ne, du hast die Haken nicht nach der tdssskiller Anleitung gesetzt

noch ein Versuch:

Code: Alles auswählenAufklappen

ATTFilter

13:37:31.0340 1468  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:37:31.0773 1468  ============================================================
13:37:31.0773 1468  Current date / time: 2013/05/29 13:37:31.0773
13:37:31.0773 1468  SystemInfo:
13:37:31.0773 1468  
13:37:31.0773 1468  OS Version: 6.1.7601 ServicePack: 1.0
13:37:31.0773 1468  Product type: Workstation
13:37:31.0773 1468  ComputerName: W7
13:37:31.0774 1468  UserName: root
13:37:31.0774 1468  Windows directory: C:\Windows
13:37:31.0774 1468  System windows directory: C:\Windows
13:37:31.0774 1468  Running under WOW64
13:37:31.0774 1468  Processor architecture: Intel x64
13:37:31.0774 1468  Number of processors: 2
13:37:31.0774 1468  Page size: 0x1000
13:37:31.0774 1468  Boot type: Normal boot
13:37:31.0774 1468  ============================================================
13:37:32.0407 1468  BG loaded
13:37:32.0643 1468  Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:37:32.0647 1468  ============================================================
13:37:32.0647 1468  \Device\Harddisk0\DR0:
13:37:32.0648 1468  MBR partitions:
13:37:32.0648 1468  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E937800
13:37:32.0648 1468  ============================================================
13:37:32.0677 1468  C: <-> \Device\Harddisk0\DR0\Partition1
13:37:32.0678 1468  ============================================================
13:37:32.0678 1468  Initialize success
13:37:32.0678 1468  ============================================================
13:39:08.0383 7656  ============================================================
13:39:08.0383 7656  Scan started
13:39:08.0383 7656  Mode: Manual; SigCheck; TDLFS; 
13:39:08.0383 7656  ============================================================
13:39:08.0812 7656  ================ Scan system memory ========================
13:39:08.0813 7656  System memory - ok
13:39:08.0813 7656  ================ Scan services =============================
13:39:08.0984 7656  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:39:09.0052 7656  1394ohci - ok
13:39:09.0099 7656  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:39:09.0113 7656  ACPI - ok
13:39:09.0140 7656  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:39:09.0153 7656  AcpiPmi - ok
13:39:09.0260 7656  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:39:09.0279 7656  AdobeFlashPlayerUpdateSvc - ok
13:39:09.0317 7656  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:39:09.0340 7656  adp94xx - ok
13:39:09.0357 7656  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:39:09.0371 7656  adpahci - ok
13:39:09.0388 7656  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:39:09.0400 7656  adpu320 - ok
13:39:09.0436 7656  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:39:09.0466 7656  AeLookupSvc - ok
13:39:09.0509 7656  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:39:09.0524 7656  AFD - ok
13:39:09.0565 7656  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:39:09.0576 7656  agp440 - ok
13:39:09.0599 7656  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:39:09.0611 7656  ALG - ok
13:39:09.0656 7656  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:39:09.0667 7656  aliide - ok
13:39:09.0670 7656  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:39:09.0680 7656  amdide - ok
13:39:09.0691 7656  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:39:09.0702 7656  AmdK8 - ok
13:39:09.0706 7656  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:39:09.0717 7656  AmdPPM - ok
13:39:09.0739 7656  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:39:09.0750 7656  amdsata - ok
13:39:09.0781 7656  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:39:09.0792 7656  amdsbs - ok
13:39:09.0805 7656  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:39:09.0815 7656  amdxata - ok
13:39:09.0848 7656  [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
13:39:09.0857 7656  androidusb - ok
13:39:09.0897 7656  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:39:09.0923 7656  AppID - ok
13:39:09.0946 7656  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:39:09.0974 7656  AppIDSvc - ok
13:39:10.0039 7656  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:39:10.0066 7656  Appinfo - ok
13:39:10.0102 7656  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:39:10.0113 7656  AppMgmt - ok
13:39:10.0126 7656  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:39:10.0137 7656  arc - ok
13:39:10.0152 7656  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:39:10.0163 7656  arcsas - ok
13:39:10.0198 7656  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:39:10.0226 7656  AsyncMac - ok
13:39:10.0242 7656  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:39:10.0252 7656  atapi - ok
13:39:10.0298 7656  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:39:10.0330 7656  AudioEndpointBuilder - ok
13:39:10.0339 7656  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:39:10.0371 7656  AudioSrv - ok
13:39:10.0407 7656  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:39:10.0422 7656  AxInstSV - ok
13:39:10.0465 7656  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:39:10.0484 7656  b06bdrv - ok
13:39:10.0515 7656  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:39:10.0527 7656  b57nd60a - ok
13:39:10.0569 7656  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:39:10.0580 7656  BDESVC - ok
13:39:10.0595 7656  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:39:10.0622 7656  Beep - ok
13:39:10.0683 7656  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:39:10.0730 7656  BFE - ok
13:39:10.0765 7656  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:39:10.0799 7656  BITS - ok
13:39:10.0830 7656  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:39:10.0841 7656  blbdrive - ok
13:39:10.0882 7656  [ 8BC053CD1F5F11F79C80BE85BC289258 ] BlueletAudio    C:\Windows\system32\DRIVERS\blueletaudio.sys
13:39:10.0894 7656  BlueletAudio - ok
13:39:10.0925 7656  [ 46134C260E6B019AA24506B8AB4D42D3 ] BlueletSCOAudio C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
13:39:10.0933 7656  BlueletSCOAudio - ok
13:39:11.0028 7656  [ 941E435E5A903CC60E50E72037FA39D0 ] BlueSoleilCS    C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
13:39:11.0047 7656  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - warning
13:39:11.0047 7656  BlueSoleilCS - detected UnsignedFile.Multi.Generic (1)
13:39:11.0081 7656  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:39:11.0092 7656  bowser - ok
13:39:11.0117 7656  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:39:11.0129 7656  BrFiltLo - ok
13:39:11.0137 7656  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:39:11.0149 7656  BrFiltUp - ok
13:39:11.0185 7656  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:39:11.0197 7656  Browser - ok
13:39:11.0220 7656  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:39:11.0232 7656  Brserid - ok
13:39:11.0251 7656  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:39:11.0266 7656  BrSerWdm - ok
13:39:11.0269 7656  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:39:11.0281 7656  BrUsbMdm - ok
13:39:11.0285 7656  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:39:11.0296 7656  BrUsbSer - ok
13:39:11.0325 7656  [ 403E99F6DDB6CE624E0F81A554AFF178 ] BsHelpCS        C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
13:39:11.0330 7656  BsHelpCS ( UnsignedFile.Multi.Generic ) - warning
13:39:11.0330 7656  BsHelpCS - detected UnsignedFile.Multi.Generic (1)
13:39:11.0355 7656  [ EA05E37130B94670E8AA3379EAFAE22E ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys
13:39:11.0364 7656  BT - ok
13:39:11.0385 7656  BTCOM - ok
13:39:11.0519 7656  [ 8BFBA6EBB2654DEF3EBD4D882BAB8EE6 ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
13:39:11.0531 7656  Btcsrusb - ok
13:39:11.0586 7656  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
13:39:11.0601 7656  BthEnum - ok
13:39:11.0658 7656  [ 81229822FACAA324718B3B3C973688ED ] BtHidBus        C:\Windows\system32\Drivers\BtHidBus.sys
13:39:11.0669 7656  BtHidBus - ok
13:39:11.0693 7656  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:39:11.0711 7656  BTHMODEM - ok
13:39:11.0733 7656  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:39:11.0747 7656  BthPan - ok
13:39:11.0791 7656  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
13:39:11.0811 7656  BTHPORT - ok
13:39:11.0846 7656  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:39:11.0874 7656  bthserv - ok
13:39:11.0899 7656  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
13:39:11.0910 7656  BTHUSB - ok
13:39:11.0929 7656  [ 2531372CC2AD7C7204A7520DC7C2D0DA ] btnetBUs        C:\Windows\system32\Drivers\btnetBus.sys
13:39:11.0937 7656  btnetBUs - ok
13:39:11.0962 7656  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:39:11.0991 7656  cdfs - ok
13:39:12.0040 7656  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:39:12.0052 7656  cdrom - ok
13:39:12.0090 7656  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:39:12.0118 7656  CertPropSvc - ok
13:39:12.0154 7656  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:39:12.0167 7656  circlass - ok
13:39:12.0197 7656  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:39:12.0211 7656  CLFS - ok
13:39:12.0267 7656  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:39:12.0280 7656  clr_optimization_v2.0.50727_32 - ok
13:39:12.0338 7656  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:39:12.0351 7656  clr_optimization_v2.0.50727_64 - ok
13:39:12.0416 7656  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:39:12.0426 7656  clr_optimization_v4.0.30319_32 - ok
13:39:12.0468 7656  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:39:12.0482 7656  clr_optimization_v4.0.30319_64 - ok
13:39:12.0519 7656  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:39:12.0530 7656  CmBatt - ok
13:39:12.0551 7656  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:39:12.0561 7656  cmdide - ok
13:39:12.0598 7656  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
13:39:12.0618 7656  CNG - ok
13:39:12.0635 7656  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:39:12.0645 7656  Compbatt - ok
13:39:12.0682 7656  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:39:12.0695 7656  CompositeBus - ok
13:39:12.0707 7656  COMSysApp - ok
13:39:12.0723 7656  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:39:12.0733 7656  crcdisk - ok
13:39:12.0784 7656  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:39:12.0795 7656  CryptSvc - ok
13:39:12.0843 7656  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
13:39:12.0862 7656  CSC - ok
13:39:12.0889 7656  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
13:39:12.0905 7656  CscService - ok
13:39:12.0947 7656  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:39:12.0978 7656  DcomLaunch - ok
13:39:13.0009 7656  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:39:13.0039 7656  defragsvc - ok
13:39:13.0073 7656  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:39:13.0100 7656  DfsC - ok
13:39:13.0125 7656  [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
13:39:13.0133 7656  DgiVecp - ok
13:39:13.0163 7656  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:39:13.0175 7656  Dhcp - ok
13:39:13.0202 7656  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:39:13.0230 7656  discache - ok
13:39:13.0255 7656  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:39:13.0266 7656  Disk - ok
13:39:13.0297 7656  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:39:13.0309 7656  Dnscache - ok
13:39:13.0342 7656  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:39:13.0380 7656  dot3svc - ok
13:39:13.0413 7656  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:39:13.0441 7656  DPS - ok
13:39:13.0468 7656  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:39:13.0480 7656  drmkaud - ok
13:39:13.0527 7656  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:39:13.0554 7656  DXGKrnl - ok
13:39:13.0592 7656  [ 955F6564F448119C12AB3C048CCF8946 ] e1kexpress      C:\Windows\system32\DRIVERS\e1k60x64.sys
13:39:13.0607 7656  e1kexpress - ok
13:39:13.0631 7656  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:39:13.0660 7656  EapHost - ok
13:39:13.0755 7656  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:39:13.0802 7656  ebdrv - ok
13:39:13.0861 7656  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:39:13.0876 7656  EFS - ok
13:39:13.0933 7656  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:39:13.0949 7656  ehRecvr - ok
13:39:13.0973 7656  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:39:13.0985 7656  ehSched - ok
13:39:14.0034 7656  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:39:14.0050 7656  elxstor - ok
13:39:14.0067 7656  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:39:14.0078 7656  ErrDev - ok
13:39:14.0130 7656  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:39:14.0161 7656  EventSystem - ok
13:39:14.0190 7656  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:39:14.0220 7656  exfat - ok
13:39:14.0239 7656  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:39:14.0268 7656  fastfat - ok
13:39:14.0312 7656  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:39:14.0327 7656  Fax - ok
13:39:14.0356 7656  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:39:14.0367 7656  fdc - ok
13:39:14.0377 7656  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:39:14.0406 7656  fdPHost - ok
13:39:14.0416 7656  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:39:14.0444 7656  FDResPub - ok
13:39:14.0459 7656  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:39:14.0470 7656  FileInfo - ok
13:39:14.0481 7656  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:39:14.0509 7656  Filetrace - ok
13:39:14.0553 7656  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:39:14.0567 7656  FLEXnet Licensing Service - ok
13:39:14.0581 7656  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:39:14.0591 7656  flpydisk - ok
13:39:14.0635 7656  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:39:14.0648 7656  FltMgr - ok
13:39:14.0690 7656  [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache       C:\Windows\system32\FntCache.dll
13:39:14.0710 7656  FontCache - ok
13:39:14.0759 7656  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:39:14.0772 7656  FontCache3.0.0.0 - ok
13:39:14.0798 7656  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:39:14.0814 7656  FsDepends - ok
13:39:14.0841 7656  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:39:14.0856 7656  Fs_Rec - ok
13:39:14.0890 7656  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:39:14.0912 7656  fvevol - ok
13:39:14.0942 7656  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:39:14.0958 7656  gagp30kx - ok
13:39:15.0001 7656  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:39:15.0041 7656  gpsvc - ok
13:39:15.0092 7656  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:39:15.0109 7656  hcw85cir - ok
13:39:15.0261 7656  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:39:15.0282 7656  HdAudAddService - ok
13:39:15.0382 7656  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:39:15.0401 7656  HDAudBus - ok
13:39:15.0422 7656  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:39:15.0437 7656  HidBatt - ok
13:39:15.0457 7656  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:39:15.0477 7656  HidBth - ok
13:39:15.0488 7656  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:39:15.0504 7656  HidIr - ok
13:39:15.0539 7656  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:39:15.0567 7656  hidserv - ok
13:39:15.0615 7656  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:39:15.0627 7656  HidUsb - ok
13:39:15.0655 7656  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:39:15.0684 7656  hkmsvc - ok
13:39:15.0712 7656  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:39:15.0724 7656  HomeGroupListener - ok
13:39:15.0757 7656  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:39:15.0770 7656  HomeGroupProvider - ok
13:39:15.0796 7656  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:39:15.0806 7656  HpSAMD - ok
13:39:15.0852 7656  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:39:15.0885 7656  HTTP - ok
13:39:15.0935 7656  [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:39:15.0945 7656  hwdatacard - ok
13:39:15.0960 7656  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:39:15.0970 7656  hwpolicy - ok
13:39:16.0025 7656  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:39:16.0038 7656  i8042prt - ok
13:39:16.0069 7656  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:39:16.0083 7656  iaStorV - ok
13:39:16.0134 7656  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:39:16.0151 7656  idsvc - ok
13:39:16.0379 7656  [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:39:16.0479 7656  igfx - ok
13:39:16.0521 7656  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:39:16.0532 7656  iirsp - ok
13:39:16.0581 7656  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:39:16.0614 7656  IKEEXT - ok
13:39:16.0643 7656  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:39:16.0653 7656  intelide - ok
13:39:16.0676 7656  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:39:16.0687 7656  intelppm - ok
13:39:16.0717 7656  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:39:16.0745 7656  IPBusEnum - ok
13:39:16.0770 7656  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:39:16.0797 7656  IpFilterDriver - ok
13:39:16.0836 7656  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:39:16.0851 7656  iphlpsvc - ok
13:39:16.0871 7656  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:39:16.0882 7656  IPMIDRV - ok
13:39:16.0897 7656  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:39:16.0925 7656  IPNAT - ok
13:39:16.0949 7656  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:39:16.0963 7656  IRENUM - ok
13:39:16.0981 7656  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:39:16.0991 7656  isapnp - ok
13:39:17.0010 7656  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:39:17.0025 7656  iScsiPrt - ok
13:39:17.0049 7656  [ 70EBDA3ED637B0212450C5542EDD11A7 ] IvtAudioBusSrv  C:\Windows\system32\Drivers\IvtBtBus.sys
13:39:17.0057 7656  IvtAudioBusSrv - ok
13:39:17.0061 7656  [ 70EBDA3ED637B0212450C5542EDD11A7 ] IvtBtBUs        C:\Windows\system32\Drivers\IvtBtBus.sys
13:39:17.0068 7656  IvtBtBUs - ok
13:39:17.0071 7656  IvtComBusSrv - ok
13:39:17.0095 7656  [ 2531372CC2AD7C7204A7520DC7C2D0DA ] IvtPanBusSrv    C:\Windows\system32\Drivers\btnetBus.sys
13:39:17.0103 7656  IvtPanBusSrv - ok
13:39:17.0138 7656  [ C04133591DA4F0E4F139BA02020E156E ] kavbootc        C:\Windows\system32\drivers\kavbootc64.sys
13:39:17.0146 7656  kavbootc - ok
13:39:17.0171 7656  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:39:17.0182 7656  kbdclass - ok
13:39:17.0211 7656  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:39:17.0221 7656  kbdhid - ok
13:39:17.0318 7656  [ 1F36BC853A467AEE5C55749D0CD67689 ] KDHacker        c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys
13:39:17.0332 7656  KDHacker - ok
13:39:17.0344 7656  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:39:17.0354 7656  KeyIso - ok
13:39:17.0365 7656  [ 9B64685E594265EE5CD168CA7A513E08 ] kisknl          C:\Windows\system32\drivers\kisknl.sys
13:39:17.0376 7656  kisknl - ok
13:39:17.0418 7656  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
13:39:17.0426 7656  KMWDFILTER - ok
13:39:17.0461 7656  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:39:17.0472 7656  KSecDD - ok
13:39:17.0488 7656  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:39:17.0500 7656  KSecPkg - ok
13:39:17.0533 7656  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:39:17.0561 7656  ksthunk - ok
13:39:17.0597 7656  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:39:17.0630 7656  KtmRm - ok
13:39:17.0686 7656  [ 2D838D0AB6CEF453F690E3D22C2F443C ] KUsbGuard       C:\Program Files (x86)\kingsoft\kingsoft antivirus\kusbquery64.sys
13:39:17.0695 7656  KUsbGuard - ok
13:39:17.0732 7656  [ D475D06DE67A3A1D9AD9E632B4C1501C ] kxescore        c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe
13:39:17.0744 7656  kxescore - ok
13:39:17.0781 7656  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:39:17.0810 7656  LanmanServer - ok
13:39:17.0837 7656  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:39:17.0865 7656  LanmanWorkstation - ok
13:39:17.0992 7656  [ 70FB6254E29150A7A4A39FDFFD306C33 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:39:18.0011 7656  LBTServ - ok
13:39:18.0053 7656  [ 1470EF17E02E82E4F43346DF9E9F11E1 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:39:18.0064 7656  LHidFilt - ok
13:39:18.0078 7656  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:39:18.0107 7656  lltdio - ok
13:39:18.0145 7656  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:39:18.0176 7656  lltdsvc - ok
13:39:18.0196 7656  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:39:18.0225 7656  lmhosts - ok
13:39:18.0230 7656  [ 12814AE119E959437BEA3110F81BD188 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:39:18.0239 7656  LMouFilt - ok
13:39:18.0273 7656  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:39:18.0284 7656  LSI_FC - ok
13:39:18.0308 7656  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:39:18.0319 7656  LSI_SAS - ok
13:39:18.0339 7656  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:39:18.0349 7656  LSI_SAS2 - ok
13:39:18.0365 7656  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:39:18.0376 7656  LSI_SCSI - ok
13:39:18.0406 7656  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:39:18.0438 7656  luafv - ok
13:39:18.0492 7656  [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
13:39:18.0503 7656  LVRS64 - ok
13:39:18.0653 7656  [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
13:39:18.0732 7656  LVUVC64 - ok
13:39:18.0806 7656  [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
13:39:18.0822 7656  mbamchameleon - ok
13:39:18.0847 7656  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:39:18.0860 7656  Mcx2Svc - ok
13:39:18.0891 7656  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:39:18.0902 7656  megasas - ok
13:39:18.0916 7656  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:39:18.0929 7656  MegaSR - ok
13:39:18.0957 7656  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:39:18.0986 7656  MMCSS - ok
13:39:19.0004 7656  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:39:19.0033 7656  Modem - ok
13:39:19.0067 7656  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:39:19.0080 7656  monitor - ok
13:39:19.0119 7656  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:39:19.0129 7656  mouclass - ok
13:39:19.0157 7656  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:39:19.0168 7656  mouhid - ok
13:39:19.0206 7656  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:39:19.0217 7656  mountmgr - ok
13:39:19.0243 7656  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:39:19.0255 7656  mpio - ok
13:39:19.0274 7656  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:39:19.0302 7656  mpsdrv - ok
13:39:19.0353 7656  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:39:19.0402 7656  MpsSvc - ok
13:39:19.0430 7656  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:39:19.0445 7656  MRxDAV - ok
13:39:19.0477 7656  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:39:19.0488 7656  mrxsmb - ok
13:39:19.0505 7656  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:39:19.0518 7656  mrxsmb10 - ok
13:39:19.0534 7656  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:39:19.0546 7656  mrxsmb20 - ok
13:39:19.0574 7656  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:39:19.0584 7656  msahci - ok
13:39:19.0607 7656  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:39:19.0619 7656  msdsm - ok
13:39:19.0640 7656  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:39:19.0652 7656  MSDTC - ok
13:39:19.0659 7656  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:39:19.0687 7656  Msfs - ok
13:39:19.0701 7656  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:39:19.0729 7656  mshidkmdf - ok
13:39:19.0744 7656  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:39:19.0754 7656  msisadrv - ok
13:39:19.0788 7656  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:39:19.0818 7656  MSiSCSI - ok
13:39:19.0821 7656  msiserver - ok
13:39:19.0849 7656  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:39:19.0877 7656  MSKSSRV - ok
13:39:19.0884 7656  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:39:19.0912 7656  MSPCLOCK - ok
13:39:19.0927 7656  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:39:19.0955 7656  MSPQM - ok
13:39:19.0996 7656  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:39:20.0010 7656  MsRPC - ok
13:39:20.0025 7656  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:39:20.0036 7656  mssmbios - ok
13:39:20.0040 7656  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:39:20.0069 7656  MSTEE - ok
13:39:20.0081 7656  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:39:20.0093 7656  MTConfig - ok
13:39:20.0116 7656  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:39:20.0127 7656  Mup - ok
13:39:20.0167 7656  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:39:20.0198 7656  napagent - ok
13:39:20.0240 7656  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:39:20.0264 7656  NativeWifiP - ok
13:39:20.0319 7656  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:39:20.0347 7656  NDIS - ok
13:39:20.0368 7656  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:39:20.0397 7656  NdisCap - ok
13:39:20.0472 7656  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:39:20.0500 7656  NdisTapi - ok
13:39:20.0574 7656  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:39:20.0609 7656  Ndisuio - ok
13:39:20.0638 7656  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:39:20.0666 7656  NdisWan - ok
13:39:20.0697 7656  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:39:20.0724 7656  NDProxy - ok
13:39:20.0737 7656  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:39:20.0764 7656  NetBIOS - ok
13:39:20.0805 7656  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:39:20.0833 7656  NetBT - ok
13:39:20.0843 7656  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:39:20.0854 7656  Netlogon - ok
13:39:20.0886 7656  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:39:20.0917 7656  Netman - ok
13:39:20.0937 7656  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:39:20.0969 7656  netprofm - ok
13:39:20.0990 7656  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:39:21.0000 7656  NetTcpPortSharing - ok
13:39:21.0027 7656  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:39:21.0038 7656  nfrd960 - ok
13:39:21.0112 7656  [ 3A936AD705E1A20852DC6C694CB192F7 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
13:39:21.0122 7656  NitroReaderDriverReadSpool3 - ok
13:39:21.0154 7656  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:39:21.0167 7656  NlaSvc - ok
13:39:21.0233 7656  [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
13:39:21.0250 7656  NMIndexingService - ok
13:39:21.0266 7656  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:39:21.0295 7656  Npfs - ok
13:39:21.0317 7656  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:39:21.0346 7656  nsi - ok
13:39:21.0360 7656  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:39:21.0388 7656  nsiproxy - ok
13:39:21.0446 7656  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:39:21.0475 7656  Ntfs - ok
13:39:21.0483 7656  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:39:21.0510 7656  Null - ok
13:39:21.0541 7656  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:39:21.0553 7656  nvraid - ok
13:39:21.0567 7656  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:39:21.0579 7656  nvstor - ok
13:39:21.0605 7656  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:39:21.0616 7656  nv_agp - ok
13:39:21.0631 7656  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:39:21.0643 7656  ohci1394 - ok
13:39:21.0667 7656  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:39:21.0680 7656  p2pimsvc - ok
13:39:21.0702 7656  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:39:21.0716 7656  p2psvc - ok
13:39:21.0734 7656  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:39:21.0745 7656  Parport - ok
13:39:21.0768 7656  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:39:21.0779 7656  partmgr - ok
13:39:21.0791 7656  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:39:21.0808 7656  PcaSvc - ok
13:39:21.0829 7656  pccsmcfd - ok
13:39:21.0844 7656  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:39:21.0856 7656  pci - ok
13:39:21.0877 7656  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:39:21.0887 7656  pciide - ok
13:39:21.0909 7656  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:39:21.0921 7656  pcmcia - ok
13:39:21.0937 7656  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:39:21.0948 7656  pcw - ok
13:39:21.0971 7656  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:39:22.0004 7656  PEAUTH - ok
13:39:22.0051 7656  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:39:22.0073 7656  PeerDistSvc - ok
13:39:22.0154 7656  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:39:22.0166 7656  PerfHost - ok
13:39:22.0227 7656  [ FE8AF03EFEC0387FBBFCFD32E328DB9A ] phaudlwr        C:\Windows\system32\DRIVERS\phaudlwr.sys
13:39:22.0237 7656  phaudlwr - ok
13:39:22.0286 7656  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:39:22.0324 7656  pla - ok
13:39:22.0373 7656  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:39:22.0387 7656  PlugPlay - ok
13:39:22.0410 7656  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:39:22.0421 7656  PNRPAutoReg - ok
13:39:22.0438 7656  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:39:22.0452 7656  PNRPsvc - ok
13:39:22.0489 7656  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:39:22.0521 7656  PolicyAgent - ok
13:39:22.0552 7656  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:39:22.0582 7656  Power - ok
13:39:22.0620 7656  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:39:22.0648 7656  PptpMiniport - ok
13:39:22.0676 7656  PQNTDrv - ok
13:39:22.0698 7656  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:39:22.0709 7656  Processor - ok
13:39:22.0746 7656  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:39:22.0759 7656  ProfSvc - ok
13:39:22.0767 7656  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:39:22.0779 7656  ProtectedStorage - ok
13:39:22.0817 7656  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:39:22.0844 7656  Psched - ok
13:39:22.0894 7656  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:39:22.0924 7656  ql2300 - ok
13:39:22.0939 7656  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:39:22.0951 7656  ql40xx - ok
13:39:23.0034 7656  QQPCRTP - ok
13:39:23.0048 7656  QQSysMonX64 - ok
13:39:23.0103 7656  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:39:23.0121 7656  QWAVE - ok
13:39:23.0133 7656  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:39:23.0148 7656  QWAVEdrv - ok
13:39:23.0201 7656  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
13:39:23.0212 7656  RapiMgr - ok
13:39:23.0224 7656  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:39:23.0251 7656  RasAcd - ok
13:39:23.0284 7656  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:39:23.0313 7656  RasAgileVpn - ok
13:39:23.0326 7656  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:39:23.0356 7656  RasAuto - ok
13:39:23.0383 7656  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:39:23.0410 7656  Rasl2tp - ok
13:39:23.0428 7656  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:39:23.0458 7656  RasMan - ok
13:39:23.0482 7656  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:39:23.0511 7656  RasPppoe - ok
13:39:23.0520 7656  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:39:23.0549 7656  RasSstp - ok
13:39:23.0580 7656  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:39:23.0609 7656  rdbss - ok
13:39:23.0623 7656  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:39:23.0636 7656  rdpbus - ok
13:39:23.0647 7656  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:39:23.0674 7656  RDPCDD - ok
13:39:23.0715 7656  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:39:23.0727 7656  RDPDR - ok
13:39:23.0755 7656  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:39:23.0783 7656  RDPENCDD - ok
13:39:23.0787 7656  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:39:23.0816 7656  RDPREFMP - ok
13:39:23.0853 7656  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:39:23.0863 7656  RdpVideoMiniport - ok
13:39:23.0897 7656  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:39:23.0909 7656  RDPWD - ok
13:39:23.0940 7656  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:39:23.0953 7656  rdyboost - ok
13:39:23.0975 7656  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:39:24.0005 7656  RemoteAccess - ok
13:39:24.0040 7656  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:39:24.0072 7656  RemoteRegistry - ok
13:39:24.0112 7656  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:39:24.0125 7656  RFCOMM - ok
13:39:24.0162 7656  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:39:24.0191 7656  RpcEptMapper - ok
13:39:24.0210 7656  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:39:24.0221 7656  RpcLocator - ok
13:39:24.0259 7656  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:39:24.0290 7656  RpcSs - ok
13:39:24.0330 7656  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:39:24.0358 7656  rspndr - ok
13:39:24.0388 7656  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:39:24.0398 7656  s3cap - ok
13:39:24.0418 7656  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:39:24.0429 7656  SamSs - ok
13:39:24.0446 7656  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:39:24.0457 7656  sbp2port - ok
13:39:24.0471 7656  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:39:24.0501 7656  SCardSvr - ok
13:39:24.0558 7656  [ B00BCE3D99FE7CE29C6E873AC62F450E ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
13:39:24.0568 7656  SCDEmu - ok
13:39:24.0597 7656  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:39:24.0624 7656  scfilter - ok
13:39:24.0669 7656  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:39:24.0706 7656  Schedule - ok
13:39:24.0729 7656  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:39:24.0756 7656  SCPolicySvc - ok
13:39:24.0784 7656  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:39:24.0796 7656  SDRSVC - ok
13:39:24.0832 7656  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:39:24.0860 7656  secdrv - ok
13:39:24.0892 7656  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:39:24.0920 7656  seclogon - ok
13:39:24.0952 7656  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:39:24.0982 7656  SENS - ok
13:39:24.0995 7656  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:39:25.0007 7656  SensrSvc - ok
13:39:25.0021 7656  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:39:25.0032 7656  Serenum - ok
13:39:25.0045 7656  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:39:25.0057 7656  Serial - ok
13:39:25.0077 7656  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:39:25.0088 7656  sermouse - ok
13:39:25.0123 7656  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:39:25.0151 7656  SessionEnv - ok
13:39:25.0166 7656  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:39:25.0178 7656  sffdisk - ok
13:39:25.0187 7656  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:39:25.0199 7656  sffp_mmc - ok
13:39:25.0207 7656  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:39:25.0220 7656  sffp_sd - ok
13:39:25.0232 7656  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:39:25.0243 7656  sfloppy - ok
13:39:25.0276 7656  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:39:25.0307 7656  SharedAccess - ok
13:39:25.0326 7656  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:39:25.0357 7656  ShellHWDetection - ok
13:39:25.0383 7656  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:39:25.0393 7656  SiSRaid2 - ok
13:39:25.0404 7656  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:39:25.0415 7656  SiSRaid4 - ok
13:39:25.0470 7656  [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:39:25.0479 7656  SkypeUpdate - ok
13:39:25.0511 7656  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:39:25.0539 7656  Smb - ok
13:39:25.0569 7656  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:39:25.0581 7656  SNMPTRAP - ok
13:39:25.0710 7656  [ B0D84C0756B2C4A6965DB7DE730AD635 ] SPC1000         C:\Windows\system32\DRIVERS\spc1000.sys
13:39:25.0751 7656  SPC1000 - ok
13:39:25.0760 7656  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:39:25.0770 7656  spldr - ok
13:39:25.0800 7656  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:39:25.0815 7656  Spooler - ok
13:39:25.0917 7656  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:39:25.0981 7656  sppsvc - ok
13:39:26.0001 7656  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:39:26.0031 7656  sppuinotify - ok
13:39:26.0070 7656  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:39:26.0083 7656  srv - ok
13:39:26.0103 7656  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:39:26.0117 7656  srv2 - ok
13:39:26.0134 7656  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:39:26.0146 7656  srvnet - ok
13:39:26.0184 7656  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:39:26.0214 7656  SSDPSRV - ok
13:39:26.0228 7656  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
13:39:26.0236 7656  SSPORT - ok
13:39:26.0246 7656  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:39:26.0275 7656  SstpSvc - ok
13:39:26.0310 7656  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:39:26.0320 7656  stexstor - ok
13:39:26.0374 7656  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:39:26.0399 7656  stisvc - ok
13:39:26.0440 7656  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:39:26.0450 7656  storflt - ok
13:39:26.0485 7656  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:39:26.0495 7656  storvsc - ok
13:39:26.0529 7656  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:39:26.0539 7656  swenum - ok
13:39:26.0557 7656  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:39:26.0590 7656  swprv - ok
13:39:26.0612 7656  Synth3dVsc - ok
13:39:26.0683 7656  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:39:26.0723 7656  SysMain - ok
13:39:26.0755 7656  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:39:26.0771 7656  TabletInputService - ok
13:39:26.0818 7656  [ A8D3F11BC8F37C3D7D026C3E1219B5AC ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:39:26.0827 7656  tap0901 - ok
13:39:26.0843 7656  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:39:26.0873 7656  TapiSrv - ok
13:39:26.0920 7656  [ F7CABF86615803051D586FBF4D916048 ] tapSF0901       C:\Windows\system32\DRIVERS\tapSF0901.sys
13:39:26.0929 7656  tapSF0901 - ok
13:39:26.0951 7656  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:39:26.0981 7656  TBS - ok
13:39:27.0041 7656  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:39:27.0074 7656  Tcpip - ok
13:39:27.0107 7656  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:39:27.0139 7656  TCPIP6 - ok
13:39:27.0170 7656  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:39:27.0182 7656  tcpipreg - ok
13:39:27.0211 7656  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:39:27.0222 7656  TDPIPE - ok
13:39:27.0248 7656  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:39:27.0258 7656  TDTCP - ok
13:39:27.0301 7656  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:39:27.0328 7656  tdx - ok
13:39:27.0362 7656  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:39:27.0373 7656  TermDD - ok
13:39:27.0409 7656  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:39:27.0442 7656  TermService - ok
13:39:27.0487 7656  [ 2E435EF337679AA45AD0307B86256062 ] TesSafe         C:\Windows\system32\TesSafe.sys
13:39:27.0498 7656  TesSafe - ok
13:39:27.0521 7656  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:39:27.0538 7656  Themes - ok
13:39:27.0566 7656  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:39:27.0595 7656  THREADORDER - ok
13:39:27.0632 7656  [ 8021F63311797085949FA387F7C83583 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
13:39:27.0640 7656  tosporte - ok
13:39:27.0685 7656  [ 58E3F35AECD7BD5FCC1BD198B4AD354F ] Tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
13:39:27.0696 7656  Tosrfbd - ok
13:39:27.0749 7656  [ 9E4E65EA51E34647340BD6007467AC54 ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
13:39:27.0758 7656  Tosrfcom - ok
13:39:27.0772 7656  [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
13:39:27.0780 7656  Tosrfhid - ok
13:39:27.0801 7656  [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
13:39:27.0804 7656  TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
13:39:27.0804 7656  TosRfSnd - detected UnsignedFile.Multi.Generic (1)
13:39:27.0817 7656  [ 7A0048693F98460FF537BE31C741B927 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
13:39:27.0825 7656  Tosrfusb - ok
13:39:27.0859 7656  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
13:39:27.0870 7656  TPM - ok
13:39:27.0911 7656  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:39:27.0941 7656  TrkWks - ok
13:39:27.0994 7656  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:39:28.0021 7656  TrustedInstaller - ok
13:39:28.0027 7656  TsFltMgr - ok
13:39:28.0056 7656  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:39:28.0083 7656  tssecsrv - ok
13:39:28.0109 7656  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:39:28.0120 7656  TsUsbFlt - ok
13:39:28.0123 7656  tsusbhub - ok
13:39:28.0156 7656  [ A67E705F93E4664026D8F40E8EC83555 ] TSysCare        C:\Windows\system32\Drivers\TSysCare64.sys
13:39:28.0164 7656  TSysCare - ok
13:39:28.0216 7656  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:39:28.0244 7656  tunnel - ok
13:39:28.0271 7656  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:39:28.0282 7656  uagp35 - ok
13:39:28.0313 7656  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:39:28.0342 7656  udfs - ok
13:39:28.0368 7656  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:39:28.0380 7656  UI0Detect - ok
13:39:28.0408 7656  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:39:28.0418 7656  uliagpkx - ok
13:39:28.0473 7656  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:39:28.0490 7656  umbus - ok
13:39:28.0507 7656  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:39:28.0522 7656  UmPass - ok
13:39:28.0557 7656  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
13:39:28.0576 7656  UmRdpService - ok
13:39:28.0679 7656  [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
13:39:28.0690 7656  UnlockerDriver5 - ok
13:39:28.0713 7656  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:39:28.0749 7656  upnphost - ok
13:39:28.0807 7656  [ 0835843DE85ACBD7D5C6CF887E8876B7 ] USB28xxBGA      C:\Windows\system32\DRIVERS\emBDA64.sys
13:39:28.0820 7656  USB28xxBGA - ok
13:39:28.0842 7656  [ C95A614A4DC06DCFC3DA7B15F299F827 ] USB28xxOEM      C:\Windows\system32\DRIVERS\emOEM64.sys
13:39:28.0855 7656  USB28xxOEM - ok
13:39:28.0896 7656  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:39:28.0908 7656  usbaudio - ok
13:39:28.0921 7656  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:39:28.0931 7656  usbccgp - ok
13:39:28.0976 7656  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:39:28.0989 7656  usbcir - ok
13:39:29.0003 7656  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:39:29.0014 7656  usbehci - ok
13:39:29.0037 7656  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:39:29.0050 7656  usbhub - ok
13:39:29.0063 7656  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:39:29.0073 7656  usbohci - ok
13:39:29.0114 7656  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:39:29.0127 7656  usbprint - ok
13:39:29.0148 7656  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:39:29.0159 7656  USBSTOR - ok
13:39:29.0184 7656  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:39:29.0194 7656  usbuhci - ok
13:39:29.0233 7656  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:39:29.0247 7656  usbvideo - ok
13:39:29.0276 7656  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:39:29.0305 7656  UxSms - ok
13:39:29.0311 7656  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:39:29.0322 7656  VaultSvc - ok
13:39:29.0351 7656  [ D7FCD8FBBF6CC93140D9C7C7959ED60C ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
13:39:29.0364 7656  VBoxDrv - ok
13:39:29.0380 7656  [ 6B22F16BE58AEF1A57970611D7109507 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
13:39:29.0390 7656  VBoxNetAdp - ok
13:39:29.0400 7656  [ 10DD814DA2F2064F53B9694E30FF45A4 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
13:39:29.0410 7656  VBoxNetFlt - ok
13:39:29.0431 7656  [ 812C2E4EC41CFCACE761620E17463529 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
13:39:29.0441 7656  VBoxUSBMon - ok
13:39:29.0485 7656  [ 389AB97570E7F25192CA18B6348C904F ] VComm           C:\Windows\system32\DRIVERS\VComm.sys
13:39:29.0493 7656  VComm - ok
13:39:29.0501 7656  [ 72F11B412446FAAF95B156A6B781502C ] VcommMgr        C:\Windows\system32\Drivers\VcommMgr.sys
13:39:29.0509 7656  VcommMgr - ok
13:39:29.0544 7656  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:39:29.0554 7656  vdrvroot - ok
13:39:29.0591 7656  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:39:29.0623 7656  vds - ok
13:39:29.0655 7656  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:39:29.0674 7656  vga - ok
13:39:29.0693 7656  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:39:29.0723 7656  VgaSave - ok
13:39:29.0727 7656  VGPU - ok
13:39:29.0752 7656  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:39:29.0765 7656  vhdmp - ok
13:39:29.0792 7656  [ F3678125BFF5615B087EA7F4BD363370 ] VHidMinidrv     C:\Windows\system32\drivers\VHIDMini.sys
13:39:29.0800 7656  VHidMinidrv - ok
13:39:29.0818 7656  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:39:29.0828 7656  viaide - ok
13:39:29.0860 7656  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:39:29.0872 7656  vmbus - ok
13:39:29.0893 7656  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:39:29.0903 7656  VMBusHID - ok
13:39:29.0965 7656  [ B2E25DB5A6A178C056342ABD747B7326 ] vmm             C:\Windows\system32\Treiber\vmm.sys
13:39:29.0981 7656  vmm - ok
13:39:29.0996 7656  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:39:30.0007 7656  volmgr - ok
13:39:30.0044 7656  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:39:30.0058 7656  volmgrx - ok
13:39:30.0076 7656  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:39:30.0091 7656  volsnap - ok
13:39:30.0113 7656  [ 6BDCA00FC57CC40DA3C8E88B2CEA21AB ] VPCNetS2        C:\Windows\system32\DRIVERS\VMNetSrv.sys
13:39:30.0123 7656  VPCNetS2 - ok
13:39:30.0162 7656  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:39:30.0173 7656  vsmraid - ok
13:39:30.0224 7656  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:39:30.0264 7656  VSS - ok
13:39:30.0281 7656  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:39:30.0294 7656  vwifibus - ok
13:39:30.0328 7656  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:39:30.0359 7656  W32Time - ok
13:39:30.0379 7656  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:39:30.0390 7656  WacomPen - ok
13:39:30.0436 7656  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:39:30.0463 7656  WANARP - ok
13:39:30.0467 7656  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:39:30.0494 7656  Wanarpv6 - ok
13:39:30.0547 7656  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:39:30.0570 7656  wbengine - ok
13:39:30.0589 7656  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:39:30.0606 7656  WbioSrvc - ok
13:39:30.0728 7656  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
13:39:30.0748 7656  WcesComm - ok
13:39:30.0874 7656  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:39:30.0900 7656  wcncsvc - ok
13:39:30.0917 7656  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:39:30.0930 7656  WcsPlugInService - ok
13:39:30.0948 7656  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:39:30.0959 7656  Wd - ok
13:39:30.0996 7656  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:39:31.0017 7656  Wdf01000 - ok
13:39:31.0026 7656  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:39:31.0044 7656  WdiServiceHost - ok
13:39:31.0048 7656  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:39:31.0064 7656  WdiSystemHost - ok
13:39:31.0098 7656  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:39:31.0115 7656  WebClient - ok
13:39:31.0134 7656  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:39:31.0164 7656  Wecsvc - ok
13:39:31.0186 7656  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:39:31.0215 7656  wercplsupport - ok
13:39:31.0239 7656  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:39:31.0269 7656  WerSvc - ok
13:39:31.0296 7656  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:39:31.0324 7656  WfpLwf - ok
13:39:31.0339 7656  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:39:31.0349 7656  WIMMount - ok
13:39:31.0379 7656  WinDefend - ok
13:39:31.0383 7656  WinHttpAutoProxySvc - ok
13:39:31.0432 7656  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:39:31.0470 7656  Winmgmt - ok
13:39:31.0530 7656  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:39:31.0574 7656  WinRM - ok
13:39:31.0639 7656  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:39:31.0657 7656  WinUsb - ok
13:39:31.0697 7656  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:39:31.0719 7656  Wlansvc - ok
13:39:31.0853 7656  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:39:31.0895 7656  wlidsvc - ok
13:39:31.0938 7656  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:39:31.0948 7656  WmiAcpi - ok
13:39:31.0982 7656  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:39:31.0994 7656  wmiApSrv - ok
13:39:32.0035 7656  WMPNetworkSvc - ok
13:39:32.0056 7656  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:39:32.0068 7656  WPCSvc - ok
13:39:32.0105 7656  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:39:32.0118 7656  WPDBusEnum - ok
13:39:32.0145 7656  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:39:32.0173 7656  ws2ifsl - ok
13:39:32.0191 7656  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:39:32.0207 7656  wscsvc - ok
13:39:32.0210 7656  WSearch - ok
13:39:32.0278 7656  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:39:32.0315 7656  wuauserv - ok
13:39:32.0342 7656  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:39:32.0352 7656  WudfPf - ok
13:39:32.0384 7656  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:39:32.0396 7656  WUDFRd - ok
13:39:32.0415 7656  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:39:32.0427 7656  wudfsvc - ok
13:39:32.0448 7656  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:39:32.0464 7656  WwanSvc - ok
13:39:32.0535 7656  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:39:32.0549 7656  YahooAUService - ok
13:39:32.0586 7656  [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
13:39:32.0588 7656  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
13:39:32.0588 7656  Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
13:39:32.0631 7656  ================ Scan global ===============================
13:39:32.0648 7656  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:39:32.0673 7656  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
13:39:32.0679 7656  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
13:39:32.0701 7656  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:39:32.0730 7656  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:39:32.0733 7656  [Global] - ok
13:39:32.0733 7656  ================ Scan MBR ==================================
13:39:32.0747 7656  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:39:33.0139 7656  \Device\Harddisk0\DR0 - ok
13:39:33.0139 7656  ================ Scan VBR ==================================
13:39:33.0273 7656  [ 7F8BEAF9F355FB8EA3923BF5AFDD2208 ] \Device\Harddisk0\DR0\Partition1
13:39:33.0291 7656  \Device\Harddisk0\DR0\Partition1 - ok
13:39:33.0292 7656  ============================================================
13:39:33.0292 7656  Scan finished
13:39:33.0292 7656  ============================================================
13:39:33.0301 2736  Detected object count: 4
13:39:33.0301 2736  Actual detected object count: 4
13:39:36.0975 2736  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:36.0975 2736  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:36.0977 2736  BsHelpCS ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:36.0977 2736  BsHelpCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:36.0978 2736  TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:36.0979 2736  TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:36.0980 2736  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:36.0980 2736  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Passt.
nutzt ihr eig Wlan, wenn ja wie ist die Verschlüsselung? also zb WPA, WPA2 oder WEP
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Die Verslüsselung ist auf WPA2 eingestellt, der Schlüssel hat 16 Stellen. Combofix läuft noch, ich schreibe dies von einem anderen Rechnner aus.

ok.
wenn wir pech haben müssen wir die uns auch noch ansehen, der sieht erst mal ok aus bisher

ist eine Fritzbox 7270

So Combofix ist fertig:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 13-05-29.01 - root 29.05.2013  13:51:38.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1033.18.7391.5320 [GMT 2:00]
ausgeführt von:: c:\users\dk\Desktop\ComboFix.exe
AV: Kingsoft Antivirus System Defense *Disabled/Updated* {B6A51389-A795-5AC9-13BA-F569D73F3FE8}
SP: Kingsoft Antivirus System Defense *Disabled/Updated* {0DC4F26D-81AF-5547-290A-CE1BACB87555}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\dk\AppData\Roaming\004D5649544E41696E66
c:\users\root\AppData\Roaming\004D5649544E41696E66
c:\users\root\AppData\Roaming\0408002700AC0C
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\AuthFWSnapIn.Resources.dll
c:\windows\SysWow64\pt\AuthFWWizFwk.Resources.dll
c:\windows\vspc1000.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TESSAFE
-------\Service_TesSafe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-29  ))))))))))))))))))))))))))))))
.
.
2013-05-28 22:25 . 2013-05-28 22:41	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-05-28 22:24 . 2013-05-28 22:24	36680	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-05-28 15:58 . 2013-05-28 16:25	--------	d-----w-	c:\users\root\AppData\Roaming\QuickStoresToolbar
2013-05-28 15:58 . 2013-05-28 16:00	--------	d-----w-	c:\program files\Unlocker
2013-05-28 15:05 . 2013-05-28 15:05	--------	d-----w-	c:\users\root\AppData\Local\Diagnostics
2013-05-25 23:36 . 2013-05-25 23:36	--------	d-----w-	c:\program files (x86)\Symantec
2013-05-22 19:23 . 2013-05-22 19:38	--------	d--h--w-	c:\windows\AxInstSV
2013-05-18 18:50 . 2013-05-18 18:50	5191704	----a-w-	c:\windows\system32\GooglePinyin2.ime
2013-05-18 18:50 . 2013-05-18 18:50	3460120	----a-w-	c:\windows\SysWow64\GooglePinyin2.ime
2013-05-18 18:50 . 2013-05-18 18:50	--------	d-----w-	c:\program files (x86)\Google
2013-05-18 16:46 . 2013-05-18 16:46	--------	d-----w-	c:\program files (x86)\yy
2013-05-05 17:28 . 2013-05-05 17:38	--------	d-----w-	c:\programdata\NCH Swift Sound
2013-05-05 17:25 . 2013-05-05 17:25	--------	d-----w-	c:\program files (x86)\NCH Software
2013-05-05 17:25 . 2013-05-05 17:49	--------	d-----w-	c:\program files (x86)\NCH Swift Sound
2013-05-05 17:18 . 2013-05-05 17:38	--------	d-----w-	c:\users\dk\AppData\Roaming\NCH Swift Sound
2013-05-05 17:18 . 2013-05-05 17:18	--------	d-----w-	c:\users\root\AppData\Roaming\NCH Swift Sound
2013-05-05 16:38 . 2013-05-05 16:38	--------	d-----w-	c:\programdata\NCH Software
2013-05-05 16:38 . 2013-05-05 16:59	--------	d-----w-	c:\users\dk\AppData\Roaming\NCH Software
2013-05-05 09:34 . 2013-05-05 09:34	--------	d-----w-	c:\users\root\AppData\Local\bluesoleil
2013-05-03 08:02 . 2013-05-03 08:02	--------	d-----w-	c:\users\dk\AppData\Local\4Neurons
2013-05-02 20:46 . 2013-05-02 20:46	--------	d-----w-	c:\users\root\AppData\Roaming\Babylon
2013-05-02 20:46 . 2013-05-02 20:46	--------	d-----w-	c:\programdata\Babylon
2013-04-30 11:07 . 2013-04-30 11:07	--------	d-----w-	c:\programdata\KRSHistory
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-28 14:37 . 2013-03-23 09:17	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-05-26 09:03 . 2013-01-07 08:04	18760	----a-w-	c:\windows\SysWow64\QQVistaHelper.dll
2013-05-01 10:10 . 2012-07-17 13:37	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-15 10:54 . 2013-04-15 10:54	723230	----a-w-	c:\windows\unins000.exe
2013-04-04 12:50 . 2013-01-16 14:52	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-04-03 19:20 . 2013-04-03 18:36	163920	----a-w-	c:\windows\system32\TesSafe.sys
2013-03-29 13:29 . 2013-01-08 02:09	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-29 13:29 . 2013-01-08 02:09	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-26 16:23 . 2013-04-10 14:52	29712	----a-w-	c:\windows\system32\nitrolocalmon2.dll
2013-03-26 16:23 . 2013-04-10 14:52	17936	----a-w-	c:\windows\system32\nitrolocalui2.dll
2013-03-23 09:22 . 2013-03-23 09:22	53248	----a-r-	c:\users\root\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-03-07 11:21 . 2013-03-07 11:21	38664	----a-w-	c:\windows\system32\drivers\tapSF0901.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A8502600-B272-4F68-A67B-A0305D46D297}]
2013-02-04 03:21	217520	----a-w-	c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DownloadIcon]
@="{A8502600-B272-4F68-A67B-A0305D46D297}"
[HKEY_CLASSES_ROOT\CLSID\{A8502600-B272-4F68-A67B-A0305D46D297}]
2013-02-04 03:21	217520	----a-w-	c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"QTalk"="c:\program files (x86)\Tencent\QTalk\V3.8.6\Bin\QTalk.exe" [2013-05-26 305176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"kxesc"="c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" [2013-01-06 1595056]
"BtTray"="c:\program files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [2009-09-02 315478]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
   Ime File	REG_SZ         	GOOGLEPINYIN2.IME
.
R0 TsFltMgr;tencent TsFltMgr;c:\windows\System32\drivers\TsFltMgr.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 QQSysMonX64;QQSysMonX64;c:\program files (x86)\Tencent\QQPCMgr\7.3.8128.217\QQSysMonX64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 IvtAudioBusSrv;IvtAudioBusSrv;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 30344]
R3 IvtComBusSrv;IvtComBusSrv;c:\windows\system32\Drivers\btcombus.sys [x]
R3 IvtPanBusSrv;IvtPanBusSrv;c:\windows\system32\Drivers\btnetBus.sys [2009-08-26 34440]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-05-28 36680]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys [2009-10-20 114608]
R3 QTService;QTService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SPC1000;USB2.0 PC Camera (SPC1000);c:\windows\system32\DRIVERS\spc1000.sys [2007-12-04 3249024]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;tsusbhub [x]
R4 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-03-26 230416]
R4 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\7.3.8128.217\QQPCRtp.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-08-26 24840]
S0 kavbootc;kavbootc;c:\windows\system32\drivers\kavbootc64.sys [2013-01-06 31848]
S1 KDHacker;KDHacker;c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [2013-01-06 164696]
S2 kisknl;kisknl;c:\windows\system32\drivers\kisknl.sys [2013-01-06 210296]
S2 kxescore;Kingsoft Core Service;c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [2013-01-06 123992]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-08-26 34440]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k60x64.sys [2009-06-10 220672]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 30344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
S3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
S3 tapSF0901;Spotflux TAP Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys [2013-03-07 38664]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
QTService	REG_MULTI_SZ   	QTService
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 13:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8502600-B272-4F68-A67B-A0305D46D298}]
2013-02-04 03:21	330160	----a-w-	c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DownloadIcon]
@="{A8502600-B272-4F68-A67B-A0305D46D298}"
[HKEY_CLASSES_ROOT\CLSID\{A8502600-B272-4F68-A67B-A0305D46D298}]
2013-02-04 03:21	330160	----a-w-	c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.de
mStart Page = www.google.de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: ???????? - c:\program files (x86)\Youdao\YNote\ieext_menu.htm
IE: {{65D09F88-CE18-4A95-B8AF-311C3311DB03} - c:\program files (x86)\Youdao\YNote\ieext_btn.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
DPF: {3ABECEEC-DD81-4511-A7FD-B3B657B64892} - hxxp://3gsoft.gtimg.com/sd/resource/cobrahall/2013/01/17/15/QQGameAssist.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-45273463.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{A8502600-B272-4F68-A67B-A0305D46D297}"=hex:51,66,7a,6c,4c,1d,38,12,6e,25,43,
   ac,40,fc,06,0a,d9,6d,e3,70,58,18,96,83
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6e,75,a6,3f,b4,01,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,29,d5,2b,1a,7f,97,4d,bf,e1,82,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,29,d5,2b,1a,7f,97,4d,bf,e1,82,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MenuExt\ûm*R0RQ*Q*hˆÅ`]
"contexts"=dword:00000002
@="c:\\Program Files (x86)\\Tencent\\TM2008\\Bin\\AddEmotion.htm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Q*Q*8nb]
"DisplayName"="QQ??"
"UninstallString"="c:\\Program Files (x86)\\Tencent\\QQGame\\Uninstall.EXE"
"Publisher"="????"
"DisplayIcon"="c:\\Program Files (x86)\\Tencent\\QQGame\\QQGame.EXE"
"DisplayVersion"="3.0.110.53"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files (x86)\spotflux\.\spotflux.exe
c:\program files (x86)\Google\Google Pinyin 2\GooglePinyinDaemon.exe
c:\program files (x86)\Google\Google Pinyin 2\GooglePinyinService.exe
c:\program files (x86)\Java\jre7\bin\javaw.exe
c:\program files (x86)\spotflux\openvpn.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-29  17:42:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-05-29 15:42
.
Vor Suchlauf: 10 Verzeichnis(se), 273.216.851.968 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 272.398.589.952 Bytes frei
.
- - End Of File - - 3768933A04D8C453DBF246A6FC6BE1D2
         

hatte dein antimalware programm eigendlich mal Funde, wenn ja, kannst du die posten?

nein, hatte keine Funde, allerdings hatte ich sie vor dem scan deaktiviert. Endlich mal? Du hältsts nichs von Kingsoft?

nein ich wollte nur allgemein wissen, obs Funde hatte.
malwarebytes:
Downloade Dir bitte Malwarebytes

• Installiere
  das Programm in den vorgegebenen Pfad.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Starte Malwarebytes, klicke auf Aktualisierung --> Suche
  nach Aktualisierung
• Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
• Wenn der Scan beendet
  ist, klicke auf Ergebnisse anzeigen.
• Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
• Poste
  das Logfile, welches sich in Notepad öffnet, hier in den Thread.
• Nachträglich kannst du den Bericht unter "Log Dateien" finden.

mbam ist jetzt auch fertig:

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.29.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16438
root :: W7 [Administrator]

29.05.2013 22:09:11
mbam-log-2013-05-29 (22-09-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 958970
Laufzeit: 3 Stunde(n), 2 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

sieht gut aus.
Gibts an dem PC auffälligkeiten?

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Auffälligkeiten:

Programme lassen sich nicht in den Vordergrund bringen und auch nicht schließen. Letzteres nur über die Taskleiste.

Das Youdao dict verschwindet häufig.

Copy und paste nicht möglich.

Im Editor geht die Funktion Suchen&Ersetzen nicht.

was mir bis jetzt so aufgeallen ist.

Code: Alles auswählenAufklappen

ATTFilter

Ja	HKCU:Run	BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}	Nero AG	"C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" - unnötig
Nein	HKCU:Run	ICQ	ICQ, LLC.	"C:\Program Files (x86)\ICQ7.4\ICQ.exe" silent loginmode=4 - unnötig
Nein	HKCU:Run	Messenger (Yahoo!)	Yahoo! Inc.	"C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet - unnötig
Nein	HKCU:Run	msnmsgr		"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background - unnötig
Ja	HKCU:Run	QQIntl	Tencent Technology(Shenzhen) Company Limited	"C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe" /background - notwendig
Ja	HKCU:Run	QTalk		"C:\Program Files (x86)\Tencent\QTalk\V3.8.4\Bin\QTalk.exe" /background - notwendig
Ja	HKCU:Run	Sidebar	Microsoft Corporation	C:\Program Files\Windows Sidebar\sidebar.exe /autoRun - notwendig
Ja	HKCU:Run	thebat_startup	Ritlabs S.R.L.	C:\Program Files (x86)\The Bat!\thebat.exe /minimize - notwendig
Ja	HKCU:Run	TM	Tencent	"C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe" /background - notwendig
Nein	HKCU:Run	Yahoo! Pager	Yahoo! Inc.	"C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet - unnötig
Nein	HKCU:Run	ynote	NetEase	"C:\Program Files (x86)\Youdao\YNote\RunYNote.exe" hide - notwendig
Ja	HKCU:Run	YodaoDict	网易公司	"C:\Users\dk\AppData\Local\Youdao\Dict\Application\YodaoDict.exe" -hide -autostart - notwendig
Nein	HKCU:Run	Yontoo Desktop		"C:\Users\root\AppData\Roaming\Yontoo\YontooDesktop.exe" - notwendig
Ja	HKLM:Run	BtTray	IVT Corporation	"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" - notwendig
Nein	HKLM:Run	EvtMgr6	Logitech, Inc.	C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming - notwendig
Ja	HKLM:Run	HotKeysCmds	Intel Corporation	C:\Windows\system32\hkcmd.exe - notwendig
Nein	HKLM:Run	IgfxTray	Intel Corporation	C:\Windows\system32\igfxtray.exe - notwendig
Nein	HKLM:Run	ITSecMng		%ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START - notwendig
Ja	HKLM:Run	kxesc	Kingsoft Corporation	"c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun - notwendig
Nein	HKLM:Run	MessengerPlusForSkypeService		"C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" - unnötig
Ja	HKLM:Run	Persistence	Intel Corporation	C:\Windows\system32\igfxpers.exe - notwendig
Nein	HKLM:Run	PlusService		C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe - unnötig
Nein	HKLM:Run	PWRISOVM.EXE	PowerISO Computing, Inc.	C:\Program Files (x86)\PowerISO\PWRISOVM.EXE - notwendig
Nein	HKLM:Run	QQPCTray		"C:\Program Files (x86)\Tencent\QQPCMgr\7.3.8128.217\QQPCTray.exe"  /regrun - notwendig
Nein	HKLM:Run	QvodTerminal	Shenzhen QVOD Technology Co.,Ltd	"C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun - notwendig
Nein	HKLM:Run	Samsung PanelMgr		C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun - notwendig
Nein	HKLM:Run	spc1000		C:\Windows\vspc1000.exe - unnötig
Nein	HKLM:Run	SunJavaUpdateSched	Sun Microsystems, Inc.	"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" - notwendig
Ja	HKLM:Run	Windows Mobile Device Center	Microsoft Corporation	%windir%\WindowsMobile\wmdc.exe - notwendig
Nein	Startup Common	Bluetooth Manager.lnk		C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe  - notwendig
Nein	Startup Common	PS Monitor 1.30.lnk		C:\PROGRA~2\PSMONI~1\PsMon.exe  - notwendig
         

ok
HitmanPro - Download - Filepony

Hitmanpro laden, doppelklick, scan.
Nichts löschen, weiter.
Log speichern, bzw als xml exportieren, dann posten bzw packen und anhängen

Entschuldige, daß alles immer so lange baucht... morgen habe ich keine Zeit, Ich werde den ganzen Tag unterwegs sein.

Hier jetzt das Log von HitmanPro:

Code: Alles auswählenAufklappen

ATTFilter

HitmanPro 3.7.5.199
www.hitmanpro.com

   Computer name . . . . : W7
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : w7\root
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2013-05-30 17:57:09
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 9s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 19
   Traces  . . . . . . . : 672

   Objects scanned . . . : 3.654.156
   Files scanned . . . . : 77.729
   Remnants scanned  . . : 1.830.004 files / 1.746.423 keys

Malware _____________________________________________________________________

   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll -> Quarantined
      Size . . . . . . . : 459.264 bytes
      Age  . . . . . . . : 75.8 days (2013-03-15 21:59:34)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : F02FC92E94E2CCA17DC9AECF08C8C115C92E46B9D218D382E87697DAEC421231
    > Emsisoft . . . . . : Adware.Win32.Yontoo.AMN!A2
      Fuzzy  . . . . . . : 98.0
      Forensic Cluster
         -5.3s C:\ProgramData\Tarma Installer\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache\
         -0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\
         -0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
         -0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
         -0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache\
          0.1s C:\Program Files (x86)\Yontoo\
          0.1s C:\Program Files (x86)\Yontoo\sqlite3.exe
          0.1s C:\Users\root\AppData\Roaming\Yontoo\
          0.1s C:\Users\root\AppData\Roaming\Yontoo\YontooDesktop.exe
          0.1s C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
          3.2s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
          3.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
          5.9s C:\Users\root\AppData\Roaming\Yontoo\dat\update\
          5.9s C:\Users\root\AppData\Roaming\Yontoo\dat\
         12.4s C:\Users\root\AppData\Roaming\Yontoo\dat\Desktop.OS.dll
         28.5s C:\Users\root\AppData\Roaming\Yontoo\PlugIns.cache
         29.1s C:\Users\root\AppData\Roaming\Yontoo\dat\HeartBeat.dat


Potential Unwanted Programs _________________________________________________

   C:\Program Files (x86)\Yontoo\ (Yontoo)
   C:\Program Files (x86)\Yontoo\sqlite3.exe (Yontoo)
      Size . . . . . . . : 465.408 bytes
      Age  . . . . . . . : 75.8 days (2013-03-15 21:59:34)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : F7B2783B68E6B991EEDAB07F6B2BFF0E6594E19AD470EDAA89618BC9ED367B3C
      Fuzzy  . . . . . . : 6.0
      Forensic Cluster
         -5.3s C:\ProgramData\Tarma Installer\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache\
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache\
         -0.0s C:\Program Files (x86)\Yontoo\
          0.0s C:\Program Files (x86)\Yontoo\sqlite3.exe
          0.0s C:\Users\root\AppData\Roaming\Yontoo\
          0.0s C:\Users\root\AppData\Roaming\Yontoo\YontooDesktop.exe
          0.0s C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
          3.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
          3.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
          5.8s C:\Users\root\AppData\Roaming\Yontoo\dat\update\
          5.8s C:\Users\root\AppData\Roaming\Yontoo\dat\
         12.3s C:\Users\root\AppData\Roaming\Yontoo\dat\Desktop.OS.dll
         28.4s C:\Users\root\AppData\Roaming\Yontoo\PlugIns.cache
         29.0s C:\Users\root\AppData\Roaming\Yontoo\dat\HeartBeat.dat

   C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (Yontoo)
      Size . . . . . . . : 23.552 bytes
      Age  . . . . . . . : 75.8 days (2013-03-15 21:59:34)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 967B7FA83171485DA1EEF51DB2A21FD17DFB4846E1F700C83E516BD40A542DCA
      Product  . . . . . : Y2Desktop.Updater
      Publisher  . . . . : Microsoft
      Description  . . . : Y2Desktop.Updater
      Version  . . . . . : 1.0.0.0
      Copyright  . . . . : Copyright © Microsoft 2013
      Service  . . . . . : Yontoo Desktop Updater
      Parent Name  . . . : C:\Windows\system32\services.exe
      Running processes  : 2012
      Fuzzy  . . . . . . : 7.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater\
      Forensic Cluster
         -5.4s C:\ProgramData\Tarma Installer\
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
         -5.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache\
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
         -0.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache\
         -0.1s C:\Program Files (x86)\Yontoo\
         -0.0s C:\Program Files (x86)\Yontoo\sqlite3.exe
         -0.0s C:\Users\root\AppData\Roaming\Yontoo\
         -0.0s C:\Users\root\AppData\Roaming\Yontoo\YontooDesktop.exe
          0.0s C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
          3.1s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
          3.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
          5.8s C:\Users\root\AppData\Roaming\Yontoo\dat\update\
          5.8s C:\Users\root\AppData\Roaming\Yontoo\dat\
         12.2s C:\Users\root\AppData\Roaming\Yontoo\dat\Desktop.OS.dll
         28.4s C:\Users\root\AppData\Roaming\Yontoo\PlugIns.cache
         28.9s C:\Users\root\AppData\Roaming\Yontoo\dat\HeartBeat.dat

   C:\ProgramData\Babylon\ (Babylon)
   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (Yontoo)
   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (Yontoo)
   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (Yontoo)
      Size . . . . . . . : 227.984 bytes
      Age  . . . . . . . : 75.8 days (2013-03-15 21:59:34)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 17936188EFAC05A0EF9FD87A79B268445CE307DD37A6F9206D116F195AB049C9
      Product  . . . . . : Tarma® Installer
      Publisher  . . . . : Tarma Software Research Pty Ltd
      Description  . . . : Tarma® Installer
      Version  . . . . . : 2011.03.11.1355U
      Copyright  . . . . : © 1990-2011 Tarma Software Research Pty Ltd
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0
      Forensic Cluster
         -5.3s C:\ProgramData\Tarma Installer\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
         -5.3s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
         -5.2s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache\
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
          0.0s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache\
          0.1s C:\Program Files (x86)\Yontoo\
          0.1s C:\Program Files (x86)\Yontoo\sqlite3.exe
          0.1s C:\Users\root\AppData\Roaming\Yontoo\
          0.1s C:\Users\root\AppData\Roaming\Yontoo\YontooDesktop.exe
          0.1s C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
          3.2s C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
          3.4s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
          5.9s C:\Users\root\AppData\Roaming\Yontoo\dat\update\
          5.9s C:\Users\root\AppData\Roaming\Yontoo\dat\
         12.4s C:\Users\root\AppData\Roaming\Yontoo\dat\Desktop.OS.dll
         28.5s C:\Users\root\AppData\Roaming\Yontoo\PlugIns.cache
         29.1s C:\Users\root\AppData\Roaming\Yontoo\dat\HeartBeat.dat

   C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (Yontoo)
   C:\Users\root\AppData\Roaming\Babylon\ (Babylon)
   C:\Users\root\AppData\Roaming\Babylon\log_file.txt (Babylon)
   HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL\ (Yontoo)
   HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
   HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
   HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\YontooIEClient.DLL\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\ (Yontoo)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
   HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
   HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
   HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc\ (Yontoo)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
   HKU\S-1-5-21-3787709050-3703385985-4224489799-1001\Software\BabylonToolbar\ (Babylon)
   HKU\S-1-5-21-3787709050-3703385985-4224489799-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ (Babylon)
   HKU\S-1-5-21-3787709050-3703385985-4224489799-1001_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
   HKU\S-1-5-21-3787709050-3703385985-4224489799-1003_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
         

mach einfach so, wie zeit ist, starte mal neu und schaue, ob hitmanpro alles gelöscht hatt. also neuen Scan starten.