08.0403 6564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
15:32:08.0550 6564 FDResPub - ok
15:32:08.0575 6564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:32:08.0626 6564 FileInfo - ok
15:32:08.0647 6564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:32:08.0754 6564 Filetrace - ok
15:32:08.0773 6564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
15:32:08.0827 6564 flpydisk - ok
15:32:08.0856 6564 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:32:08.0903 6564 FltMgr - ok
15:32:08.0963 6564 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
15:32:09.0068 6564 FontCache - ok
15:32:09.0140 6564 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:32:09.0370 6564 FontCache3.0.0.0 - ok
15:32:09.0383 6564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:32:09.0420 6564 FsDepends - ok
15:32:09.0464 6564 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
15:32:09.0529 6564 fssfltr - ok
15:32:09.0557 6564 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:32:09.0594 6564 Fs_Rec - ok
15:32:09.0641 6564 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:32:09.0691 6564 fvevol - ok
15:32:09.0710 6564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
15:32:09.0751 6564 gagp30kx - ok
15:32:09.0820 6564 [ E80C14B9C6E5B57BB7710B356857A964 ] gfiark C:\windows\system32\drivers\gfiark.sys
15:32:09.0875 6564 gfiark - ok
15:32:09.0931 6564 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\windows\system32\drivers\gfibto.sys
15:32:09.0986 6564 gfibto - ok
15:32:10.0030 6564 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
15:32:10.0172 6564 gpsvc - ok
15:32:10.0263 6564 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:32:10.0301 6564 gupdate - ok
15:32:10.0355 6564 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:32:10.0391 6564 gupdatem - ok
15:32:10.0424 6564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:32:10.0510 6564 hcw85cir - ok
15:32:10.0557 6564 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:32:10.0640 6564 HdAudAddService - ok
15:32:10.0674 6564 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
15:32:10.0749 6564 HDAudBus - ok
15:32:10.0774 6564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
15:32:10.0854 6564 HidBatt - ok
15:32:10.0878 6564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
15:32:10.0947 6564 HidBth - ok
15:32:10.0965 6564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
15:32:11.0041 6564 HidIr - ok
15:32:11.0079 6564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
15:32:11.0234 6564 hidserv - ok
15:32:11.0287 6564 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
15:32:11.0341 6564 HidUsb - ok
15:32:11.0377 6564 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
15:32:11.0513 6564 hkmsvc - ok
15:32:11.0545 6564 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:32:11.0614 6564 HomeGroupListener - ok
15:32:11.0658 6564 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:32:11.0739 6564 HomeGroupProvider - ok
15:32:11.0763 6564 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:32:11.0802 6564 HpSAMD - ok
15:32:11.0849 6564 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:32:11.0993 6564 HTTP - ok
15:32:12.0067 6564 [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
15:32:12.0137 6564 hwdatacard - ok
15:32:12.0167 6564 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:32:12.0203 6564 hwpolicy - ok
15:32:12.0242 6564 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\windows\system32\DRIVERS\ewusbdev.sys
15:32:12.0344 6564 hwusbdev - ok
15:32:12.0398 6564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
15:32:12.0453 6564 i8042prt - ok
15:32:12.0498 6564 [ A5F72BB0D024E7E463344105BE613AE4 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:32:12.0554 6564 iaStor - ok
15:32:12.0595 6564 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:32:12.0660 6564 iaStorV - ok
15:32:12.0714 6564 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:32:12.0827 6564 idsvc - ok
15:32:12.0993 6564 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
15:32:13.0305 6564 igfx - ok
15:32:13.0341 6564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
15:32:13.0397 6564 iirsp - ok
15:32:13.0443 6564 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
15:32:13.0587 6564 IKEEXT - ok
15:32:13.0643 6564 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
15:32:13.0726 6564 Impcd - ok
15:32:13.0794 6564 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\windows\system32\DRIVERS\inspect.sys
15:32:13.0839 6564 inspect - ok
15:32:13.0927 6564 [ 801946CE25DD2179FE68599826B0BB88 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:32:14.0188 6564 IntcAzAudAddService - ok
15:32:14.0205 6564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
15:32:14.0265 6564 intelide - ok
15:32:14.0314 6564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:32:14.0379 6564 intelppm - ok
15:32:14.0421 6564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:32:14.0532 6564 IPBusEnum - ok
15:32:14.0570 6564 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:32:14.0681 6564 IpFilterDriver - ok
15:32:14.0725 6564 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:32:14.0795 6564 iphlpsvc - ok
15:32:14.0814 6564 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:32:14.0903 6564 IPMIDRV - ok
15:32:14.0944 6564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:32:15.0084 6564 IPNAT - ok
15:32:15.0118 6564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
15:32:15.0175 6564 IRENUM - ok
15:32:15.0194 6564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:32:15.0240 6564 isapnp - ok
15:32:15.0272 6564 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:32:15.0338 6564 iScsiPrt - ok
15:32:15.0364 6564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:32:15.0404 6564 kbdclass - ok
15:32:15.0439 6564 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
15:32:15.0509 6564 kbdhid - ok
15:32:15.0539 6564 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
15:32:15.0588 6564 KeyIso - ok
15:32:15.0621 6564 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:32:15.0669 6564 KSecDD - ok
15:32:15.0716 6564 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:32:15.0768 6564 KSecPkg - ok
15:32:15.0785 6564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:32:15.0898 6564 ksthunk - ok
15:32:15.0938 6564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
15:32:16.0064 6564 KtmRm - ok
15:32:16.0115 6564 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
15:32:16.0235 6564 LanmanServer - ok
15:32:16.0280 6564 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:32:16.0402 6564 LanmanWorkstation - ok
15:32:16.0448 6564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:32:16.0563 6564 lltdio - ok
15:32:16.0606 6564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
15:32:16.0728 6564 lltdsvc - ok
15:32:16.0750 6564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
15:32:16.0876 6564 lmhosts - ok
15:32:16.0915 6564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
15:32:16.0987 6564 LSI_FC - ok
15:32:17.0020 6564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
15:32:17.0074 6564 LSI_SAS - ok
15:32:17.0095 6564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
15:32:17.0149 6564 LSI_SAS2 - ok
15:32:17.0175 6564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
15:32:17.0237 6564 LSI_SCSI - ok
15:32:17.0280 6564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
15:32:17.0398 6564 luafv - ok
15:32:17.0423 6564 [ 830708A5CC0A19196C1DC205BED5A3A8 ] massfilter C:\windows\system32\drivers\massfilter.sys
15:32:17.0770 6564 massfilter - ok
15:32:17.0828 6564 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:32:17.0898 6564 Mcx2Svc - ok
15:32:17.0934 6564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
15:32:17.0994 6564 megasas - ok
15:32:18.0027 6564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
15:32:18.0091 6564 MegaSR - ok
15:32:18.0148 6564 Microsoft SharePoint Workspace Audit Service - ok
15:32:18.0181 6564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
15:32:18.0331 6564 MMCSS - ok
15:32:18.0359 6564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
15:32:18.0496 6564 Modem - ok
15:32:18.0542 6564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:32:18.0613 6564 monitor - ok
15:32:18.0642 6564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:32:18.0681 6564 mouclass - ok
15:32:18.0699 6564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:32:18.0764 6564 mouhid - ok
15:32:18.0797 6564 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:32:18.0834 6564 mountmgr - ok
15:32:18.0854 6564 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
15:32:18.0910 6564 mpio - ok
15:32:18.0930 6564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:32:19.0030 6564 mpsdrv - ok
15:32:19.0074 6564 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
15:32:19.0220 6564 MpsSvc - ok
15:32:19.0246 6564 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:32:19.0320 6564 MRxDAV - ok
15:32:19.0365 6564 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:32:19.0452 6564 mrxsmb - ok
15:32:19.0493 6564 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:32:19.0546 6564 mrxsmb10 - ok
15:32:19.0567 6564 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:32:19.0613 6564 mrxsmb20 - ok
15:32:19.0640 6564 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
15:32:19.0700 6564 msahci - ok
15:32:19.0725 6564 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:32:19.0787 6564 msdsm - ok
15:32:19.0811 6564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
15:32:19.0896 6564 MSDTC - ok
15:32:19.0937 6564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:32:20.0054 6564 Msfs - ok
15:32:20.0076 6564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:32:20.0193 6564 mshidkmdf - ok
15:32:20.0228 6564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:32:20.0267 6564 msisadrv - ok
15:32:20.0314 6564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:32:20.0434 6564 MSiSCSI - ok
15:32:20.0441 6564 msiserver - ok
15:32:20.0480 6564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:32:20.0608 6564 MSKSSRV - ok
15:32:20.0629 6564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:32:20.0745 6564 MSPCLOCK - ok
15:32:20.0768 6564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:32:20.0882 6564 MSPQM - ok
15:32:20.0917 6564 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:32:20.0967 6564 MsRPC - ok
15:32:21.0004 6564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
15:32:21.0045 6564 mssmbios - ok
15:32:21.0064 6564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:32:21.0216 6564 MSTEE - ok
15:32:21.0240 6564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
15:32:21.0331 6564 MTConfig - ok
15:32:21.0369 6564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
15:32:21.0406 6564 Mup - ok
15:32:21.0444 6564 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
15:32:21.0575 6564 napagent - ok
15:32:21.0642 6564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:32:21.0730 6564 NativeWifiP - ok
15:32:21.0785 6564 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
15:32:21.0853 6564 NDIS - ok
15:32:21.0887 6564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:32:22.0006 6564 NdisCap - ok
15:32:22.0051 6564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:32:22.0152 6564 NdisTapi - ok
15:32:22.0165 6564 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:32:22.0289 6564 Ndisuio - ok
15:32:22.0322 6564 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:32:22.0459 6564 NdisWan - ok
15:32:22.0499 6564 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:32:22.0622 6564 NDProxy - ok
15:32:22.0659 6564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:32:22.0788 6564 NetBIOS - ok
15:32:22.0820 6564 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:32:22.0944 6564 NetBT - ok
15:32:22.0972 6564 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
15:32:23.0013 6564 Netlogon - ok
15:32:23.0067 6564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
15:32:23.0237 6564 Netman - ok
15:32:23.0314 6564 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:32:23.0413 6564 NetMsmqActivator - ok
15:32:23.0419 6564 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:32:23.0463 6564 NetPipeActivator - ok
15:32:23.0497 6564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
15:32:23.0635 6564 netprofm - ok
15:32:23.0668 6564 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:32:23.0711 6564 NetTcpActivator - ok
15:32:23.0717 6564 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:32:23.0758 6564 NetTcpPortSharing - ok
15:32:23.0783 6564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
15:32:23.0843 6564 nfrd960 - ok
15:32:23.0902 6564 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
15:32:23.0966 6564 NlaSvc - ok
15:32:23.0985 6564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
15:32:24.0112 6564 Npfs - ok
15:32:24.0142 6564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
15:32:24.0259 6564 nsi - ok
15:32:24.0280 6564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:32:24.0394 6564 nsiproxy - ok
15:32:24.0470 6564 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:32:24.0587 6564 Ntfs - ok
15:32:24.0611 6564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
15:32:24.0722 6564 Null - ok
15:32:24.0763 6564 [ CB599955CE2CE9694721562F9481CD84 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
15:32:24.0809 6564 NVHDA - ok
15:32:25.0118 6564 [ A518A34F345ABF771E66AC48932FFEA8 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
15:32:26.0054 6564 nvlddmkm - ok
15:32:26.0097 6564 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
15:32:26.0153 6564 nvraid - ok
15:32:26.0171 6564 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
15:32:26.0226 6564 nvstor - ok
15:32:26.0271 6564 [ 5FDEB48CD1A35C6754F6E345308B99D5 ] nvsvc C:\windows\system32\nvvsvc.exe
15:32:26.0351 6564 nvsvc - ok
15:32:26.0403 6564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:32:26.0451 6564 nv_agp - ok
15:32:26.0468 6564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:32:26.0549 6564 ohci1394 - ok
15:32:26.0631 6564 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:32:26.0666 6564 ose64 - ok
15:32:26.0838 6564 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:32:27.0157 6564 osppsvc - ok
15:32:27.0202 6564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:32:27.0287 6564 p2pimsvc - ok
15:32:27.0324 6564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
15:32:27.0402 6564 p2psvc - ok
15:32:27.0454 6564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
15:32:27.0534 6564 Parport - ok
15:32:27.0577 6564 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
15:32:27.0623 6564 partmgr - ok
15:32:27.0655 6564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
15:32:27.0722 6564 PcaSvc - ok
15:32:27.0746 6564 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
15:32:27.0793 6564 pci - ok
15:32:27.0818 6564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
15:32:27.0870 6564 pciide - ok
15:32:27.0903 6564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
15:32:27.0966 6564 pcmcia - ok
15:32:27.0984 6564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
15:32:28.0019 6564 pcw - ok
15:32:28.0053 6564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:32:28.0206 6564 PEAUTH - ok
15:32:28.0301 6564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
15:32:28.0541 6564 PerfHost - ok
15:32:28.0615 6564 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
15:32:28.0782 6564 pla - ok
15:32:28.0826 6564 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:32:28.0882 6564 PlugPlay - ok
15:32:28.0898 6564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:32:28.0964 6564 PNRPAutoReg - ok
15:32:28.0990 6564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:32:29.0041 6564 PNRPsvc - ok
15:32:29.0082 6564 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:32:29.0225 6564 PolicyAgent - ok
15:32:29.0266 6564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
15:32:29.0389 6564 Power - ok
15:32:29.0447 6564 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:32:29.0550 6564 PptpMiniport - ok
15:32:29.0566 6564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
15:32:29.0660 6564 Processor - ok
15:32:29.0705 6564 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
15:32:29.0781 6564 ProfSvc - ok
15:32:29.0803 6564 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
15:32:29.0856 6564 ProtectedStorage - ok
15:32:29.0892 6564 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:32:30.0017 6564 Psched - ok
15:32:30.0097 6564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
15:32:30.0204 6564 ql2300 - ok
15:32:30.0232 6564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
15:32:30.0292 6564 ql40xx - ok
15:32:30.0321 6564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
15:32:30.0385 6564 QWAVE - ok
15:32:30.0409 6564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:32:30.0484 6564 QWAVEdrv - ok
15:32:30.0507 6564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:32:30.0620 6564 RasAcd - ok
15:32:30.0675 6564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:32:30.0777 6564 RasAgileVpn - ok
15:32:30.0799 6564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
15:32:30.0911 6564 RasAuto - ok
15:32:30.0933 6564 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:32:31.0067 6564 Rasl2tp - ok
15:32:31.0134 6564 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
15:32:31.0286 6564 RasMan - ok
15:32:31.0312 6564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:32:31.0438 6564 RasPppoe - ok
15:32:31.0480 6564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:32:31.0605 6564 RasSstp - ok
15:32:31.0640 6564 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:32:31.0770 6564 rdbss - ok
15:32:31.0804 6564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
15:32:31.0865 6564 rdpbus - ok
15:32:31.0890 6564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:32:32.0014 6564 RDPCDD - ok
15:32:32.0058 6564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:32:32.0179 6564 RDPENCDD - ok
15:32:32.0211 6564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:32:32.0319 6564 RDPREFMP - ok
15:32:32.0365 6564 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:32:32.0440 6564 RDPWD - ok
15:32:32.0472 6564 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:32:32.0529 6564 rdyboost - ok
15:32:32.0557 6564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
15:32:32.0700 6564 RemoteAccess - ok
15:32:32.0747 6564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:32:32.0865 6564 RemoteRegistry - ok
15:32:32.0927 6564 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SysWOW64\Rezip.exe
15:32:34.0685 6564 Rezip ( UnsignedFile.Multi.Generic ) - warning
15:32:34.0685 6564 Rezip - detected UnsignedFile.Multi.Generic (1)
15:32:34.0733 6564 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
15:32:34.0808 6564 RFCOMM - ok
15:32:34.0838 6564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:32:34.0961 6564 RpcEptMapper - ok
15:32:34.0999 6564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
15:32:35.0047 6564 RpcLocator - ok
15:32:35.0071 6564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
15:32:35.0180 6564 RpcSs - ok
15:32:35.0210 6564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:32:35.0338 6564 rspndr - ok
15:32:35.0370 6564 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
15:32:35.0459 6564 RTL8167 - ok
15:32:35.0557 6564 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
15:32:35.0657 6564 rtport - ok
15:32:35.0704 6564 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
15:32:35.0779 6564 SABI - ok
15:32:35.0802 6564 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
15:32:35.0849 6564 SamSs - ok
15:32:36.0038 6564 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
15:32:36.0479 6564 SBAMSvc - ok
15:32:36.0530 6564 [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs C:\windows\system32\DRIVERS\sbapifs.sys
15:32:36.0582 6564 sbapifs - ok
15:32:36.0648 6564 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:32:36.0707 6564 sbp2port - ok
15:32:36.0746 6564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
15:32:36.0871 6564 SCardSvr - ok
15:32:36.0905 6564 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:32:37.0035 6564 scfilter - ok
15:32:37.0085 6564 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
15:32:37.0234 6564 Schedule - ok
15:32:37.0273 6564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
15:32:37.0363 6564 SCPolicySvc - ok
15:32:37.0383 6564 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:32:37.0449 6564 SDRSVC - ok
15:32:37.0544 6564 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:32:37.0886 6564 SDScannerService - ok
15:32:38.0011 6564 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:32:38.0404 6564 SDUpdateService - ok
15:32:38.0420 6564 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:32:38.0463 6564 SDWSCService - ok
15:32:38.0509 6564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:32:38.0642 6564 secdrv - ok
15:32:38.0681 6564 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
15:32:38.0819 6564 seclogon - ok
15:32:38.0853 6564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
15:32:38.0966 6564 SENS - ok
15:32:38.0997 6564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
15:32:39.0067 6564 SensrSvc - ok
15:32:39.0095 6564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
15:32:39.0172 6564 Serenum - ok
15:32:39.0203 6564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
15:32:39.0285 6564 Serial - ok
15:32:39.0307 6564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
15:32:39.0385 6564 sermouse - ok
15:32:39.0433 6564 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
15:32:39.0538 6564 SessionEnv - ok
15:32:39.0562 6564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:32:39.0650 6564 sffdisk - ok
15:32:39.0674 6564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:32:39.0765 6564 sffp_mmc - ok
15:32:39.0788 6564 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:32:39.0880 6564 sffp_sd - ok
15:32:39.0907 6564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
15:32:39.0982 6564 sfloppy - ok
15:32:40.0022 6564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
15:32:40.0159 6564 SharedAccess - ok
15:32:40.0199 6564 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:32:40.0329 6564 ShellHWDetection - ok
15:32:40.0356 6564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
15:32:40.0408 6564 SiSRaid2 - ok
15:32:40.0443 6564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
15:32:40.0508 6564 SiSRaid4 - ok
15:32:40.0645 6564 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:32:41.0130 6564 Skype C2C Service - ok
15:32:41.0166 6564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
15:32:41.0305 6564 Smb - ok
15:32:41.0381 6564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:32:41.0459 6564 SNMPTRAP - ok
15:32:41.0493 6564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
15:32:41.0530 6564 spldr - ok
15:32:41.0579 6564 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
15:32:41.0648 6564 Spooler - ok
15:32:41.0744 6564 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
15:32:41.0938 6564 sppsvc - ok
15:32:41.0958 6564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:32:42.0087 6564 sppuinotify - ok
15:32:42.0135 6564 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
15:32:42.0231 6564 srv - ok
15:32:42.0254 6564 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:32:42.0306 6564 srv2 - ok
15:32:42.0320 6564 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:32:42.0390 6564 srvnet - ok
15:32:42.0435 6564 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys
15:32:42.0540 6564 ssadbus - ok
15:32:42.0582 6564 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys
15:32:42.0654 6564 ssadmdfl - ok
15:32:42.0676 6564 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys
15:32:42.0745 6564 ssadmdm - ok
15:32:42.0780 6564 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\windows\system32\DRIVERS\ssadserd.sys
15:32:42.0849 6564 ssadserd - ok
15:32:42.0895 6564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:32:43.0016 6564 SSDPSRV - ok
15:32:43.0047 6564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
15:32:43.0161 6564 SstpSvc - ok
15:32:43.0188 6564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
15:32:43.0243 6564 stexstor - ok
15:32:43.0294 6564 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
15:32:43.0386 6564 stisvc - ok
15:32:43.0414 6564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
15:32:43.0467 6564 swenum - ok
15:32:43.0510 6564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
15:32:43.0639 6564 swprv - ok
15:32:43.0714 6564 [ A066A93804F464AE1F49658899998470 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:32:43.0864 6564 SynTP - ok
15:32:43.0920 6564 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
15:32:44.0076 6564 SysMain - ok
15:32:44.0108 6564 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
15:32:44.0179 6564 TabletInputService - ok
15:32:44.0198 6564 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
15:32:44.0335 6564 TapiSrv - ok
15:32:44.0355 6564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
15:32:44.0476 6564 TBS - ok
15:32:44.0576 6564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:32:44.0712 6564 Tcpip - ok
15:32:44.0765 6564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:32:44.0869 6564 TCPIP6 - ok
15:32:44.0898 6564 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:32:44.0968 6564 tcpipreg - ok
15:32:45.0003 6564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:32:45.0066 6564 TDPIPE - ok
15:32:45.0103 6564 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:32:45.0145 6564 TDTCP - ok
15:32:45.0163 6564 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:32:45.0282 6564 tdx - ok
15:32:45.0312 6564 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
15:32:45.0357 6564 TermDD - ok
15:32:45.0404 6564 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
15:32:45.0562 6564 TermService - ok
15:32:45.0592 6564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
15:32:45.0666 6564 Themes - ok
15:32:45.0710 6564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
15:32:45.0803 6564 THREADORDER - ok
15:32:45.0820 6564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
15:32:45.0943 6564 TrkWks - ok
15:32:46.0009 6564 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:32:46.0119 6564 TrustedInstaller - ok
15:32:46.0140 6564 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:32:46.0248 6564 tssecsrv - ok
15:32:46.0294 6564 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:32:46.0337 6564 TsUsbFlt - ok
15:32:46.0359 6564 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
15:32:46.0416 6564 TsUsbGD - ok
15:32:46.0453 6564 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:32:46.0568 6564 tunnel - ok
15:32:46.0596 6564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
15:32:46.0654 6564 uagp35 - ok
15:32:46.0684 6564 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:32:46.0833 6564 udfs - ok
15:32:46.0880 6564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:32:46.0941 6564 UI0Detect - ok
15:32:46.0983 6564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:32:47.0038 6564 uliagpkx - ok
15:32:47.0058 6564 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
15:32:47.0118 6564 umbus - ok
15:32:47.0145 6564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
15:32:47.0224 6564 UmPass - ok
15:32:47.0252 6564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
15:32:47.0359 6564 upnphost - ok
15:32:47.0396 6564 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:32:47.0457 6564 usbccgp - ok
15:32:47.0493 6564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:32:47.0578 6564 usbcir - ok
15:32:47.0619 6564 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
15:32:47.0698 6564 usbehci - ok
15:32:47.0746 6564 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:32:47.0804 6564 usbhub - ok
15:32:47.0827 6564 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
15:32:47.0895 6564 usbohci - ok
15:32:47.0923 6564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
15:32:48.0009 6564 usbprint - ok
15:32:48.0049 6564 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:32:48.0107 6564 USBSTOR - ok
15:32:48.0146 6564 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:32:48.0223 6564 usbuhci - ok
15:32:48.0272 6564 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
15:32:48.0336 6564 usbvideo - ok
15:32:48.0361 6564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
15:32:48.0486 6564 UxSms - ok
15:32:48.0512 6564 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
15:32:48.0554 6564 VaultSvc - ok
15:32:48.0584 6564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:32:48.0623 6564 vdrvroot - ok
15:32:48.0652 6564 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
15:32:48.0784 6564 vds - ok
15:32:48.0804 6564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:32:48.0854 6564 vga - ok
15:32:48.0862 6564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
15:32:48.0958 6564 VgaSave - ok
15:32:48.0984 6564 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:32:49.0053 6564 vhdmp - ok
15:32:49.0071 6564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
15:32:49.0128 6564 viaide - ok
15:32:49.0148 6564 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:32:49.0187 6564 volmgr - ok
15:32:49.0208 6564 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:32:49.0257 6564 volmgrx - ok
15:32:49.0282 6564 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
15:32:49.0330 6564 volsnap - ok
15:32:49.0353 6564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
15:32:49.0410 6564 vsmraid - ok
15:32:49.0474 6564 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
15:32:49.0646 6564 VSS - ok
15:32:49.0676 6564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:32:49.0759 6564 vwifibus - ok
15:32:49.0804 6564 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:32:49.0874 6564 vwififlt - ok
15:32:49.0916 6564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
15:32:50.0026 6564 W32Time - ok
15:32:50.0077 6564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
15:32:50.0154 6564 WacomPen - ok
15:32:50.0192 6564 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:32:50.0307 6564 WANARP - ok
15:32:50.0331 6564 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:32:50.0421 6564 Wanarpv6 - ok
15:32:50.0497 6564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
15:32:50.0611 6564 WatAdminSvc - ok
15:32:50.0673 6564 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
15:32:50.0772 6564 wbengine - ok
15:32:50.0801 6564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:32:50.0865 6564 WbioSrvc - ok
15:32:50.0889 6564 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
15:32:50.0961 6564 wcncsvc - ok
15:32:50.0984 6564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:32:51.0049 6564 WcsPlugInService - ok
15:32:51.0086 6564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
15:32:51.0147 6564 Wd - ok
15:32:51.0191 6564 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:32:51.0271 6564 Wdf01000 - ok
15:32:51.0293 6564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
15:32:51.0363 6564 WdiServiceHost - ok
15:32:51.0369 6564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
15:32:51.0425 6564 WdiSystemHost - ok
15:32:51.0446 6564 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
15:32:51.0534 6564 WebClient - ok
15:32:51.0571 6564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
15:32:51.0675 6564 Wecsvc - ok
15:32:51.0695 6564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
15:32:51.0796 6564 wercplsupport - ok
15:32:51.0826 6564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
15:32:51.0947 6564 WerSvc - ok
15:32:51.0969 6564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:32:52.0064 6564 WfpLwf - ok
15:32:52.0093 6564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:32:52.0129 6564 WIMMount - ok
15:32:52.0159 6564 WinDefend - ok
15:32:52.0171 6564 WinHttpAutoProxySvc - ok
15:32:52.0238 6564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:32:52.0373 6564 Winmgmt - ok
15:32:52.0456 6564 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
15:32:52.0631 6564 WinRM - ok
15:32:52.0698 6564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
15:32:52.0824 6564 Wlansvc - ok
15:32:52.0848 6564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:32:52.0911 6564 WmiAcpi - ok
15:32:52.0952 6564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:32:53.0031 6564 wmiApSrv - ok
15:32:53.0076 6564 WMPNetworkSvc - ok
15:32:53.0097 6564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
15:32:53.0149 6564 WPCSvc - ok
15:32:53.0172 6564 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:32:53.0258 6564 WPDBusEnum - ok
15:32:53.0283 6564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:32:53.0388 6564 ws2ifsl - ok
15:32:53.0405 6564 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
15:32:53.0489 6564 wscsvc - ok
15:32:53.0495 6564 WSearch - ok
15:32:53.0590 6564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
15:32:53.0724 6564 wuauserv - ok
15:32:53.0762 6564 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:32:53.0858 6564 WudfPf - ok
15:32:53.0893 6564 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:32:53.0953 6564 WUDFRd - ok
15:32:53.0968 6564 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:32:54.0043 6564 wudfsvc - ok
15:32:54.0082 6564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
15:32:54.0170 6564 WwanSvc - ok
15:32:54.0229 6564 [ 918CFCDBB6C297C53788B926954DA907 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
15:32:54.0277 6564 yukonw7 - ok
15:32:54.0372 6564 ================ Scan global ===============================
15:32:54.0397 6564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
15:32:54.0449 6564 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
15:32:54.0467 6564 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
15:32:54.0503 6564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
15:32:54.0545 6564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
15:32:54.0569 6564 [Global] - ok
15:32:54.0570 6564 ================ Scan MBR ==================================
15:32:54.0588 6564 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
15:32:55.0099 6564 \Device\Harddisk0\DR0 - ok
15:32:55.0104 6564 ================ Scan VBR ==================================
15:32:55.0134 6564 [ EE5F844E992D952E6F39633116C5C830 ] \Device\Harddisk0\DR0\Partition1
15:32:55.0137 6564 \Device\Harddisk0\DR0\Partition1 - ok
15:32:55.0159 6564 [ 355787F88010A3D86D46B636FB0FB6F5 ] \Device\Harddisk0\DR0\Partition2
15:32:55.0162 6564 \Device\Harddisk0\DR0\Partition2 - ok
15:32:55.0190 6564 [ 1043C5392A1966B53E5EE78AEEE72406 ] \Device\Harddisk0\DR0\Partition3
15:32:55.0193 6564 \Device\Harddisk0\DR0\Partition3 - ok
15:32:55.0195 6564 ============================================================
15:32:55.0195 6564 Scan finished
15:32:55.0195 6564 ============================================================
15:32:55.0208 1216 Detected object count: 1
15:32:55.0208 1216 Actual detected object count: 1
15:33:26.0670 1216 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:26.0670 1216 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 22.01.2013, 15:43

hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Hannem · 22.01.2013, 15:54

Hi,

Wo oder was sind die Benutzerdefinierten Scans/Fixes.

Wenn ich rechtsklicke erscheint kein "als Administrator führen" Option.

lg

markusg · 22.01.2013, 16:16

dann starte es einfach so. und füge das script ein

Hannem · 22.01.2013, 16:23

hi,

Falls du Namen oder dergleichen findest bitte löschen.

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 1/22/2013 4:10:27 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Eigene Dateien
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: XXXXX | Language: DEA | Date Format: dd.MM.yyyy
 
3.86 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 62.46% Memory free
7.73 Gb Paging File | 5.61 Gb Available in Paging File | 72.57% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 179.00 Gb Total Space | 65.58 Gb Free Space | 36.64% Space Free | Partition Type: NTFS
Drive D: | 266.66 Gb Total Space | 58.10 Gb Free Space | 21.79% Space Free | Partition Type: NTFS
Drive F: | 25.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: SATURN-PC | User Name: saturn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Eigene Dateien\OTL (2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\PROGRA~2\AD-AWA~1\AdAware.exe (Lavasoft Limited)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
PRC - C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files (x86)\A1 Dashboard\Dashboard.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\SysWOW64\Rezip.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
MOD - C:\Program Files (x86)\A1 Dashboard\Skins\A1\A1Skin.dbskin ()
MOD - C:\Program Files (x86)\A1 Dashboard\resetregistry.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\SysWOW64\Rezip.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\drivers\gfiark.sys (GFI Software)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKLM\..\SearchScopes\Yandex: "URL" = hxxp://yandex.ru/yandsearch?clid=39942&text={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{1C1C23FD-730C-4DDB-B8A8-06536CE0F91F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_US&apn_ptnrs=U3&apn_dtid=YYYYYYYYAT&apn_uid=3E29FE37-322E-4685-81C4-B8C4C5C158B9&apn_sauid=6CFA1673-53E5-4F3A-A155-DBFD36316D45
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=F2E5642EFB1712700EF90850EDEAAEE2&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT451
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\Moikrug: "URL" = hxxp://moikrug.ru/persons/?clid=39942&charset=utf-8&keywords={searchTerms}&submitted=1
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\Yandex: "URL" = hxxp://yandex.ru/yandsearch?clid=39942&text={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:6.0.1289
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://us.yahoo.com?fr=fp-comodo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/20 01:52:16 | 000,000,000 | ---D | M]
 
[2011/08/11 01:47:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Extensions
[2012/05/14 16:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions
[2012/05/14 16:24:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013/01/10 00:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions\ffxtlbr@babylon.com
[2011/12/31 06:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/11/24 23:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=hp&babsrc=lnkry
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=hp&babsrc=lnkry
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U10 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Disabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Session Manager = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: YouTube = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Tabs Outliner = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl\0.4.39_0\
CHR - Extension: Safe Search = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.0_0\
CHR - Extension: Session Manager = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.3_0\
CHR - Extension: Fast save = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\obolonaohefbbbbmhehcenamjebhjecd\1.1_0\
CHR - Extension: Google Reader = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: Google Mail = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RSS Feed Reader = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\4.1.5_0\
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E9177F0-BA1E-45D3-BEDC-CEB7D5FE6A0A}: NameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1034E13-F72B-4B75-9B44-6284186A43C0}: DhcpNameServer = 127.0.0.1 192.168.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/07/20 17:28:08 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9517c0c6-abfb-11e1-ac47-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{9517c0c6-abfb-11e1-ac47-001e101f50a4}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a5d8d4b2-abe8-11e0-8095-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d8d4b2-abe8-11e0-8095-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b6a165b9-570c-11e1-b951-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{b6a165b9-570c-11e1-b951-e811328461e3}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{bbc0e2e4-aba6-11e0-bbd1-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{bbc0e2e4-aba6-11e0-bbd1-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{bbc0e2f4-aba6-11e0-bbd1-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{bbc0e2f4-aba6-11e0-bbd1-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/18 13:41:58 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Microgaming
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\Microgaming
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
[2013/01/16 02:40:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\Documents\ProcAlyzer Dumps
[2013/01/14 03:05:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2013/01/10 15:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/01/10 03:16:06 | 000,000,000 | ---D | C] -- C:\0c620edd659dde624356bf416f
[2013/01/10 02:45:12 | 000,038,096 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfiark.sys
[2013/01/09 23:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/01/09 23:30:15 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\LavasoftStatistics
[2013/01/09 23:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/09 23:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/01/09 23:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/01/09 23:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/09 23:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013/01/09 23:16:22 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2013/01/09 23:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/01/09 23:14:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\Downloaded Installations
[2013/01/09 23:14:09 | 000,014,456 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/09 23:14:08 | 000,047,496 | ---- | C] (GFI Software) -- C:\windows\SysNative\sbbd.exe
[2013/01/09 23:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\adawaretb
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\adawarebp
[2013/01/09 23:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/01/09 23:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/01/09 23:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2013/01/09 23:07:09 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Ad-Aware Antivirus
[2013/01/08 21:11:08 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\Programs
[2013/01/01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
[2012/12/30 02:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\saturn\Documents\*.tmp files -> C:\Users\saturn\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/22 16:03:47 | 001,474,832 | ---- | M] () -- C:\windows\SysNative\drivers\sfi.dat
[2013/01/22 15:52:10 | 000,051,089 | ---- | M] () -- C:\Users\saturn\Desktop\85104-otl-otlogfile-by-oldtimer.htm
[2013/01/22 15:45:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/22 15:28:01 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/22 14:53:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/22 12:49:51 | 000,079,996 | ---- | M] () -- C:\Users\saturn\Documents\Unbenanntaaabb.PNG
[2013/01/22 10:41:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/22 10:41:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/22 10:35:24 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/22 10:33:59 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/22 10:33:43 | 4148,744,192 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/20 02:13:09 | 041,500,672 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\7SRData.sdf
[2013/01/20 01:21:46 | 054,558,720 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\UberReaderData.sdf
[2013/01/18 13:41:47 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
[2013/01/16 00:57:32 | 000,101,182 | ---- | M] () -- C:\Users\saturn\Documents\Statistik_Theorie%20(2).odt_0.odt
[2013/01/16 00:57:22 | 000,132,092 | ---- | M] () -- C:\Users\saturn\Documents\Normalv.odt_0.odt
[2013/01/16 00:57:21 | 000,085,767 | ---- | M] () -- C:\Users\saturn\Documents\Binomial_1%20(2).odt_0.odt
[2013/01/16 00:57:21 | 000,056,299 | ---- | M] () -- C:\Users\saturn\Documents\Binomial_2%20(2).odt_0.odt
[2013/01/15 10:35:52 | 000,062,835 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-docu.PNG
[2013/01/14 21:59:47 | 000,053,697 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-neu2.PNG
[2013/01/14 05:41:56 | 000,072,455 | ---- | M] () -- C:\Users\saturn\Documents\neu-eleven.PNG
[2013/01/10 03:22:06 | 000,462,632 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/10 01:00:20 | 000,011,432 | ---- | M] () -- C:\windows\wininit.ini
[2013/01/09 23:16:45 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/09 23:14:08 | 000,014,456 | ---- | M] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/07 13:56:47 | 000,062,394 | ---- | M] () -- C:\Users\saturn\Documents\Neu.PNG
[2013/01/07 13:42:41 | 000,066,269 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-neu.PNG
[2013/01/07 01:20:54 | 000,065,155 | ---- | M] () -- C:\Users\saturn\Documents\Graph-neu.PNG
[2013/01/06 23:30:04 | 000,053,197 | ---- | M] () -- C:\Users\saturn\Documents\Parabel-Gerade.PNG
[2013/01/06 02:40:51 | 000,016,262 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt.PNG
[2013/01/06 02:30:07 | 000,005,154 | ---- | M] () -- C:\Users\saturn\Documents\Trapez.ggb
[2013/01/06 01:17:53 | 000,061,214 | ---- | M] () -- C:\Users\saturn\Documents\Fläche-1.PNG
[2013/01/01 22:54:17 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2012/12/30 16:29:20 | 000,049,967 | ---- | M] () -- C:\Users\saturn\Documents\Graph.PNG
[2012/12/30 16:24:25 | 000,051,755 | ---- | M] () -- C:\Users\saturn\Documents\Graphic.PNG
[2012/12/30 02:03:13 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2012/12/29 00:59:14 | 000,040,002 | ---- | M] () -- C:\Users\saturn\Documents\Fläche+4.PNG
[2012/12/28 22:34:11 | 000,023,578 | ---- | M] () -- C:\Users\saturn\Documents\Fläche.PNG
[2012/12/28 22:33:46 | 000,025,667 | ---- | M] () -- C:\Users\saturn\Documents\Fläche2.PNG
[2012/12/28 22:32:49 | 000,043,132 | ---- | M] () -- C:\Users\saturn\Documents\Fläche1.PNG
[2012/12/28 21:38:42 | 000,048,684 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-253d.PNG
[2012/12/28 19:43:13 | 000,054,089 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-235b.PNG
[2012/12/28 19:40:36 | 000,032,742 | ---- | M] () -- C:\Users\saturn\Documents\AUfgabe-236a.PNG
[2012/12/28 18:39:26 | 000,031,857 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-229a.PNG
[2012/12/27 19:12:44 | 000,028,542 | ---- | M] () -- C:\Users\saturn\Documents\project.PNG
[2012/12/27 19:11:27 | 000,005,572 | ---- | M] () -- C:\Users\saturn\Documents\Project.b.ggb
[2012/12/27 19:10:57 | 000,037,320 | ---- | M] () -- C:\Users\saturn\Documents\Project.b.PNG
[2012/12/27 19:03:37 | 000,005,884 | ---- | M] () -- C:\Users\saturn\Documents\Project.rar
[2012/12/27 18:04:28 | 000,005,958 | ---- | M] () -- C:\Users\saturn\Documents\Project.ggb
[2012/12/24 21:54:25 | 000,028,699 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-3.PNG
[2012/12/24 21:28:47 | 000,022,719 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-2.PNG
[2012/12/24 19:21:24 | 000,005,228 | ---- | M] () -- C:\Users\saturn\Documents\GEo- Plan.ggb
[2012/12/24 01:57:55 | 000,045,971 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-1.PNG
[2012/12/24 01:38:42 | 000,046,265 | ---- | M] () -- C:\Users\saturn\Documents\Kurvendiskussionen.PNG
[2012/12/23 16:32:26 | 000,031,047 | ---- | M] () -- C:\Users\saturn\Documents\Integral-Flächen-berechnen.2.PNG
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\saturn\Documents\*.tmp files -> C:\Users\saturn\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/01/22 15:51:31 | 000,051,089 | ---- | C] () -- C:\Users\saturn\Desktop\85104-otl-otlogfile-by-oldtimer.htm
[2013/01/22 12:49:51 | 000,079,996 | ---- | C] () -- C:\Users\saturn\Documents\Unbenanntaaabb.PNG
[2013/01/18 13:38:18 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
[2013/01/16 01:34:24 | 000,132,092 | ---- | C] () -- C:\Users\saturn\Documents\Normalv.odt_0.odt
[2013/01/16 01:34:24 | 000,101,182 | ---- | C] () -- C:\Users\saturn\Documents\Statistik_Theorie%20(2).odt_0.odt
[2013/01/16 01:34:24 | 000,085,767 | ---- | C] () -- C:\Users\saturn\Documents\Binomial_1%20(2).odt_0.odt
[2013/01/16 01:34:24 | 000,056,299 | ---- | C] () -- C:\Users\saturn\Documents\Binomial_2%20(2).odt_0.odt
[2013/01/15 10:35:52 | 000,062,835 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-docu.PNG
[2013/01/14 21:59:47 | 000,053,697 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-neu2.PNG
[2013/01/14 05:41:56 | 000,072,455 | ---- | C] () -- C:\Users\saturn\Documents\neu-eleven.PNG
[2013/01/10 01:00:12 | 000,011,432 | ---- | C] () -- C:\windows\wininit.ini
[2013/01/09 23:17:47 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/09 23:16:48 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/09 23:16:45 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/07 13:56:47 | 000,062,394 | ---- | C] () -- C:\Users\saturn\Documents\Neu.PNG
[2013/01/07 13:42:40 | 000,066,269 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-neu.PNG
[2013/01/07 01:20:54 | 000,065,155 | ---- | C] () -- C:\Users\saturn\Documents\Graph-neu.PNG
[2013/01/06 23:30:03 | 000,053,197 | ---- | C] () -- C:\Users\saturn\Documents\Parabel-Gerade.PNG
[2013/01/06 02:40:51 | 000,016,262 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt.PNG
[2013/01/06 02:30:06 | 000,005,154 | ---- | C] () -- C:\Users\saturn\Documents\Trapez.ggb
[2013/01/06 01:17:52 | 000,061,214 | ---- | C] () -- C:\Users\saturn\Documents\Fläche-1.PNG
[2013/01/01 22:54:16 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2012/12/30 16:29:20 | 000,049,967 | ---- | C] () -- C:\Users\saturn\Documents\Graph.PNG
[2012/12/30 16:24:24 | 000,051,755 | ---- | C] () -- C:\Users\saturn\Documents\Graphic.PNG
[2012/12/30 02:03:13 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2012/12/29 00:59:13 | 000,040,002 | ---- | C] () -- C:\Users\saturn\Documents\Fläche+4.PNG
[2012/12/28 22:34:11 | 000,023,578 | ---- | C] () -- C:\Users\saturn\Documents\Fläche.PNG
[2012/12/28 22:33:46 | 000,025,667 | ---- | C] () -- C:\Users\saturn\Documents\Fläche2.PNG
[2012/12/28 22:32:48 | 000,043,132 | ---- | C] () -- C:\Users\saturn\Documents\Fläche1.PNG
[2012/12/28 21:38:42 | 000,048,684 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-253d.PNG
[2012/12/28 19:43:13 | 000,054,089 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-235b.PNG
[2012/12/28 19:40:36 | 000,032,742 | ---- | C] () -- C:\Users\saturn\Documents\AUfgabe-236a.PNG
[2012/12/28 18:39:24 | 000,031,857 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-229a.PNG
[2012/12/27 19:12:44 | 000,028,542 | ---- | C] () -- C:\Users\saturn\Documents\project.PNG
[2012/12/27 19:10:57 | 000,037,320 | ---- | C] () -- C:\Users\saturn\Documents\Project.b.PNG
[2012/12/27 19:09:29 | 000,005,572 | ---- | C] () -- C:\Users\saturn\Documents\Project.b.ggb
[2012/12/27 19:02:00 | 000,005,884 | ---- | C] () -- C:\Users\saturn\Documents\Project.rar
[2012/12/27 18:04:28 | 000,005,958 | ---- | C] () -- C:\Users\saturn\Documents\Project.ggb
[2012/12/24 21:54:25 | 000,028,699 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-3.PNG
[2012/12/24 21:28:46 | 000,022,719 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-2.PNG
[2012/12/24 19:21:23 | 000,005,228 | ---- | C] () -- C:\Users\saturn\Documents\GEo- Plan.ggb
[2012/12/24 01:57:55 | 000,045,971 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-1.PNG
[2012/12/24 01:38:41 | 000,046,265 | ---- | C] () -- C:\Users\saturn\Documents\Kurvendiskussionen.PNG
[2012/12/23 16:32:26 | 000,031,047 | ---- | C] () -- C:\Users\saturn\Documents\Integral-Flächen-berechnen.2.PNG
[2012/10/29 17:15:42 | 000,000,218 | ---- | C] () -- C:\Users\saturn\.recently-used.xbel
[2012/09/26 18:49:06 | 000,007,605 | ---- | C] () -- C:\Users\saturn\AppData\Local\Resmon.ResmonCfg
[2012/07/22 11:09:38 | 000,009,911 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall-MMaster.dat
[2012/07/21 15:24:09 | 000,004,621 | ---- | C] () -- C:\Users\saturn\AppData\Local\recently-used.xbel
[2012/06/11 20:46:47 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2012/02/14 20:44:13 | 000,015,872 | ---- | C] () -- C:\windows\SysWow64\InsDrvZD64.DLL
[2011/10/25 16:53:34 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/24 19:08:30 | 000,131,584 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall.exe
[2011/08/10 22:12:24 | 000,006,656 | ---- | C] () -- C:\windows\SysWow64\lpcio.dll
[2011/07/18 11:25:11 | 001,592,858 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/06/30 08:53:34 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/04/20 03:37:24 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011/04/19 13:27:14 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011/04/19 12:51:02 | 000,000,378 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/04/19 12:21:46 | 000,311,296 | ---- | C] () -- C:\windows\SysWow64\Rezip.exe
[2010/12/23 14:39:34 | 041,500,672 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\7SRData.sdf
[2010/08/14 14:34:12 | 054,558,720 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\UberReaderData.sdf
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/10/29 16:07:52 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\.BitTornado
[2013/01/16 02:44:34 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Ad-Aware Antivirus
[2012/11/27 04:04:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Azureus
[2012/11/24 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\calibre
[2012/10/29 17:03:20 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\deluge
[2012/05/14 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoft
[2012/10/29 17:01:01 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\gtk-2.0
[2012/05/05 00:41:28 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\hdbADS
[2012/05/05 01:05:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\IrfanView
[2012/09/24 20:21:57 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\JAM Software
[2012/06/01 22:52:09 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\LibreOffice
[2012/02/29 02:32:38 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Lingo4u
[2013/01/20 01:17:21 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Microgaming
[2012/05/14 16:27:18 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\OpenCandy
[2011/11/25 15:23:35 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\OpenOffice.org
[2011/07/25 18:58:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Opera
[2012/06/01 13:41:17 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\SoftGrid Client
[2012/02/25 15:28:52 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TP
[2012/05/14 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TuneUp Software
[2012/10/29 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\uTorren
[2013/01/22 16:15:43 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\uTorrent
[2011/10/26 21:34:47 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Yandex
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

lg

22.01.2013, 12:19	#6
markusg /// Malware-holic	Trojaner - Sicherheitscenter oder Treiber wird deaktiviert hi du kannst keine ganzen instalationen sichern, und da du torrents nutzt und daher die herkunft deiner Programme zweifelhalft ist, solltest du keine setups sichern. na, du brauchst schon irgend nen datenträger, wo du das zeug speichers. __________________ --> Trojaner - Sicherheitscenter oder Treiber wird deaktiviert

Trojaner - Sicherheitscenter oder Treiber wird deaktiviert

Plagegeister aller Art und deren Bekämpfung: Trojaner - Sicherheitscenter oder Treiber wird deaktiviert