Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Werbung ohne Browser geöffnet zu haben.

Werbung ohne Browser geöffnet zu haben.


Log-Analyse und Auswertung: Werbung ohne Browser geöffnet zu haben.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 15.07.2013, 18:54   #1
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Ich habe ein Adobe flash Player update gemacht dieser Player aber ein Virus gewesen zu sein seit den höre ich Werbung ohne ein Fenster offen zu haben.
Die Werbung kommt meistens, wenn ich den Windows Media Player offen habe.
Habe schon Malwarebytes scannen lassen das hat 3 Funde entfernt aber habe das Problem immer noch.

Hoffe ihr könnt mir helfen.

Alt 15.07.2013, 19:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 15.07.2013, 19:13   #3
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Paul (administrator) on 15-07-2013 20:09:54
Running from C:\Users\Paul\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(appsmaker) C:\Program Files (x86)\appsmaker\AppBooster 2.0\appbooster.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Trend Micro Client Framework] - "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] - %ProgramFiles%\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll (Results Media Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Winsock: Catalog9-x64 11 mswsock.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\searchplugins\SweetIM Search.xml
FF Extension: No Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 20:09 - 2013-07-15 20:09 - 00000000 ____D C:\FRST
2013-07-15 20:08 - 2013-07-15 20:09 - 01777839 _____ (Farbar) C:\Users\Paul\Downloads\FRST64.exe
2013-07-15 15:49 - 2013-07-15 15:52 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 14:38 - 2013-07-15 17:02 - 00001308 _____ C:\Windows\PFRO.log
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:29 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 19:04 - 2013-07-14 23:54 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-15 17:02 - 00000616 _____ C:\Windows\setupact.log
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 07:48 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 07:48 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 07:48 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 07:48 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 09:46 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-12 09:46 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 09:46 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-12 09:46 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-12 09:45 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 09:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 09:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:05 - 2013-07-11 18:06 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:41 - 2013-07-10 22:42 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 16:58 - 2013-07-10 17:09 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 15:59 - 2013-07-10 16:16 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:16 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:30 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:28 - 2013-07-03 16:30 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:28 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:10 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:10 - 2013-07-03 16:12 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:10 - 2013-07-03 16:11 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:09 - 2013-07-02 18:13 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:09 - 2013-07-02 18:10 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-06-30 22:12 - 2013-07-01 17:02 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:10 - 2013-06-30 22:23 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:08 - 2013-06-30 22:09 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 21:50 - 2013-06-24 22:37 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:33 - 2013-06-23 22:42 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:10 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 13:18 - 2013-07-15 19:07 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-06-23 13:18 - 2013-07-15 19:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-23 13:18 - 2013-06-23 14:00 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-23 19:15 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-20 22:17 - 2013-06-20 22:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:08 - 2013-07-03 16:45 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:03 - 2013-06-20 20:02 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft

==================== One Month Modified Files and Folders =======

2013-07-15 20:09 - 2013-07-15 20:09 - 00000000 ____D C:\FRST
2013-07-15 20:09 - 2013-07-15 20:08 - 01777839 _____ (Farbar) C:\Users\Paul\Downloads\FRST64.exe
2013-07-15 19:07 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-07-15 19:07 - 2013-06-23 13:18 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-15 17:27 - 2013-05-26 13:13 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TS3Client
2013-07-15 17:15 - 2013-06-01 19:53 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Skype
2013-07-15 17:10 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 17:10 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 17:05 - 2013-05-22 13:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 17:05 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 17:05 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 17:02 - 2013-07-15 14:38 - 00001308 _____ C:\Windows\PFRO.log
2013-07-15 17:02 - 2013-07-14 19:02 - 00000616 _____ C:\Windows\setupact.log
2013-07-15 17:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 15:52 - 2013-07-15 15:49 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-15 06:30 - 2013-05-22 13:15 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 23:54 - 2013-07-14 19:04 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 22:43 - 2013-05-28 01:22 - 00000000 ____D C:\Windows\pss
2013-07-14 22:42 - 2013-06-08 19:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-14 22:42 - 2013-05-22 13:15 - 00000000 ___HD C:\ASUS.DAT
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:34 - 2011-04-13 04:47 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:29 - 2013-07-14 22:20 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 21:49 - 2013-05-22 13:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 21:49 - 2011-04-13 04:33 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-14 21:49 - 2011-04-13 04:33 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 15:49 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2013-07-14 01:33 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 10:20 - 2013-06-05 17:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 19:10 - 2011-02-19 06:24 - 00710754 _____ C:\Windows\system32\perfh007.dat
2013-07-11 19:10 - 2011-02-19 06:24 - 00153202 _____ C:\Windows\system32\perfc007.dat
2013-07-11 19:10 - 2009-07-14 07:13 - 01650312 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 18:06 - 2013-07-11 18:05 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:42 - 2013-07-10 22:41 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 17:09 - 2013-07-10 16:58 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 16:16 - 2013-07-10 15:59 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 21:17 - 2013-05-22 21:47 - 00001319 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-04 14:46 - 2013-05-22 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 19:04 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-07-03 19:04 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-03 18:54 - 2011-02-19 06:18 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-03 18:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2013-07-03 16:45 - 2013-06-20 20:08 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:30 - 2013-07-03 16:28 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:30 - 2013-07-03 16:28 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:30 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:30 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:12 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:11 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:10 - 2013-05-22 13:14 - 00000000 ____D C:\Users\Paul
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:14 - 2011-04-13 04:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-02 18:13 - 2013-07-02 18:09 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:10 - 2013-07-02 18:09 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-07-01 17:02 - 2013-06-30 22:12 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:23 - 2013-06-30 22:10 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:09 - 2013-06-30 22:08 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-29 17:15 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 22:37 - 2013-06-24 21:50 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:42 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 19:15 - 2013-06-22 18:31 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 14:02 - 2013-05-22 21:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 14:00 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-21 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-06-21 08:15 - 2013-05-22 21:47 - 00001874 _____ C:\Windows\system32\AutoRunFilter.ini
2013-06-20 22:37 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:02 - 2013-06-20 20:03 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-19 19:22 - 2013-05-28 00:49 - 04247414 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 22:29 - 2013-05-28 23:25 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-18 08:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 19:27 - 2013-05-22 21:52 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-17 19:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-17 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-17 12:44 - 2011-04-13 04:33 - 00000000 ____D C:\ProgramData\Partner

ZeroAccess:
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\00000004.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\201d3dde
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\6715e287
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\76603ac3
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000004.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000008.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\000000cb.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000000.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000032.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-07-15 05:20

==================== End Of Log ============================
--- --- ---






Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by Paul at 2013-07-15 20:11:35
Running from C:\Users\Paul\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
AION Free-To-Play (x32 Version: 2.70.0000)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
AMD Fuel (Version: 2011.0713.1830.31376)
AMD Media Foundation Decoders (Version: 1.0.60713.1822)
AMD VISION Engine Control Center (x32 Version: 2011.0713.1830.31376)
AnotherLife Client Version 1.1 (x32 Version: 1.1)
appsmaker AppBooster 2.0 (x32)
ASUS AI Recovery (x32 Version: 1.0.13)
ASUS FancyStart (x32 Version: 1.1.0)
ASUS LifeFrame3 (x32 Version: 3.0.27)
ASUS Live Update (x32 Version: 3.0.8)
ASUS Power4Gear Hybrid (Version: 1.1.50)
ASUS SmartLogon (x32 Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0033)
ASUS Virtual Camera (x32 Version: 1.0.21)
ASUS WebStorage (x32 Version: 3.0.84.161)
ASUS_Screensaver (x32)
AsusVibe2.0 (x32 Version: 2.0.4.617)
Atheros Client Installation Program (x32 Version: 7.0)
ATK Package (x32 Version: 1.0.0010)
Bing Bar (x32 Version: 7.0.610.0)
Bookworm Deluxe (x32)
Bubble Hit Bundle by SweetPacks (x32 Version: 1.0.0.0)
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376)
Catalyst Control Center Localization All (x32 Version: 2011.0713.1830.31376)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0713.1830.31376)
CCC Help Chinese Standard (x32 Version: 2011.0713.1829.31376)
CCC Help Chinese Traditional (x32 Version: 2011.0713.1829.31376)
CCC Help Czech (x32 Version: 2011.0713.1829.31376)
CCC Help Danish (x32 Version: 2011.0713.1829.31376)
CCC Help Dutch (x32 Version: 2011.0713.1829.31376)
CCC Help English (x32 Version: 2011.0713.1829.31376)
CCC Help Finnish (x32 Version: 2011.0713.1829.31376)
CCC Help French (x32 Version: 2011.0713.1829.31376)
CCC Help German (x32 Version: 2011.0713.1829.31376)
CCC Help Greek (x32 Version: 2011.0713.1829.31376)
CCC Help Hungarian (x32 Version: 2011.0713.1829.31376)
CCC Help Italian (x32 Version: 2011.0713.1829.31376)
CCC Help Japanese (x32 Version: 2011.0713.1829.31376)
CCC Help Korean (x32 Version: 2011.0713.1829.31376)
CCC Help Norwegian (x32 Version: 2011.0713.1829.31376)
CCC Help Polish (x32 Version: 2011.0713.1829.31376)
CCC Help Portuguese (x32 Version: 2011.0713.1829.31376)
CCC Help Russian (x32 Version: 2011.0713.1829.31376)
CCC Help Spanish (x32 Version: 2011.0713.1829.31376)
CCC Help Swedish (x32 Version: 2011.0713.1829.31376)
CCC Help Thai (x32 Version: 2011.0713.1829.31376)
CCC Help Turkish (x32 Version: 2011.0713.1829.31376)
ccc-utility64 (Version: 2011.0713.1830.31376)
CCleaner (Version: 4.01)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Cooking Dash (x32)
CPUID CPU-Z 1.65.0
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink Power2Go (x32 Version: 6.1.3602c)
D3DX10 (x32 Version: 15.4.2368.0902)
ETDWare PS/2-X64 8.0.5.1_WHQL (Version: 8.0.5.1)
Fast Boot (Version: 1.0.9)
Free YouTube Download version 3.2.3.610 (x32 Version: 3.2.3.610)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Game Park Console (x32 Version: 6.2.1.1)
Gameforge Live 1.3.0 "Legend" (x32 Version: 1.3.0)
Google Chrome (x32 Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32)
Google Update Helper (x32 Version: 1.3.21.145)
Governor of Poker (x32)
GRP Fairplaylauncher Version 0.3 (x32 Version: 0.3)
Hotel Dash Suite Success (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest 3 (x32)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Just Aion Launcher (x32 Version: 1.00.0000)
League of Legends (x32 Version: 1.3)
Luxor 3 (x32)
MAESTIA Version 201207 (x32 Version: 201207)
Mahjongg dimensions (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Metin2 (x32)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Neverwinter (x32)
nLite 1.4.9.1 (x32 Version: 1.4.9.1)
Notepad++ (x32 Version: 6.3.3)
Nuance PDF Reader (x32 Version: 6.00.0041)
oHotkey 1.1.10.01 (Version: 1.1.10.01)
osu! (x32 Version: 0.0.0.0)
Pando Media Booster (x32 Version: 2.6.0.9)
Plants vs Zombies (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127)
Search Fairy (x32 Version: 1.2.5.0)
Skype™ 6.3 (x32 Version: 6.3.107)
Steam (x32 Version: 1.0.0.0)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007)
SweetPacks Updater (x32 Version: 4.0.1.0)
syncables desktop SE (x32 Version: 5.5.746.11492)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
Trend Micro Titanium Internet Security (Version: 3.0)
Trend Micro Titanium Internet Security (Version: 3.00)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
WinFlash (x32 Version: 2.31.1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wireless Console 3 (x32 Version: 3.0.21)
World of Goo (x32)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)
بريد Windows Live (x32 Version: 15.4.3502.0922)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)

==================== Restore Points  =========================

15-07-2013 03:26:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-06-07 21:10 - 00000220 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 autogameonline.com
127.0.0.1 khoautos.com
127.0.0.1 ohready.com
127.0.0.1 libcross.com
127.0.0.1 cfprobiz.blogspot.com
127.0.0.1 cfpro.info
127.0.0.1 cfpro.biz
95.211.168.98 download.gameclub.com 


==================== Scheduled Tasks (whitelisted) =============

Task: {169B16AC-4013-4CFC-8654-355EE0642741} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: {401D4FC2-6F44-414F-9332-C4B3B15593E1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {426ED122-5CC8-4CA4-A04C-DF72415F91A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {67248451-6117-47AC-9019-E7C84ED5E338} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {75C365D7-5D90-4D2C-B2CB-BA0C6A8F7B37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {B299C427-6C30-4570-B167-BE73514266D1} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {C759B601-EB50-4029-BA99-71635E3E5C40} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-11-17] (ASUSTeK Computer Inc.)
Task: {D02FCF48-91BA-424B-89AD-30C91DFD2D45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2013 02:53:49 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f90

Startzeit: 01ce8158f0d037aa

Endzeit: 10

Anwendungspfad: C:\Users\Paul\Downloads\OTL.exe

Berichts-ID:

Error: (07/15/2013 05:27:00 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Defender since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/14/2013 11:59:59 PM) (Source: Poweroff) (User: )
Description: Zugriff verweigert

Error: (07/14/2013 11:54:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Appbooster_2_keymaker.exe, Version: 0.0.0.0, Zeitstempel: 0x51e31860
Name des fehlerhaften Moduls: Appbooster_2_keymaker.exe, Version: 0.0.0.0, Zeitstempel: 0x51e31860
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f5a
ID des fehlerhaften Prozesses: 0x1028
Startzeit der fehlerhaften Anwendung: 0xAppbooster_2_keymaker.exe0
Pfad der fehlerhaften Anwendung: Appbooster_2_keymaker.exe1
Pfad des fehlerhaften Moduls: Appbooster_2_keymaker.exe2
Berichtskennung: Appbooster_2_keymaker.exe3

Error: (07/14/2013 10:03:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Name des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Ausnahmecode: 0x40000015
Fehleroffset: 0x000178f0
ID des fehlerhaften Prozesses: 0xca4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_7_700_224.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe2
Berichtskennung: FlashPlayerPlugin_11_7_700_224.exe3

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (07/14/2013 07:03:16 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/15/2013 07:07:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/15/2013 07:07:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/15/2013 06:53:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/15/2013 06:53:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/15/2013 05:04:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/15/2013 05:04:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/15/2013 05:02:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (07/15/2013 05:02:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (07/15/2013 05:02:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (07/15/2013 02:41:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (07/15/2013 02:53:49 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0f9001ce8158f0d037aa10C:\Users\Paul\Downloads\OTL.exe

Error: (07/15/2013 05:27:00 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Defender since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/14/2013 11:59:59 PM) (Source: Poweroff)(User: )
Description: Zugriff verweigert

Error: (07/14/2013 11:54:39 PM) (Source: Application Error)(User: )
Description: Appbooster_2_keymaker.exe0.0.0.051e31860Appbooster_2_keymaker.exe0.0.0.051e31860c000000500001f5a102801ce80dcb5ce11d1C:\Users\Paul\AppData\Local\Temp\Rar$EXa0.630\Appbooster_2_keymaker.exeC:\Users\Paul\AppData\Local\Temp\Rar$EXa0.630\Appbooster_2_keymaker.exefacd92b1-eccf-11e2-8ecc-14dae9e4b947

Error: (07/14/2013 10:03:29 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a67447FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a6744740000015000178f0ca401ce80ccfdaceaafC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe7344ea15-ecc0-11e2-bf82-14dae9e4b947

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/14/2013 07:03:17 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/14/2013 07:03:16 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 4075.7 MB
Available physical RAM: 2276.45 MB
Total Pagefile: 8149.58 MB
Available Pagefile: 6327.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:48.99 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:147.97 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: B2A0A341)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148 GB) - (Type=OF Extended)

==================== End Of Log ============================
__________________
Alt 15.07.2013, 19:30   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ZeroAccess:
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\00000004.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\201d3dde
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\6715e287
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\76603ac3
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000004.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000008.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\000000cb.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000000.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000032.@
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
C:\ProgramData\FullRemove.exe
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 19:41   #5
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2013
Ran by Paul at 2013-07-15 20:38:20 Run:1
Running from C:\Users\Paul\Desktop
Boot Mode: Normal
==============================================


"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}" directory move:

C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000004.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000008.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\000000cb.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000000.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000032.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000064.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\00000004.@ => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\201d3dde => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\6715e287 => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\76603ac3 => Moved successfully.
Could not move "C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}" directory. => Scheduled to move on reboot.

"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\@" => File/Directory not found.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L => Moved successfully.
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U => Moved successfully.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\00000004.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\201d3dde" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\6715e287" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\L\76603ac3" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000004.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\00000008.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\000000cb.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000000.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000032.@" => File/Directory not found.
"C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a}\U\80000064.@" => File/Directory not found.
C:\Windows\assembly\GAC_32\Desktop.ini => Moved successfully.
Could not move "C:\Windows\assembly\GAC_64\Desktop.ini" => Scheduled to move on reboot.
C:\ProgramData\FullRemove.exe => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.

=========== Result of Scheduled Files to move ===========
C:\Windows\Installer\{62b58b0a-a524-c04c-2f64-fa93f4cdcf3a} => Moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini => File moved successfully.

==== End of Fixlog ====


Alt 15.07.2013, 20:34   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Und ein frisches FRST log bitte.
__________________
--> Werbung ohne Browser geöffnet zu haben.

Alt 15.07.2013, 20:38   #7
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Paul (administrator) on 15-07-2013 21:36:47
Running from C:\Users\Paul\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Users\Paul\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Trend Micro Client Framework] - "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] - %ProgramFiles%\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll (Results Media Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Winsock: Catalog9-x64 11 mswsock.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\searchplugins\SweetIM Search.xml
FF Extension: No Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 20:12 - 2013-07-15 20:14 - 00051193 _____ C:\Users\Paul\Downloads\FRST.txt
2013-07-15 20:11 - 2013-07-15 20:12 - 00022156 _____ C:\Users\Paul\Downloads\Addition.txt
2013-07-15 20:09 - 2013-07-15 20:41 - 00000000 ____D C:\FRST
2013-07-15 20:08 - 2013-07-15 20:09 - 01777839 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2013-07-15 15:49 - 2013-07-15 15:52 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 14:38 - 2013-07-15 20:39 - 00001640 _____ C:\Windows\PFRO.log
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:29 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 19:04 - 2013-07-14 23:54 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-15 20:39 - 00000672 _____ C:\Windows\setupact.log
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 07:48 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 07:48 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 07:48 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 07:48 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 09:46 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-12 09:46 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 09:46 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-12 09:46 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-12 09:45 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 09:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 09:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:05 - 2013-07-11 18:06 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:41 - 2013-07-10 22:42 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 16:58 - 2013-07-10 17:09 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 15:59 - 2013-07-10 16:16 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:16 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:30 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:28 - 2013-07-03 16:30 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:28 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:10 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:10 - 2013-07-03 16:12 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:10 - 2013-07-03 16:11 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:09 - 2013-07-02 18:13 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:09 - 2013-07-02 18:10 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-06-30 22:12 - 2013-07-01 17:02 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:10 - 2013-06-30 22:23 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:08 - 2013-06-30 22:09 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 21:50 - 2013-06-24 22:37 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:33 - 2013-06-23 22:42 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:10 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 13:18 - 2013-07-15 19:07 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-06-23 13:18 - 2013-07-15 19:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-23 13:18 - 2013-06-23 14:00 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-23 19:15 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-20 22:17 - 2013-06-20 22:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:08 - 2013-07-03 16:45 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:03 - 2013-06-20 20:02 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft

==================== One Month Modified Files and Folders =======

2013-07-15 21:24 - 2013-05-26 13:13 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TS3Client
2013-07-15 20:46 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 20:46 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 20:41 - 2013-07-15 20:09 - 00000000 ____D C:\FRST
2013-07-15 20:39 - 2013-07-15 14:38 - 00001640 _____ C:\Windows\PFRO.log
2013-07-15 20:39 - 2013-07-14 19:02 - 00000672 _____ C:\Windows\setupact.log
2013-07-15 20:39 - 2013-05-22 13:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 20:39 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 20:39 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 20:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 20:14 - 2013-07-15 20:12 - 00051193 _____ C:\Users\Paul\Downloads\FRST.txt
2013-07-15 20:12 - 2013-07-15 20:11 - 00022156 _____ C:\Users\Paul\Downloads\Addition.txt
2013-07-15 20:09 - 2013-07-15 20:08 - 01777839 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2013-07-15 19:07 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-07-15 19:07 - 2013-06-23 13:18 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-15 17:15 - 2013-06-01 19:53 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Skype
2013-07-15 15:52 - 2013-07-15 15:49 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-15 06:30 - 2013-05-22 13:15 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 23:54 - 2013-07-14 19:04 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 22:43 - 2013-05-28 01:22 - 00000000 ____D C:\Windows\pss
2013-07-14 22:42 - 2013-06-08 19:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-14 22:42 - 2013-05-22 13:15 - 00000000 ___HD C:\ASUS.DAT
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:34 - 2011-04-13 04:47 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:29 - 2013-07-14 22:20 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 21:49 - 2013-05-22 13:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 21:49 - 2011-04-13 04:33 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-14 21:49 - 2011-04-13 04:33 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 15:49 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2013-07-14 01:33 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 10:20 - 2013-06-05 17:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 19:10 - 2011-02-19 06:24 - 00710754 _____ C:\Windows\system32\perfh007.dat
2013-07-11 19:10 - 2011-02-19 06:24 - 00153202 _____ C:\Windows\system32\perfc007.dat
2013-07-11 19:10 - 2009-07-14 07:13 - 01650312 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 18:06 - 2013-07-11 18:05 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:42 - 2013-07-10 22:41 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 17:09 - 2013-07-10 16:58 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 16:16 - 2013-07-10 15:59 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 21:17 - 2013-05-22 21:47 - 00001319 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-04 14:46 - 2013-05-22 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 19:04 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-07-03 19:04 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-03 18:54 - 2011-02-19 06:18 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-03 18:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2013-07-03 16:45 - 2013-06-20 20:08 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:30 - 2013-07-03 16:28 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:30 - 2013-07-03 16:28 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:30 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:30 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:12 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:11 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:10 - 2013-05-22 13:14 - 00000000 ____D C:\Users\Paul
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:14 - 2011-04-13 04:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-02 18:13 - 2013-07-02 18:09 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:10 - 2013-07-02 18:09 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-07-01 17:02 - 2013-06-30 22:12 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:23 - 2013-06-30 22:10 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:09 - 2013-06-30 22:08 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-29 17:15 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 22:37 - 2013-06-24 21:50 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:42 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 19:15 - 2013-06-22 18:31 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 14:02 - 2013-05-22 21:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 14:00 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-21 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-06-21 08:15 - 2013-05-22 21:47 - 00001874 _____ C:\Windows\system32\AutoRunFilter.ini
2013-06-20 22:37 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:02 - 2013-06-20 20:03 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-19 19:22 - 2013-05-28 00:49 - 04247414 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 22:29 - 2013-05-28 23:25 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-18 08:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 19:27 - 2013-05-22 21:52 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-17 19:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-17 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-17 12:44 - 2011-04-13 04:33 - 00000000 ____D C:\ProgramData\Partner

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-15 05:20

==================== End Of Log ============================
--- --- ---


Danke das du mir so gut hilfst

Alt 15.07.2013, 20:40   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


hi,

windows-taste+R, schreibe

netsh winsock reset

und drücke Enter. reboot.

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 20:50   #9
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Code:
ATTFilter
21:49:57.0419 2868  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:49:57.0751 2868  ============================================================
21:49:57.0751 2868  Current date / time: 2013/07/15 21:49:57.0751
21:49:57.0752 2868  SystemInfo:
21:49:57.0752 2868  
21:49:57.0752 2868  OS Version: 6.1.7601 ServicePack: 1.0
21:49:57.0752 2868  Product type: Workstation
21:49:57.0752 2868  ComputerName: BF3LOVEX3
21:49:57.0753 2868  UserName: Paul
21:49:57.0753 2868  Windows directory: C:\Windows
21:49:57.0753 2868  System windows directory: C:\Windows
21:49:57.0753 2868  Running under WOW64
21:49:57.0753 2868  Processor architecture: Intel x64
21:49:57.0753 2868  Number of processors: 2
21:49:57.0753 2868  Page size: 0x1000
21:49:57.0753 2868  Boot type: Normal boot
21:49:57.0753 2868  ============================================================
21:49:59.0171 2868  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:59.0183 2868  ============================================================
21:49:59.0183 2868  \Device\Harddisk0\DR0:
21:49:59.0183 2868  MBR partitions:
21:49:59.0183 2868  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
21:49:59.0207 2868  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0F000, BlocksNum 0x1281F000
21:49:59.0207 2868  ============================================================
21:49:59.0240 2868  C: <-> \Device\Harddisk0\DR0\Partition1
21:49:59.0280 2868  D: <-> \Device\Harddisk0\DR0\Partition2
21:49:59.0280 2868  ============================================================
21:49:59.0280 2868  Initialize success
21:49:59.0280 2868  ============================================================
21:50:04.0309 3184  ============================================================
21:50:04.0310 3184  Scan started
21:50:04.0310 3184  Mode: Manual; 
21:50:04.0310 3184  ============================================================
21:50:04.0973 3184  ================ Scan system memory ========================
21:50:04.0973 3184  System memory - ok
21:50:04.0974 3184  ================ Scan services =============================
21:50:05.0261 3184  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:50:05.0268 3184  1394ohci - ok
21:50:05.0317 3184  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:50:05.0327 3184  ACPI - ok
21:50:05.0368 3184  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:50:05.0371 3184  AcpiPmi - ok
21:50:05.0521 3184  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:50:05.0528 3184  AdobeFlashPlayerUpdateSvc - ok
21:50:05.0584 3184  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:50:05.0595 3184  adp94xx - ok
21:50:05.0646 3184  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:50:05.0655 3184  adpahci - ok
21:50:05.0692 3184  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:50:05.0699 3184  adpu320 - ok
21:50:05.0793 3184  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:50:05.0797 3184  AeLookupSvc - ok
21:50:05.0860 3184  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
21:50:05.0870 3184  AFBAgent - ok
21:50:05.0965 3184  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:50:05.0989 3184  AFD - ok
21:50:06.0038 3184  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:50:06.0042 3184  agp440 - ok
21:50:06.0112 3184  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:50:06.0117 3184  ALG - ok
21:50:06.0149 3184  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:50:06.0152 3184  aliide - ok
21:50:06.0211 3184  [ 9CCAF5CCD848F8D77CD18DAA51F9C987 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:50:06.0217 3184  AMD External Events Utility - ok
21:50:06.0254 3184  AMD FUEL Service - ok
21:50:06.0304 3184  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:50:06.0306 3184  amdide - ok
21:50:06.0349 3184  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
21:50:06.0351 3184  amdiox64 - ok
21:50:06.0394 3184  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:50:06.0397 3184  AmdK8 - ok
21:50:06.0722 3184  [ 8BD152EAAEFEB8667E7E43FD8CAC3642 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:50:07.0016 3184  amdkmdag - ok
21:50:07.0098 3184  [ 4112266BD3949EBE9B0B8AB198D3D0EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:50:07.0103 3184  amdkmdap - ok
21:50:07.0155 3184  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:50:07.0157 3184  AmdPPM - ok
21:50:07.0220 3184  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:50:07.0226 3184  amdsata - ok
21:50:07.0262 3184  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:50:07.0268 3184  amdsbs - ok
21:50:07.0296 3184  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:50:07.0298 3184  amdxata - ok
21:50:07.0344 3184  [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:50:07.0347 3184  amd_sata - ok
21:50:07.0372 3184  [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:50:07.0374 3184  amd_xata - ok
21:50:07.0652 3184  [ D24AE3842FEFDC4C2AB77F8D893CFBB2 ] AMOptimalDiskService C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
21:50:07.0751 3184  AMOptimalDiskService - ok
21:50:07.0847 3184  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
21:50:07.0854 3184  Amsp - ok
21:50:07.0930 3184  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:50:07.0933 3184  AppID - ok
21:50:07.0974 3184  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:50:07.0979 3184  AppIDSvc - ok
21:50:08.0071 3184  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:50:08.0084 3184  Appinfo - ok
21:50:08.0183 3184  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:50:08.0187 3184  arc - ok
21:50:08.0236 3184  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:50:08.0241 3184  arcsas - ok
21:50:08.0313 3184  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:50:08.0317 3184  ASLDRService - ok
21:50:08.0339 3184  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:50:08.0341 3184  ASMMAP64 - ok
21:50:08.0482 3184  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:50:08.0486 3184  aspnet_state - ok
21:50:08.0537 3184  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:50:08.0541 3184  AsyncMac - ok
21:50:08.0709 3184  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:50:08.0711 3184  atapi - ok
21:50:08.0874 3184  [ F8633CDD09647A64EE8DB550630427FF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:50:08.0922 3184  athr - ok
21:50:08.0970 3184  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:50:08.0975 3184  AtiHDAudioService - ok
21:50:09.0005 3184  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:50:09.0009 3184  ATKGFNEXSrv - ok
21:50:09.0132 3184  [ AC31727F9946E9009480708E4D1B9986 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:50:09.0133 3184  ATKWMIACPIIO - ok
21:50:09.0197 3184  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:50:09.0224 3184  AudioEndpointBuilder - ok
21:50:09.0268 3184  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:50:09.0277 3184  AudioSrv - ok
21:50:09.0344 3184  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:50:09.0349 3184  AxInstSV - ok
21:50:09.0406 3184  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:50:09.0427 3184  b06bdrv - ok
21:50:09.0459 3184  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:50:09.0467 3184  b57nd60a - ok
21:50:09.0574 3184  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
21:50:09.0578 3184  BBSvc - ok
21:50:09.0615 3184  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:50:09.0619 3184  BDESVC - ok
21:50:09.0690 3184  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:50:09.0699 3184  Beep - ok
21:50:09.0742 3184  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:50:09.0745 3184  blbdrive - ok
21:50:09.0796 3184  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:50:09.0801 3184  bowser - ok
21:50:09.0826 3184  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:50:09.0828 3184  BrFiltLo - ok
21:50:09.0840 3184  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:50:09.0842 3184  BrFiltUp - ok
21:50:09.0905 3184  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:50:09.0911 3184  Browser - ok
21:50:09.0948 3184  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:50:09.0956 3184  Brserid - ok
21:50:09.0972 3184  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:50:09.0974 3184  BrSerWdm - ok
21:50:09.0999 3184  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:50:10.0001 3184  BrUsbMdm - ok
21:50:10.0014 3184  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:50:10.0017 3184  BrUsbSer - ok
21:50:10.0086 3184  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:50:10.0089 3184  BthEnum - ok
21:50:10.0127 3184  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:50:10.0132 3184  BTHMODEM - ok
21:50:10.0148 3184  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:50:10.0163 3184  BthPan - ok
21:50:10.0206 3184  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:50:10.0218 3184  BTHPORT - ok
21:50:10.0264 3184  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:50:10.0268 3184  bthserv - ok
21:50:10.0286 3184  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:50:10.0289 3184  BTHUSB - ok
21:50:10.0318 3184  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:50:10.0322 3184  cdfs - ok
21:50:10.0365 3184  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:50:10.0372 3184  cdrom - ok
21:50:10.0461 3184  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:50:10.0465 3184  CertPropSvc - ok
21:50:10.0541 3184  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:50:10.0544 3184  circlass - ok
21:50:10.0584 3184  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:50:10.0594 3184  CLFS - ok
21:50:10.0669 3184  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:50:10.0674 3184  clr_optimization_v2.0.50727_32 - ok
21:50:10.0750 3184  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:50:10.0755 3184  clr_optimization_v2.0.50727_64 - ok
21:50:10.0834 3184  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:50:10.0837 3184  clr_optimization_v4.0.30319_32 - ok
21:50:10.0857 3184  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:50:10.0860 3184  clr_optimization_v4.0.30319_64 - ok
21:50:10.0891 3184  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:50:10.0894 3184  CmBatt - ok
21:50:10.0931 3184  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:50:10.0934 3184  cmdide - ok
21:50:10.0986 3184  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:50:10.0996 3184  CNG - ok
21:50:11.0035 3184  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:50:11.0037 3184  Compbatt - ok
21:50:11.0075 3184  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:50:11.0078 3184  CompositeBus - ok
21:50:11.0107 3184  COMSysApp - ok
21:50:11.0132 3184  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:50:11.0135 3184  crcdisk - ok
21:50:11.0209 3184  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:50:11.0216 3184  CryptSvc - ok
21:50:11.0297 3184  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:50:11.0321 3184  DcomLaunch - ok
21:50:11.0361 3184  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:50:11.0370 3184  defragsvc - ok
21:50:11.0406 3184  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:50:11.0410 3184  DfsC - ok
21:50:11.0446 3184  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:50:11.0455 3184  Dhcp - ok
21:50:11.0473 3184  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:50:11.0476 3184  discache - ok
21:50:11.0504 3184  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:50:11.0507 3184  Disk - ok
21:50:11.0583 3184  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:50:11.0590 3184  Dnscache - ok
21:50:11.0622 3184  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:50:11.0630 3184  dot3svc - ok
21:50:11.0658 3184  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:50:11.0664 3184  DPS - ok
21:50:11.0693 3184  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:50:11.0701 3184  drmkaud - ok
21:50:11.0772 3184  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:50:11.0784 3184  DXGKrnl - ok
21:50:11.0828 3184  EagleX64 - ok
21:50:11.0870 3184  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:50:11.0876 3184  EapHost - ok
21:50:11.0997 3184  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:50:12.0090 3184  ebdrv - ok
21:50:12.0139 3184  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:50:12.0150 3184  EFS - ok
21:50:12.0239 3184  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:50:12.0262 3184  ehRecvr - ok
21:50:12.0283 3184  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:50:12.0287 3184  ehSched - ok
21:50:12.0366 3184  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:50:12.0389 3184  elxstor - ok
21:50:12.0410 3184  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:50:12.0413 3184  ErrDev - ok
21:50:12.0468 3184  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:50:12.0471 3184  ETD - ok
21:50:12.0520 3184  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:50:12.0531 3184  EventSystem - ok
21:50:12.0564 3184  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:50:12.0571 3184  exfat - ok
21:50:12.0607 3184  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:50:12.0613 3184  fastfat - ok
21:50:12.0664 3184  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:50:12.0691 3184  Fax - ok
21:50:12.0735 3184  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:50:12.0738 3184  fdc - ok
21:50:12.0767 3184  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:50:12.0771 3184  fdPHost - ok
21:50:12.0791 3184  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:50:12.0795 3184  FDResPub - ok
21:50:12.0820 3184  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:50:12.0825 3184  FileInfo - ok
21:50:12.0851 3184  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:50:12.0855 3184  Filetrace - ok
21:50:12.0892 3184  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:50:12.0895 3184  flpydisk - ok
21:50:12.0932 3184  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:50:12.0939 3184  FltMgr - ok
21:50:13.0021 3184  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:50:13.0058 3184  FontCache - ok
21:50:13.0123 3184  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:50:13.0125 3184  FontCache3.0.0.0 - ok
21:50:13.0154 3184  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:50:13.0158 3184  FsDepends - ok
21:50:13.0214 3184  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:50:13.0217 3184  fssfltr - ok
21:50:13.0309 3184  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:50:13.0376 3184  fsssvc - ok
21:50:13.0417 3184  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:50:13.0419 3184  Fs_Rec - ok
21:50:13.0478 3184  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:50:13.0484 3184  fvevol - ok
21:50:13.0521 3184  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:50:13.0525 3184  gagp30kx - ok
21:50:13.0573 3184  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:50:13.0607 3184  gpsvc - ok
21:50:13.0694 3184  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:13.0697 3184  gupdate - ok
21:50:13.0738 3184  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:13.0741 3184  gupdatem - ok
21:50:13.0776 3184  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:50:13.0783 3184  gusvc - ok
21:50:13.0814 3184  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:50:13.0817 3184  hcw85cir - ok
21:50:13.0853 3184  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:50:13.0862 3184  HdAudAddService - ok
21:50:13.0891 3184  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:50:13.0896 3184  HDAudBus - ok
21:50:13.0927 3184  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:50:13.0930 3184  HidBatt - ok
21:50:13.0953 3184  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:50:13.0958 3184  HidBth - ok
21:50:13.0979 3184  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:50:13.0982 3184  HidIr - ok
21:50:14.0029 3184  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:50:14.0033 3184  hidserv - ok
21:50:14.0062 3184  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:50:14.0065 3184  HidUsb - ok
21:50:14.0105 3184  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:50:14.0111 3184  hkmsvc - ok
21:50:14.0140 3184  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:50:14.0149 3184  HomeGroupListener - ok
21:50:14.0191 3184  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:50:14.0200 3184  HomeGroupProvider - ok
21:50:14.0223 3184  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:50:14.0227 3184  HpSAMD - ok
21:50:14.0271 3184  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:50:14.0299 3184  HTTP - ok
21:50:14.0337 3184  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:50:14.0339 3184  hwpolicy - ok
21:50:14.0390 3184  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:50:14.0395 3184  i8042prt - ok
21:50:14.0470 3184  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:50:14.0480 3184  iaStorV - ok
21:50:14.0561 3184  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:50:14.0596 3184  idsvc - ok
21:50:14.0635 3184  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:50:14.0638 3184  iirsp - ok
21:50:14.0701 3184  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:50:14.0736 3184  IKEEXT - ok
21:50:14.0786 3184  IntcAzAudAddService - ok
21:50:14.0798 3184  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:50:14.0800 3184  intelide - ok
21:50:14.0836 3184  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:50:14.0840 3184  intelppm - ok
21:50:14.0867 3184  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:50:14.0874 3184  IPBusEnum - ok
21:50:14.0904 3184  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:50:14.0909 3184  IpFilterDriver - ok
21:50:14.0938 3184  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:50:14.0943 3184  IPMIDRV - ok
21:50:14.0994 3184  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:50:15.0007 3184  IPNAT - ok
21:50:15.0052 3184  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:50:15.0055 3184  IRENUM - ok
21:50:15.0084 3184  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:50:15.0088 3184  isapnp - ok
21:50:15.0134 3184  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:50:15.0143 3184  iScsiPrt - ok
21:50:15.0167 3184  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:50:15.0169 3184  kbdclass - ok
21:50:15.0190 3184  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:50:15.0193 3184  kbdhid - ok
21:50:15.0246 3184  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
21:50:15.0248 3184  kbfiltr - ok
21:50:15.0275 3184  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:50:15.0279 3184  KeyIso - ok
21:50:15.0329 3184  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:50:15.0333 3184  KSecDD - ok
21:50:15.0364 3184  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:50:15.0369 3184  KSecPkg - ok
21:50:15.0420 3184  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:50:15.0423 3184  ksthunk - ok
21:50:15.0476 3184  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:50:15.0488 3184  KtmRm - ok
21:50:15.0527 3184  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
21:50:15.0531 3184  L1C - ok
21:50:15.0582 3184  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:50:15.0592 3184  LanmanServer - ok
21:50:15.0622 3184  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:50:15.0633 3184  LanmanWorkstation - ok
21:50:15.0683 3184  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:50:15.0687 3184  lltdio - ok
21:50:15.0738 3184  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:50:15.0748 3184  lltdsvc - ok
21:50:15.0769 3184  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:50:15.0774 3184  lmhosts - ok
21:50:15.0823 3184  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:50:15.0827 3184  LSI_FC - ok
21:50:15.0882 3184  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:50:15.0890 3184  LSI_SAS - ok
21:50:15.0913 3184  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:50:15.0916 3184  LSI_SAS2 - ok
21:50:15.0976 3184  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:50:15.0982 3184  LSI_SCSI - ok
21:50:16.0015 3184  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:50:16.0019 3184  luafv - ok
21:50:16.0091 3184  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:50:16.0093 3184  MBAMProtector - ok
21:50:16.0177 3184  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:50:16.0183 3184  MBAMScheduler - ok
21:50:16.0232 3184  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:50:16.0242 3184  MBAMService - ok
21:50:16.0283 3184  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:50:16.0289 3184  Mcx2Svc - ok
21:50:16.0330 3184  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:50:16.0333 3184  megasas - ok
21:50:16.0363 3184  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:50:16.0370 3184  MegaSR - ok
21:50:16.0401 3184  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:50:16.0406 3184  MMCSS - ok
21:50:16.0425 3184  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:50:16.0428 3184  Modem - ok
21:50:16.0456 3184  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:50:16.0458 3184  monitor - ok
21:50:16.0488 3184  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:50:16.0491 3184  mouclass - ok
21:50:16.0523 3184  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:50:16.0527 3184  mouhid - ok
21:50:16.0556 3184  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:50:16.0563 3184  mountmgr - ok
21:50:16.0628 3184  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:16.0633 3184  MozillaMaintenance - ok
21:50:16.0659 3184  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:50:16.0665 3184  mpio - ok
21:50:16.0686 3184  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:50:16.0689 3184  mpsdrv - ok
21:50:16.0722 3184  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:50:16.0728 3184  MRxDAV - ok
21:50:16.0780 3184  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:16.0785 3184  mrxsmb - ok
21:50:16.0829 3184  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:16.0838 3184  mrxsmb10 - ok
21:50:16.0866 3184  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:16.0871 3184  mrxsmb20 - ok
21:50:16.0901 3184  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:50:16.0903 3184  msahci - ok
21:50:16.0932 3184  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:50:16.0939 3184  msdsm - ok
21:50:16.0994 3184  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:50:17.0001 3184  MSDTC - ok
21:50:17.0059 3184  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:50:17.0062 3184  Msfs - ok
21:50:17.0120 3184  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:50:17.0122 3184  mshidkmdf - ok
21:50:17.0142 3184  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:50:17.0144 3184  msisadrv - ok
21:50:17.0226 3184  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:50:17.0258 3184  MSiSCSI - ok
21:50:17.0271 3184  msiserver - ok
21:50:17.0321 3184  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:50:17.0346 3184  MSKSSRV - ok
21:50:17.0379 3184  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:17.0381 3184  MSPCLOCK - ok
21:50:17.0402 3184  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:50:17.0405 3184  MSPQM - ok
21:50:17.0442 3184  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:50:17.0451 3184  MsRPC - ok
21:50:17.0481 3184  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:50:17.0483 3184  mssmbios - ok
21:50:17.0494 3184  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:50:17.0502 3184  MSTEE - ok
21:50:17.0532 3184  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:50:17.0535 3184  MTConfig - ok
21:50:17.0570 3184  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:50:17.0573 3184  Mup - ok
21:50:17.0628 3184  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:50:17.0654 3184  napagent - ok
21:50:17.0717 3184  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:50:17.0726 3184  NativeWifiP - ok
21:50:17.0811 3184  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:50:17.0845 3184  NDIS - ok
21:50:17.0902 3184  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:17.0906 3184  NdisCap - ok
21:50:17.0941 3184  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:17.0945 3184  NdisTapi - ok
21:50:17.0978 3184  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:17.0982 3184  Ndisuio - ok
21:50:18.0015 3184  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:18.0021 3184  NdisWan - ok
21:50:18.0051 3184  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:50:18.0055 3184  NDProxy - ok
21:50:18.0078 3184  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:50:18.0082 3184  NetBIOS - ok
21:50:18.0119 3184  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:50:18.0142 3184  NetBT - ok
21:50:18.0159 3184  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:50:18.0162 3184  Netlogon - ok
21:50:18.0239 3184  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:50:18.0250 3184  Netman - ok
21:50:18.0304 3184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:18.0310 3184  NetMsmqActivator - ok
21:50:18.0330 3184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:18.0334 3184  NetPipeActivator - ok
21:50:18.0370 3184  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:50:18.0403 3184  netprofm - ok
21:50:18.0424 3184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:18.0428 3184  NetTcpActivator - ok
21:50:18.0452 3184  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:18.0455 3184  NetTcpPortSharing - ok
21:50:18.0491 3184  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:50:18.0494 3184  nfrd960 - ok
21:50:18.0566 3184  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:50:18.0577 3184  NlaSvc - ok
21:50:18.0602 3184  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:50:18.0605 3184  Npfs - ok
21:50:18.0645 3184  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:50:18.0650 3184  nsi - ok
21:50:18.0676 3184  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:50:18.0679 3184  nsiproxy - ok
21:50:18.0781 3184  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:50:18.0829 3184  Ntfs - ok
21:50:18.0858 3184  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:50:18.0861 3184  Null - ok
21:50:18.0916 3184  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:50:18.0921 3184  nvraid - ok
21:50:18.0950 3184  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:50:18.0956 3184  nvstor - ok
21:50:18.0991 3184  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:50:18.0997 3184  nv_agp - ok
21:50:19.0046 3184  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:50:19.0050 3184  ohci1394 - ok
21:50:19.0175 3184  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:50:19.0179 3184  ose - ok
21:50:19.0241 3184  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:50:19.0252 3184  p2pimsvc - ok
21:50:19.0289 3184  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:50:19.0312 3184  p2psvc - ok
21:50:19.0356 3184  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:50:19.0361 3184  Parport - ok
21:50:19.0404 3184  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:50:19.0408 3184  partmgr - ok
21:50:19.0441 3184  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:50:19.0449 3184  PcaSvc - ok
21:50:19.0481 3184  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:50:19.0487 3184  pci - ok
21:50:19.0507 3184  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:50:19.0509 3184  pciide - ok
21:50:19.0539 3184  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:50:19.0545 3184  pcmcia - ok
21:50:19.0568 3184  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:50:19.0571 3184  pcw - ok
21:50:19.0612 3184  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:50:19.0638 3184  PEAUTH - ok
21:50:19.0725 3184  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:50:19.0730 3184  PerfHost - ok
21:50:19.0847 3184  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:50:19.0892 3184  pla - ok
21:50:19.0949 3184  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:50:19.0962 3184  PlugPlay - ok
21:50:19.0986 3184  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:50:19.0991 3184  PNRPAutoReg - ok
21:50:20.0023 3184  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:50:20.0031 3184  PNRPsvc - ok
21:50:20.0085 3184  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:50:20.0108 3184  PolicyAgent - ok
21:50:20.0160 3184  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:50:20.0168 3184  Power - ok
21:50:20.0215 3184  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:50:20.0220 3184  PptpMiniport - ok
21:50:20.0248 3184  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:50:20.0252 3184  Processor - ok
21:50:20.0305 3184  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:50:20.0313 3184  ProfSvc - ok
21:50:20.0337 3184  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:50:20.0341 3184  ProtectedStorage - ok
21:50:20.0370 3184  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:50:20.0375 3184  Psched - ok
21:50:20.0459 3184  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:50:20.0505 3184  ql2300 - ok
21:50:20.0528 3184  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:50:20.0533 3184  ql40xx - ok
21:50:20.0568 3184  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:50:20.0580 3184  QWAVE - ok
21:50:20.0600 3184  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:50:20.0604 3184  QWAVEdrv - ok
21:50:20.0639 3184  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:50:20.0642 3184  RasAcd - ok
21:50:20.0680 3184  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:50:20.0684 3184  RasAgileVpn - ok
21:50:20.0715 3184  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:50:20.0721 3184  RasAuto - ok
21:50:20.0735 3184  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:50:20.0740 3184  Rasl2tp - ok
21:50:20.0776 3184  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:50:20.0787 3184  RasMan - ok
21:50:20.0808 3184  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:20.0812 3184  RasPppoe - ok
21:50:20.0841 3184  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:50:20.0845 3184  RasSstp - ok
21:50:20.0876 3184  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:50:20.0884 3184  rdbss - ok
21:50:20.0919 3184  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:50:20.0923 3184  rdpbus - ok
21:50:20.0972 3184  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:50:20.0975 3184  RDPCDD - ok
21:50:21.0004 3184  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:50:21.0007 3184  RDPENCDD - ok
21:50:21.0039 3184  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:50:21.0042 3184  RDPREFMP - ok
21:50:21.0091 3184  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:50:21.0097 3184  RDPWD - ok
21:50:21.0123 3184  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:50:21.0128 3184  rdyboost - ok
21:50:21.0174 3184  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:50:21.0182 3184  RemoteAccess - ok
21:50:21.0220 3184  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:50:21.0229 3184  RemoteRegistry - ok
21:50:21.0262 3184  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:50:21.0268 3184  RFCOMM - ok
21:50:21.0298 3184  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:50:21.0304 3184  RpcEptMapper - ok
21:50:21.0330 3184  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:50:21.0335 3184  RpcLocator - ok
21:50:21.0377 3184  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:50:21.0387 3184  RpcSs - ok
21:50:21.0428 3184  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:50:21.0432 3184  rspndr - ok
21:50:21.0490 3184  [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
21:50:21.0497 3184  RSUSBSTOR - ok
21:50:21.0553 3184  [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:50:21.0560 3184  RTL8167 - ok
21:50:21.0592 3184  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:50:21.0596 3184  SamSs - ok
21:50:21.0623 3184  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:50:21.0630 3184  sbp2port - ok
21:50:21.0668 3184  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:50:21.0676 3184  SCardSvr - ok
21:50:21.0716 3184  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:50:21.0719 3184  scfilter - ok
21:50:21.0788 3184  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:50:21.0834 3184  Schedule - ok
21:50:21.0873 3184  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:50:21.0877 3184  SCPolicySvc - ok
21:50:21.0918 3184  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:50:21.0927 3184  SDRSVC - ok
21:50:21.0984 3184  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
21:50:21.0989 3184  SeaPort - ok
21:50:22.0021 3184  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:50:22.0024 3184  secdrv - ok
21:50:22.0048 3184  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:50:22.0054 3184  seclogon - ok
21:50:22.0084 3184  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:50:22.0091 3184  SENS - ok
21:50:22.0119 3184  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:50:22.0125 3184  SensrSvc - ok
21:50:22.0158 3184  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:50:22.0162 3184  Serenum - ok
21:50:22.0188 3184  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
21:50:22.0192 3184  Serial - ok
21:50:22.0215 3184  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:50:22.0217 3184  sermouse - ok
21:50:22.0278 3184  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:50:22.0289 3184  SessionEnv - ok
21:50:22.0315 3184  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:50:22.0318 3184  sffdisk - ok
21:50:22.0332 3184  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:50:22.0335 3184  sffp_mmc - ok
21:50:22.0358 3184  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:50:22.0361 3184  sffp_sd - ok
21:50:22.0387 3184  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:50:22.0390 3184  sfloppy - ok
21:50:22.0436 3184  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:50:22.0447 3184  ShellHWDetection - ok
21:50:22.0484 3184  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
21:50:22.0487 3184  SiSGbeLH - ok
21:50:22.0508 3184  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:50:22.0511 3184  SiSRaid2 - ok
21:50:22.0542 3184  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:50:22.0548 3184  SiSRaid4 - ok
21:50:22.0610 3184  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:22.0613 3184  SkypeUpdate - ok
21:50:22.0647 3184  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:50:22.0651 3184  Smb - ok
21:50:22.0712 3184  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:50:22.0719 3184  SNMPTRAP - ok
21:50:22.0847 3184  [ D310A8B84911C7C14876EBDAE0302DBF ] SpeedBoosterSvc C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe
21:50:22.0915 3184  SpeedBoosterSvc - ok
21:50:22.0973 3184  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:50:22.0975 3184  spldr - ok
21:50:23.0040 3184  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:50:23.0070 3184  Spooler - ok
21:50:23.0196 3184  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:50:23.0322 3184  sppsvc - ok
21:50:23.0385 3184  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:50:23.0394 3184  sppuinotify - ok
21:50:23.0477 3184  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:50:23.0500 3184  srv - ok
21:50:23.0540 3184  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:50:23.0551 3184  srv2 - ok
21:50:23.0587 3184  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:50:23.0594 3184  srvnet - ok
21:50:23.0650 3184  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:50:23.0659 3184  SSDPSRV - ok
21:50:23.0687 3184  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:50:23.0695 3184  SstpSvc - ok
21:50:23.0738 3184  Steam Client Service - ok
21:50:23.0783 3184  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:50:23.0786 3184  stexstor - ok
21:50:23.0849 3184  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:50:23.0879 3184  stisvc - ok
21:50:23.0901 3184  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:50:23.0903 3184  swenum - ok
21:50:23.0956 3184  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:50:23.0980 3184  swprv - ok
21:50:24.0059 3184  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:50:24.0115 3184  SysMain - ok
21:50:24.0166 3184  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:50:24.0174 3184  TabletInputService - ok
21:50:24.0206 3184  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:50:24.0218 3184  TapiSrv - ok
21:50:24.0256 3184  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:50:24.0261 3184  TBS - ok
21:50:24.0366 3184  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:50:24.0422 3184  Tcpip - ok
21:50:24.0499 3184  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:50:24.0522 3184  TCPIP6 - ok
21:50:24.0600 3184  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:50:24.0604 3184  tcpipreg - ok
21:50:24.0671 3184  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:50:24.0674 3184  TDPIPE - ok
21:50:24.0728 3184  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:50:24.0732 3184  TDTCP - ok
21:50:24.0771 3184  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:50:24.0776 3184  tdx - ok
21:50:24.0809 3184  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:50:24.0812 3184  TermDD - ok
21:50:24.0869 3184  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:50:24.0903 3184  TermService - ok
21:50:24.0955 3184  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:50:24.0961 3184  Themes - ok
21:50:24.0995 3184  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:50:24.0999 3184  THREADORDER - ok
21:50:25.0079 3184  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
21:50:25.0087 3184  TiMiniService - ok
21:50:25.0129 3184  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
21:50:25.0132 3184  tmactmon - ok
21:50:25.0159 3184  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
21:50:25.0162 3184  tmcomm - ok
21:50:25.0191 3184  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
21:50:25.0194 3184  tmevtmgr - ok
21:50:25.0250 3184  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
21:50:25.0254 3184  tmtdi - ok
21:50:25.0290 3184  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:50:25.0297 3184  TrkWks - ok
21:50:25.0369 3184  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:50:25.0372 3184  TrustedInstaller - ok
21:50:25.0403 3184  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:50:25.0406 3184  tssecsrv - ok
21:50:25.0454 3184  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:50:25.0458 3184  TsUsbFlt - ok
21:50:25.0489 3184  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:50:25.0494 3184  TsUsbGD - ok
21:50:25.0546 3184  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:50:25.0551 3184  tunnel - ok
21:50:25.0583 3184  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:50:25.0588 3184  uagp35 - ok
21:50:25.0640 3184  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:50:25.0649 3184  udfs - ok
21:50:25.0723 3184  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:50:25.0729 3184  UI0Detect - ok
21:50:25.0771 3184  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:50:25.0775 3184  uliagpkx - ok
21:50:25.0807 3184  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:50:25.0810 3184  umbus - ok
21:50:25.0830 3184  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:50:25.0833 3184  UmPass - ok
21:50:25.0873 3184  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:50:25.0897 3184  upnphost - ok
21:50:25.0944 3184  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:50:25.0949 3184  usbccgp - ok
21:50:25.0987 3184  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:50:25.0993 3184  usbcir - ok
21:50:26.0036 3184  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:50:26.0040 3184  usbehci - ok
21:50:26.0084 3184  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:50:26.0086 3184  usbfilter - ok
21:50:26.0133 3184  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:50:26.0142 3184  usbhub - ok
21:50:26.0193 3184  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:50:26.0198 3184  usbohci - ok
21:50:26.0233 3184  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:50:26.0236 3184  usbprint - ok
21:50:26.0279 3184  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:50:26.0284 3184  USBSTOR - ok
21:50:26.0315 3184  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:50:26.0318 3184  usbuhci - ok
21:50:26.0366 3184  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:50:26.0373 3184  usbvideo - ok
21:50:26.0416 3184  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:50:26.0422 3184  UxSms - ok
21:50:26.0445 3184  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:50:26.0449 3184  VaultSvc - ok
21:50:26.0481 3184  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:50:26.0483 3184  vdrvroot - ok
21:50:26.0535 3184  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:50:26.0564 3184  vds - ok
21:50:26.0608 3184  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:50:26.0612 3184  vga - ok
21:50:26.0646 3184  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:50:26.0649 3184  VgaSave - ok
21:50:26.0695 3184  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:50:26.0703 3184  vhdmp - ok
21:50:26.0716 3184  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:50:26.0731 3184  viaide - ok
21:50:26.0771 3184  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:50:26.0775 3184  volmgr - ok
21:50:26.0805 3184  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:50:26.0814 3184  volmgrx - ok
21:50:26.0844 3184  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:50:26.0849 3184  volsnap - ok
21:50:26.0887 3184  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:50:26.0895 3184  vsmraid - ok
21:50:26.0977 3184  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:50:27.0056 3184  VSS - ok
21:50:27.0083 3184  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:50:27.0087 3184  vwifibus - ok
21:50:27.0122 3184  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:50:27.0126 3184  vwififlt - ok
21:50:27.0167 3184  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:50:27.0190 3184  W32Time - ok
21:50:27.0244 3184  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:50:27.0248 3184  WacomPen - ok
21:50:27.0284 3184  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:50:27.0288 3184  WANARP - ok
21:50:27.0307 3184  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:50:27.0309 3184  Wanarpv6 - ok
21:50:27.0382 3184  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:50:27.0428 3184  wbengine - ok
21:50:27.0463 3184  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:50:27.0472 3184  WbioSrvc - ok
21:50:27.0505 3184  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:50:27.0517 3184  wcncsvc - ok
21:50:27.0544 3184  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:27.0551 3184  WcsPlugInService - ok
21:50:27.0586 3184  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:50:27.0589 3184  Wd - ok
21:50:27.0648 3184  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:50:27.0682 3184  Wdf01000 - ok
21:50:27.0714 3184  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:50:27.0721 3184  WdiServiceHost - ok
21:50:27.0742 3184  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:50:27.0748 3184  WdiSystemHost - ok
21:50:27.0796 3184  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:50:27.0808 3184  WebClient - ok
21:50:27.0841 3184  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:50:27.0851 3184  Wecsvc - ok
21:50:27.0881 3184  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:50:27.0888 3184  wercplsupport - ok
21:50:27.0929 3184  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:50:27.0937 3184  WerSvc - ok
21:50:27.0970 3184  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:50:27.0973 3184  WfpLwf - ok
21:50:28.0026 3184  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
21:50:28.0032 3184  WimFltr - ok
21:50:28.0070 3184  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:50:28.0074 3184  WIMMount - ok
21:50:28.0121 3184  WinHttpAutoProxySvc - ok
21:50:28.0186 3184  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:50:28.0206 3184  Winmgmt - ok
21:50:28.0307 3184  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:50:28.0384 3184  WinRM - ok
21:50:28.0482 3184  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:50:28.0516 3184  Wlansvc - ok
21:50:28.0584 3184  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:50:28.0586 3184  wlcrasvc - ok
21:50:28.0739 3184  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:50:28.0768 3184  wlidsvc - ok
21:50:28.0808 3184  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:50:28.0810 3184  WmiAcpi - ok
21:50:28.0860 3184  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:50:28.0867 3184  wmiApSrv - ok
21:50:28.0908 3184  WMPNetworkSvc - ok
21:50:28.0949 3184  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:50:28.0958 3184  WPCSvc - ok
21:50:28.0995 3184  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:50:29.0005 3184  WPDBusEnum - ok
21:50:29.0044 3184  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:50:29.0047 3184  ws2ifsl - ok
21:50:29.0069 3184  WSearch - ok
21:50:29.0123 3184  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:50:29.0128 3184  WudfPf - ok
21:50:29.0176 3184  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:29.0182 3184  WUDFRd - ok
21:50:29.0236 3184  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:50:29.0244 3184  wudfsvc - ok
21:50:29.0314 3184  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:50:29.0324 3184  WwanSvc - ok
21:50:29.0414 3184  X6va012 - ok
21:50:29.0451 3184  ================ Scan global ===============================
21:50:29.0481 3184  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:50:29.0534 3184  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:50:29.0553 3184  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:50:29.0588 3184  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:50:29.0628 3184  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
21:50:29.0638 3184  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
21:50:29.0638 3184  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
21:50:29.0648 3184  ================ Scan MBR ==================================
21:50:29.0667 3184  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:50:29.0952 3184  \Device\Harddisk0\DR0 - ok
21:50:29.0953 3184  ================ Scan VBR ==================================
21:50:29.0969 3184  [ EEC6EAF0FBDD67077502DEC728B66DAD ] \Device\Harddisk0\DR0\Partition1
21:50:29.0973 3184  \Device\Harddisk0\DR0\Partition1 - ok
21:50:30.0004 3184  [ C1CAB073C50571A7E3E52CEA338F9D1A ] \Device\Harddisk0\DR0\Partition2
21:50:30.0008 3184  \Device\Harddisk0\DR0\Partition2 - ok
21:50:30.0009 3184  ============================================================
21:50:30.0009 3184  Scan finished
21:50:30.0009 3184  ============================================================
21:50:30.0049 5068  Detected object count: 1
21:50:30.0049 5068  Actual detected object count: 1
21:50:43.0111 5068  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
21:50:43.0111 5068  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip

Alt 16.07.2013, 06:49   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Setz bei services.exe Cure und lass laufen, poste das Log. Dann ein frisches Scanlog mit TDSSKiller und FRST machen und auch bitte posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2013, 08:06   #11
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Code:
ATTFilter
08:58:34.0066 1144  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:58:34.0534 1144  ============================================================
08:58:34.0534 1144  Current date / time: 2013/07/16 08:58:34.0534
08:58:34.0534 1144  SystemInfo:
08:58:34.0534 1144  
08:58:34.0534 1144  OS Version: 6.1.7601 ServicePack: 1.0
08:58:34.0534 1144  Product type: Workstation
08:58:34.0534 1144  ComputerName: BF3LOVEX3
08:58:34.0534 1144  UserName: Paul
08:58:34.0534 1144  Windows directory: C:\Windows
08:58:34.0534 1144  System windows directory: C:\Windows
08:58:34.0534 1144  Running under WOW64
08:58:34.0534 1144  Processor architecture: Intel x64
08:58:34.0534 1144  Number of processors: 2
08:58:34.0534 1144  Page size: 0x1000
08:58:34.0534 1144  Boot type: Normal boot
08:58:34.0534 1144  ============================================================
08:58:37.0389 1144  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:37.0389 1144  ============================================================
08:58:37.0389 1144  \Device\Harddisk0\DR0:
08:58:37.0389 1144  MBR partitions:
08:58:37.0389 1144  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
08:58:37.0420 1144  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0F000, BlocksNum 0x1281F000
08:58:37.0420 1144  ============================================================
08:58:37.0498 1144  C: <-> \Device\Harddisk0\DR0\Partition1
08:58:37.0576 1144  D: <-> \Device\Harddisk0\DR0\Partition2
08:58:37.0576 1144  ============================================================
08:58:37.0576 1144  Initialize success
08:58:37.0576 1144  ============================================================
08:58:39.0292 2764  ============================================================
08:58:39.0292 2764  Scan started
08:58:39.0292 2764  Mode: Manual; 
08:58:39.0292 2764  ============================================================
08:58:40.0290 2764  ================ Scan system memory ========================
08:58:40.0290 2764  System memory - ok
08:58:40.0290 2764  ================ Scan services =============================
08:58:40.0618 2764  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:58:40.0618 2764  1394ohci - ok
08:58:40.0649 2764  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:58:40.0665 2764  ACPI - ok
08:58:40.0680 2764  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:58:40.0696 2764  AcpiPmi - ok
08:58:40.0867 2764  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:58:40.0867 2764  AdobeFlashPlayerUpdateSvc - ok
08:58:40.0930 2764  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:58:40.0930 2764  adp94xx - ok
08:58:40.0992 2764  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:58:40.0992 2764  adpahci - ok
08:58:41.0008 2764  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:58:41.0039 2764  adpu320 - ok
08:58:41.0070 2764  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:58:41.0086 2764  AeLookupSvc - ok
08:58:41.0133 2764  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
08:58:41.0148 2764  AFBAgent - ok
08:58:41.0211 2764  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:58:41.0226 2764  AFD - ok
08:58:41.0273 2764  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:58:41.0273 2764  agp440 - ok
08:58:41.0304 2764  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:58:41.0320 2764  ALG - ok
08:58:41.0335 2764  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:58:41.0351 2764  aliide - ok
08:58:41.0429 2764  [ 9CCAF5CCD848F8D77CD18DAA51F9C987 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:58:41.0429 2764  AMD External Events Utility - ok
08:58:41.0460 2764  AMD FUEL Service - ok
08:58:41.0507 2764  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:58:41.0507 2764  amdide - ok
08:58:41.0538 2764  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
08:58:41.0538 2764  amdiox64 - ok
08:58:41.0569 2764  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:58:41.0569 2764  AmdK8 - ok
08:58:42.0006 2764  [ 8BD152EAAEFEB8667E7E43FD8CAC3642 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:58:42.0256 2764  amdkmdag - ok
08:58:42.0303 2764  [ 4112266BD3949EBE9B0B8AB198D3D0EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:58:42.0303 2764  amdkmdap - ok
08:58:42.0365 2764  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:58:42.0365 2764  AmdPPM - ok
08:58:42.0412 2764  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:58:42.0412 2764  amdsata - ok
08:58:42.0427 2764  Scan interrupted by user!
08:58:42.0427 2764  ================ Scan global ===============================
08:58:42.0427 2764  Scan interrupted by user!
08:58:42.0427 2764  ================ Scan MBR ==================================
08:58:42.0427 2764  Scan interrupted by user!
08:58:42.0427 2764  ================ Scan VBR ==================================
08:58:42.0427 2764  Scan interrupted by user!
08:58:42.0427 2764  ============================================================
08:58:42.0427 2764  Scan finished
08:58:42.0427 2764  ============================================================
08:58:42.0443 3840  Detected object count: 0
08:58:42.0443 3840  Actual detected object count: 0
08:58:43.0707 3156  ============================================================
08:58:43.0707 3156  Scan started
08:58:43.0707 3156  Mode: Manual; 
08:58:43.0707 3156  ============================================================
08:58:44.0081 3156  ================ Scan system memory ========================
08:58:44.0081 3156  System memory - ok
08:58:44.0081 3156  ================ Scan services =============================
08:58:44.0923 3156  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:58:44.0939 3156  1394ohci - ok
08:58:44.0986 3156  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:58:44.0986 3156  ACPI - ok
08:58:45.0033 3156  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:58:45.0033 3156  AcpiPmi - ok
08:58:45.0906 3156  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:58:45.0922 3156  AdobeFlashPlayerUpdateSvc - ok
08:58:45.0969 3156  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:58:45.0984 3156  adp94xx - ok
08:58:46.0047 3156  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:58:46.0062 3156  adpahci - ok
08:58:46.0109 3156  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:58:46.0109 3156  adpu320 - ok
08:58:46.0156 3156  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:58:46.0156 3156  AeLookupSvc - ok
08:58:46.0281 3156  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
08:58:46.0296 3156  AFBAgent - ok
08:58:46.0405 3156  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:58:46.0405 3156  AFD - ok
08:58:46.0437 3156  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:58:46.0437 3156  agp440 - ok
08:58:46.0483 3156  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:58:46.0483 3156  ALG - ok
08:58:46.0499 3156  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:58:46.0499 3156  aliide - ok
08:58:46.0577 3156  [ 9CCAF5CCD848F8D77CD18DAA51F9C987 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:58:46.0593 3156  AMD External Events Utility - ok
08:58:46.0686 3156  AMD FUEL Service - ok
08:58:46.0749 3156  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:58:46.0749 3156  amdide - ok
08:58:46.0780 3156  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
08:58:46.0780 3156  amdiox64 - ok
08:58:46.0811 3156  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:58:46.0811 3156  AmdK8 - ok
08:58:47.0747 3156  [ 8BD152EAAEFEB8667E7E43FD8CAC3642 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:58:47.0825 3156  amdkmdag - ok
08:58:47.0903 3156  [ 4112266BD3949EBE9B0B8AB198D3D0EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:58:47.0903 3156  amdkmdap - ok
08:58:47.0950 3156  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:58:47.0950 3156  AmdPPM - ok
08:58:48.0028 3156  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:58:48.0028 3156  amdsata - ok
08:58:48.0059 3156  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
08:58:48.0059 3156  amdsbs - ok
08:58:48.0090 3156  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:58:48.0090 3156  amdxata - ok
08:58:48.0121 3156  [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
08:58:48.0121 3156  amd_sata - ok
08:58:48.0137 3156  [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
08:58:48.0137 3156  amd_xata - ok
08:58:48.0761 3156  [ D24AE3842FEFDC4C2AB77F8D893CFBB2 ] AMOptimalDiskService C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
08:58:48.0792 3156  AMOptimalDiskService - ok
08:58:48.0870 3156  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
08:58:48.0870 3156  Amsp - ok
08:58:48.0933 3156  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:58:48.0933 3156  AppID - ok
08:58:48.0964 3156  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:58:48.0964 3156  AppIDSvc - ok
08:58:48.0995 3156  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:58:48.0995 3156  Appinfo - ok
08:58:49.0026 3156  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
08:58:49.0026 3156  arc - ok
08:58:49.0042 3156  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
08:58:49.0057 3156  arcsas - ok
08:58:49.0135 3156  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
08:58:49.0135 3156  ASLDRService - ok
08:58:49.0167 3156  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
08:58:49.0167 3156  ASMMAP64 - ok
08:58:49.0479 3156  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:58:49.0525 3156  aspnet_state - ok
08:58:49.0572 3156  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:58:49.0572 3156  AsyncMac - ok
08:58:49.0603 3156  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:58:49.0619 3156  atapi - ok
08:58:49.0681 3156  [ F8633CDD09647A64EE8DB550630427FF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
08:58:49.0728 3156  athr - ok
08:58:49.0806 3156  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:58:49.0806 3156  AtiHDAudioService - ok
08:58:49.0837 3156  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
08:58:49.0853 3156  ATKGFNEXSrv - ok
08:58:49.0915 3156  [ AC31727F9946E9009480708E4D1B9986 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
08:58:49.0915 3156  ATKWMIACPIIO - ok
08:58:49.0993 3156  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:58:50.0025 3156  AudioEndpointBuilder - ok
08:58:50.0071 3156  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:58:50.0071 3156  AudioSrv - ok
08:58:50.0134 3156  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:58:50.0134 3156  AxInstSV - ok
08:58:50.0196 3156  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
08:58:50.0196 3156  b06bdrv - ok
08:58:50.0227 3156  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:58:50.0243 3156  b57nd60a - ok
08:58:50.0337 3156  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:58:50.0337 3156  BBSvc - ok
08:58:50.0399 3156  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:58:50.0415 3156  BDESVC - ok
08:58:50.0461 3156  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:58:50.0477 3156  Beep - ok
08:58:50.0493 3156  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:58:50.0493 3156  blbdrive - ok
08:58:50.0555 3156  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:58:50.0555 3156  bowser - ok
08:58:50.0586 3156  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
08:58:50.0586 3156  BrFiltLo - ok
08:58:50.0602 3156  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
08:58:50.0602 3156  BrFiltUp - ok
08:58:50.0649 3156  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:58:50.0649 3156  Browser - ok
08:58:50.0695 3156  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:58:50.0695 3156  Brserid - ok
08:58:50.0711 3156  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:58:50.0711 3156  BrSerWdm - ok
08:58:50.0727 3156  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:58:50.0727 3156  BrUsbMdm - ok
08:58:50.0742 3156  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:58:50.0742 3156  BrUsbSer - ok
08:58:50.0789 3156  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:58:50.0805 3156  BthEnum - ok
08:58:50.0820 3156  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
08:58:50.0836 3156  BTHMODEM - ok
08:58:50.0851 3156  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:58:50.0851 3156  BthPan - ok
08:58:50.0898 3156  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:58:50.0945 3156  BTHPORT - ok
08:58:50.0992 3156  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:58:51.0007 3156  bthserv - ok
08:58:51.0023 3156  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:58:51.0023 3156  BTHUSB - ok
08:58:51.0054 3156  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:58:51.0054 3156  cdfs - ok
08:58:51.0085 3156  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:58:51.0101 3156  cdrom - ok
08:58:51.0132 3156  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:58:51.0132 3156  CertPropSvc - ok
08:58:51.0179 3156  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
08:58:51.0179 3156  circlass - ok
08:58:51.0210 3156  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:58:51.0210 3156  CLFS - ok
08:58:51.0288 3156  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:58:51.0288 3156  clr_optimization_v2.0.50727_32 - ok
08:58:51.0366 3156  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:58:51.0366 3156  clr_optimization_v2.0.50727_64 - ok
08:58:51.0475 3156  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:58:51.0538 3156  clr_optimization_v4.0.30319_32 - ok
08:58:51.0585 3156  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:58:51.0616 3156  clr_optimization_v4.0.30319_64 - ok
08:58:51.0663 3156  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:58:51.0663 3156  CmBatt - ok
08:58:51.0694 3156  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:58:51.0694 3156  cmdide - ok
08:58:51.0756 3156  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
08:58:51.0772 3156  CNG - ok
08:58:51.0803 3156  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
08:58:51.0803 3156  Compbatt - ok
08:58:51.0834 3156  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
08:58:51.0834 3156  CompositeBus - ok
08:58:51.0850 3156  COMSysApp - ok
08:58:51.0881 3156  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
08:58:51.0881 3156  crcdisk - ok
08:58:51.0928 3156  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:58:51.0928 3156  CryptSvc - ok
08:58:51.0975 3156  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:58:51.0990 3156  DcomLaunch - ok
08:58:52.0021 3156  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:58:52.0021 3156  defragsvc - ok
08:58:52.0053 3156  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:58:52.0053 3156  DfsC - ok
08:58:52.0084 3156  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:58:52.0099 3156  Dhcp - ok
08:58:52.0115 3156  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:58:52.0115 3156  discache - ok
08:58:52.0162 3156  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
08:58:52.0162 3156  Disk - ok
08:58:52.0224 3156  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:58:52.0240 3156  Dnscache - ok
08:58:52.0271 3156  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:58:52.0287 3156  dot3svc - ok
08:58:52.0302 3156  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:58:52.0302 3156  DPS - ok
08:58:52.0318 3156  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:58:52.0333 3156  drmkaud - ok
08:58:52.0411 3156  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:58:52.0443 3156  DXGKrnl - ok
08:58:52.0474 3156  EagleX64 - ok
08:58:52.0489 3156  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:58:52.0489 3156  EapHost - ok
08:58:52.0599 3156  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
08:58:52.0708 3156  ebdrv - ok
08:58:52.0755 3156  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
08:58:52.0770 3156  EFS - ok
08:58:52.0864 3156  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:58:52.0895 3156  ehRecvr - ok
08:58:52.0926 3156  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:58:52.0926 3156  ehSched - ok
08:58:53.0004 3156  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
08:58:53.0020 3156  elxstor - ok
08:58:53.0020 3156  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:58:53.0035 3156  ErrDev - ok
08:58:53.0082 3156  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
08:58:53.0082 3156  ETD - ok
08:58:53.0113 3156  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:58:53.0129 3156  EventSystem - ok
08:58:53.0160 3156  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:58:53.0160 3156  exfat - ok
08:58:53.0191 3156  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:58:53.0191 3156  fastfat - ok
08:58:53.0269 3156  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:58:53.0301 3156  Fax - ok
08:58:53.0316 3156  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
08:58:53.0332 3156  fdc - ok
08:58:53.0347 3156  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:58:53.0363 3156  fdPHost - ok
08:58:53.0379 3156  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:58:53.0379 3156  FDResPub - ok
08:58:53.0410 3156  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:58:53.0410 3156  FileInfo - ok
08:58:53.0425 3156  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:58:53.0425 3156  Filetrace - ok
08:58:53.0457 3156  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
08:58:53.0457 3156  flpydisk - ok
08:58:53.0488 3156  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:58:53.0488 3156  FltMgr - ok
08:58:53.0597 3156  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:58:53.0644 3156  FontCache - ok
08:58:53.0706 3156  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:58:53.0722 3156  FontCache3.0.0.0 - ok
08:58:53.0737 3156  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:58:53.0753 3156  FsDepends - ok
08:58:53.0784 3156  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
08:58:53.0800 3156  fssfltr - ok
08:58:53.0893 3156  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:58:53.0956 3156  fsssvc - ok
08:58:54.0018 3156  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:58:54.0018 3156  Fs_Rec - ok
08:58:54.0081 3156  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:58:54.0081 3156  fvevol - ok
08:58:54.0127 3156  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
08:58:54.0127 3156  gagp30kx - ok
08:58:54.0174 3156  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:58:54.0190 3156  gpsvc - ok
08:58:54.0268 3156  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:58:54.0268 3156  gupdate - ok
08:58:54.0299 3156  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:58:54.0299 3156  gupdatem - ok
08:58:54.0330 3156  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:58:54.0330 3156  gusvc - ok
08:58:54.0377 3156  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:58:54.0377 3156  hcw85cir - ok
08:58:54.0439 3156  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:58:54.0455 3156  HdAudAddService - ok
08:58:54.0486 3156  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
08:58:54.0486 3156  HDAudBus - ok
08:58:54.0517 3156  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
08:58:54.0517 3156  HidBatt - ok
08:58:54.0533 3156  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
08:58:54.0549 3156  HidBth - ok
08:58:54.0580 3156  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
08:58:54.0580 3156  HidIr - ok
08:58:54.0611 3156  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:58:54.0627 3156  hidserv - ok
08:58:54.0658 3156  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:58:54.0658 3156  HidUsb - ok
08:58:54.0673 3156  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:58:54.0673 3156  hkmsvc - ok
08:58:54.0720 3156  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:58:54.0720 3156  HomeGroupListener - ok
08:58:54.0767 3156  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:58:54.0783 3156  HomeGroupProvider - ok
08:58:54.0814 3156  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:58:54.0814 3156  HpSAMD - ok
08:58:54.0861 3156  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:58:54.0876 3156  HTTP - ok
08:58:54.0907 3156  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:58:54.0907 3156  hwpolicy - ok
08:58:54.0939 3156  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:58:54.0939 3156  i8042prt - ok
08:58:54.0985 3156  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:58:55.0001 3156  iaStorV - ok
08:58:55.0141 3156  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:58:55.0188 3156  idsvc - ok
08:58:55.0219 3156  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
08:58:55.0219 3156  iirsp - ok
08:58:55.0282 3156  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:58:55.0313 3156  IKEEXT - ok
08:58:55.0344 3156  IntcAzAudAddService - ok
08:58:55.0360 3156  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:58:55.0360 3156  intelide - ok
08:58:55.0391 3156  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
08:58:55.0391 3156  intelppm - ok
08:58:55.0438 3156  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:58:55.0438 3156  IPBusEnum - ok
08:58:55.0469 3156  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:58:55.0469 3156  IpFilterDriver - ok
08:58:55.0500 3156  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:58:55.0500 3156  IPMIDRV - ok
08:58:55.0531 3156  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:58:55.0531 3156  IPNAT - ok
08:58:55.0547 3156  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:58:55.0563 3156  IRENUM - ok
08:58:55.0578 3156  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:58:55.0578 3156  isapnp - ok
08:58:55.0594 3156  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:58:55.0609 3156  iScsiPrt - ok
08:58:55.0641 3156  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:58:55.0641 3156  kbdclass - ok
08:58:55.0672 3156  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:58:55.0672 3156  kbdhid - ok
08:58:55.0703 3156  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
08:58:55.0703 3156  kbfiltr - ok
08:58:55.0734 3156  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
08:58:55.0734 3156  KeyIso - ok
08:58:55.0781 3156  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:58:55.0781 3156  KSecDD - ok
08:58:55.0812 3156  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:58:55.0812 3156  KSecPkg - ok
08:58:55.0843 3156  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:58:55.0843 3156  ksthunk - ok
08:58:55.0890 3156  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:58:55.0890 3156  KtmRm - ok
08:58:55.0937 3156  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
08:58:55.0937 3156  L1C - ok
08:58:55.0984 3156  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:58:55.0984 3156  LanmanServer - ok
08:58:56.0015 3156  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:58:56.0015 3156  LanmanWorkstation - ok
08:58:56.0062 3156  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:58:56.0062 3156  lltdio - ok
08:58:56.0109 3156  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:58:56.0109 3156  lltdsvc - ok
08:58:56.0140 3156  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:58:56.0140 3156  lmhosts - ok
08:58:56.0187 3156  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
08:58:56.0187 3156  LSI_FC - ok
08:58:56.0218 3156  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
08:58:56.0218 3156  LSI_SAS - ok
08:58:56.0233 3156  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
08:58:56.0249 3156  LSI_SAS2 - ok
08:58:56.0265 3156  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
08:58:56.0265 3156  LSI_SCSI - ok
08:58:56.0296 3156  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:58:56.0296 3156  luafv - ok
08:58:56.0374 3156  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
08:58:56.0374 3156  MBAMProtector - ok
08:58:56.0467 3156  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:58:56.0483 3156  MBAMScheduler - ok
08:58:56.0530 3156  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:58:56.0561 3156  MBAMService - ok
08:58:56.0592 3156  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:58:56.0608 3156  Mcx2Svc - ok
08:58:56.0639 3156  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
08:58:56.0639 3156  megasas - ok
08:58:56.0670 3156  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
08:58:56.0670 3156  MegaSR - ok
08:58:56.0686 3156  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:58:56.0701 3156  MMCSS - ok
08:58:56.0717 3156  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:58:56.0717 3156  Modem - ok
08:58:56.0748 3156  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:58:56.0748 3156  monitor - ok
08:58:56.0764 3156  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:58:56.0764 3156  mouclass - ok
08:58:56.0811 3156  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:58:56.0811 3156  mouhid - ok
08:58:56.0826 3156  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:58:56.0826 3156  mountmgr - ok
08:58:56.0889 3156  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:58:56.0889 3156  MozillaMaintenance - ok
08:58:56.0920 3156  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:58:56.0920 3156  mpio - ok
08:58:56.0935 3156  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:58:56.0935 3156  mpsdrv - ok
08:58:56.0951 3156  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:58:56.0967 3156  MRxDAV - ok
08:58:57.0029 3156  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:58:57.0029 3156  mrxsmb - ok
08:58:57.0076 3156  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:58:57.0091 3156  mrxsmb10 - ok
08:58:57.0107 3156  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:58:57.0123 3156  mrxsmb20 - ok
08:58:57.0154 3156  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:58:57.0154 3156  msahci - ok
08:58:57.0169 3156  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:58:57.0185 3156  msdsm - ok
08:58:57.0216 3156  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:58:57.0216 3156  MSDTC - ok
08:58:57.0232 3156  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:58:57.0247 3156  Msfs - ok
08:58:57.0263 3156  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:58:57.0279 3156  mshidkmdf - ok
08:58:57.0294 3156  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:58:57.0294 3156  msisadrv - ok
08:58:57.0325 3156  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:58:57.0341 3156  MSiSCSI - ok
08:58:57.0341 3156  msiserver - ok
08:58:57.0388 3156  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:58:57.0388 3156  MSKSSRV - ok
08:58:57.0403 3156  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:58:57.0403 3156  MSPCLOCK - ok
08:58:57.0419 3156  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:58:57.0419 3156  MSPQM - ok
08:58:57.0435 3156  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:58:57.0450 3156  MsRPC - ok
08:58:57.0466 3156  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
08:58:57.0466 3156  mssmbios - ok
08:58:57.0481 3156  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:58:57.0481 3156  MSTEE - ok
08:58:57.0497 3156  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
08:58:57.0497 3156  MTConfig - ok
08:58:57.0528 3156  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:58:57.0528 3156  Mup - ok
08:58:57.0606 3156  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:58:57.0637 3156  napagent - ok
08:58:57.0684 3156  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:58:57.0700 3156  NativeWifiP - ok
08:58:57.0762 3156  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:58:57.0825 3156  NDIS - ok
08:58:57.0856 3156  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:58:57.0871 3156  NdisCap - ok
08:58:57.0887 3156  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:58:57.0887 3156  NdisTapi - ok
08:58:57.0918 3156  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:58:57.0918 3156  Ndisuio - ok
08:58:57.0949 3156  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:58:57.0949 3156  NdisWan - ok
08:58:57.0981 3156  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:58:57.0981 3156  NDProxy - ok
08:58:58.0012 3156  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:58:58.0027 3156  NetBIOS - ok
08:58:58.0059 3156  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:58:58.0059 3156  NetBT - ok
08:58:58.0074 3156  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
08:58:58.0074 3156  Netlogon - ok
08:58:58.0121 3156  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:58:58.0137 3156  Netman - ok
08:58:58.0183 3156  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:58.0199 3156  NetMsmqActivator - ok
08:58:58.0215 3156  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:58.0215 3156  NetPipeActivator - ok
08:58:58.0261 3156  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:58:58.0324 3156  netprofm - ok
08:58:58.0339 3156  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:58.0339 3156  NetTcpActivator - ok
08:58:58.0386 3156  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:58.0386 3156  NetTcpPortSharing - ok
08:58:58.0433 3156  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
08:58:58.0433 3156  nfrd960 - ok
08:58:58.0480 3156  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:58:58.0495 3156  NlaSvc - ok
08:58:58.0511 3156  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:58:58.0511 3156  Npfs - ok
08:58:58.0542 3156  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:58:58.0542 3156  nsi - ok
08:58:58.0573 3156  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:58:58.0573 3156  nsiproxy - ok
08:58:58.0807 3156  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:58:58.0854 3156  Ntfs - ok
08:58:58.0901 3156  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:58:58.0901 3156  Null - ok
08:58:58.0948 3156  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:58:58.0963 3156  nvraid - ok
08:58:59.0010 3156  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:58:59.0026 3156  nvstor - ok
08:58:59.0041 3156  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:58:59.0057 3156  nv_agp - ok
08:58:59.0088 3156  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:58:59.0088 3156  ohci1394 - ok
08:58:59.0182 3156  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:58:59.0197 3156  ose - ok
08:58:59.0244 3156  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:58:59.0260 3156  p2pimsvc - ok
08:58:59.0307 3156  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:58:59.0322 3156  p2psvc - ok
08:58:59.0369 3156  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
08:58:59.0369 3156  Parport - ok
08:58:59.0416 3156  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:58:59.0416 3156  partmgr - ok
08:58:59.0447 3156  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:58:59.0447 3156  PcaSvc - ok
08:58:59.0478 3156  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:58:59.0478 3156  pci - ok
08:58:59.0494 3156  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:58:59.0494 3156  pciide - ok
08:58:59.0541 3156  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
08:58:59.0541 3156  pcmcia - ok
08:58:59.0556 3156  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:58:59.0572 3156  pcw - ok
08:58:59.0587 3156  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:58:59.0619 3156  PEAUTH - ok
08:59:00.0227 3156  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:59:00.0227 3156  PerfHost - ok
08:59:00.0352 3156  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:59:00.0399 3156  pla - ok
08:59:00.0477 3156  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:59:00.0508 3156  PlugPlay - ok
08:59:00.0570 3156  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:59:00.0570 3156  PNRPAutoReg - ok
08:59:00.0617 3156  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:59:00.0617 3156  PNRPsvc - ok
08:59:00.0664 3156  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:59:00.0679 3156  PolicyAgent - ok
08:59:00.0742 3156  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:59:00.0742 3156  Power - ok
08:59:00.0789 3156  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:59:00.0789 3156  PptpMiniport - ok
08:59:00.0820 3156  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
08:59:00.0820 3156  Processor - ok
08:59:00.0867 3156  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:59:00.0867 3156  ProfSvc - ok
08:59:00.0898 3156  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:59:00.0913 3156  ProtectedStorage - ok
08:59:00.0929 3156  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:59:00.0929 3156  Psched - ok
08:59:01.0007 3156  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
08:59:01.0069 3156  ql2300 - ok
08:59:01.0085 3156  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
08:59:01.0085 3156  ql40xx - ok
08:59:01.0116 3156  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:59:01.0116 3156  QWAVE - ok
08:59:01.0132 3156  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:59:01.0132 3156  QWAVEdrv - ok
08:59:01.0163 3156  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:59:01.0163 3156  RasAcd - ok
08:59:01.0210 3156  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:59:01.0225 3156  RasAgileVpn - ok
08:59:01.0241 3156  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:59:01.0257 3156  RasAuto - ok
08:59:01.0272 3156  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:59:01.0288 3156  Rasl2tp - ok
08:59:01.0303 3156  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:59:01.0319 3156  RasMan - ok
08:59:01.0335 3156  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:59:01.0350 3156  RasPppoe - ok
08:59:01.0381 3156  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:59:01.0381 3156  RasSstp - ok
08:59:01.0397 3156  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:59:01.0413 3156  rdbss - ok
08:59:01.0428 3156  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
08:59:01.0428 3156  rdpbus - ok
08:59:01.0459 3156  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:59:01.0459 3156  RDPCDD - ok
08:59:01.0475 3156  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:59:01.0491 3156  RDPENCDD - ok
08:59:01.0506 3156  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:59:01.0506 3156  RDPREFMP - ok
08:59:01.0584 3156  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:59:01.0584 3156  RDPWD - ok
08:59:01.0631 3156  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:59:01.0647 3156  rdyboost - ok
08:59:01.0678 3156  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:59:01.0678 3156  RemoteAccess - ok
08:59:01.0709 3156  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:59:01.0709 3156  RemoteRegistry - ok
08:59:01.0756 3156  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:59:01.0756 3156  RFCOMM - ok
08:59:01.0771 3156  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:59:01.0787 3156  RpcEptMapper - ok
08:59:01.0818 3156  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:59:01.0818 3156  RpcLocator - ok
08:59:01.0912 3156  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:59:01.0912 3156  RpcSs - ok
08:59:01.0974 3156  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:59:01.0974 3156  rspndr - ok
08:59:02.0052 3156  [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
08:59:02.0068 3156  RSUSBSTOR - ok
08:59:02.0099 3156  [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:59:02.0115 3156  RTL8167 - ok
08:59:02.0130 3156  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
08:59:02.0130 3156  SamSs - ok
08:59:02.0146 3156  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:59:02.0146 3156  sbp2port - ok
08:59:02.0177 3156  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:59:02.0193 3156  SCardSvr - ok
08:59:02.0224 3156  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:59:02.0224 3156  scfilter - ok
08:59:02.0271 3156  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:59:02.0302 3156  Schedule - ok
08:59:02.0333 3156  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:59:02.0349 3156  SCPolicySvc - ok
08:59:02.0364 3156  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:59:02.0364 3156  SDRSVC - ok
08:59:02.0427 3156  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:59:02.0442 3156  SeaPort - ok
08:59:02.0473 3156  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:59:02.0473 3156  secdrv - ok
08:59:02.0505 3156  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:59:02.0505 3156  seclogon - ok
08:59:02.0536 3156  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:59:02.0536 3156  SENS - ok
08:59:02.0551 3156  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:59:02.0551 3156  SensrSvc - ok
08:59:02.0598 3156  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
08:59:02.0598 3156  Serenum - ok
08:59:02.0629 3156  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
08:59:02.0629 3156  Serial - ok
08:59:02.0661 3156  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
08:59:02.0661 3156  sermouse - ok
08:59:02.0692 3156  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:59:02.0692 3156  SessionEnv - ok
08:59:02.0707 3156  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:59:02.0707 3156  sffdisk - ok
08:59:02.0723 3156  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:59:02.0723 3156  sffp_mmc - ok
08:59:02.0723 3156  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:59:02.0739 3156  sffp_sd - ok
08:59:02.0754 3156  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
08:59:02.0754 3156  sfloppy - ok
08:59:02.0785 3156  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:59:02.0785 3156  ShellHWDetection - ok
08:59:02.0817 3156  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
08:59:02.0817 3156  SiSGbeLH - ok
08:59:02.0848 3156  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
08:59:02.0848 3156  SiSRaid2 - ok
08:59:02.0863 3156  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
08:59:02.0863 3156  SiSRaid4 - ok
08:59:02.0941 3156  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:59:02.0941 3156  SkypeUpdate - ok
08:59:02.0988 3156  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:59:03.0004 3156  Smb - ok
08:59:03.0066 3156  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:59:03.0082 3156  SNMPTRAP - ok
08:59:03.0207 3156  [ D310A8B84911C7C14876EBDAE0302DBF ] SpeedBoosterSvc C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe
08:59:03.0300 3156  SpeedBoosterSvc - ok
08:59:03.0331 3156  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:59:03.0331 3156  spldr - ok
08:59:03.0409 3156  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:59:03.0425 3156  Spooler - ok
08:59:03.0753 3156  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:59:03.0877 3156  sppsvc - ok
08:59:03.0909 3156  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:59:03.0909 3156  sppuinotify - ok
08:59:03.0971 3156  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:59:03.0971 3156  srv - ok
08:59:04.0002 3156  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:59:04.0018 3156  srv2 - ok
08:59:04.0033 3156  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:59:04.0033 3156  srvnet - ok
08:59:04.0080 3156  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:59:04.0080 3156  SSDPSRV - ok
08:59:04.0096 3156  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:59:04.0111 3156  SstpSvc - ok
08:59:04.0127 3156  Steam Client Service - ok
08:59:04.0174 3156  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
08:59:04.0174 3156  stexstor - ok
08:59:04.0221 3156  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:59:04.0236 3156  stisvc - ok
08:59:04.0252 3156  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
08:59:04.0267 3156  swenum - ok
08:59:04.0283 3156  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:59:04.0299 3156  swprv - ok
08:59:04.0361 3156  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:59:04.0423 3156  SysMain - ok
08:59:04.0455 3156  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:59:04.0455 3156  TabletInputService - ok
08:59:04.0486 3156  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:59:04.0501 3156  TapiSrv - ok
08:59:04.0517 3156  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:59:04.0517 3156  TBS - ok
08:59:04.0626 3156  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:59:04.0689 3156  Tcpip - ok
08:59:04.0782 3156  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:59:04.0798 3156  TCPIP6 - ok
08:59:04.0860 3156  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:59:04.0860 3156  tcpipreg - ok
08:59:04.0907 3156  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:59:04.0907 3156  TDPIPE - ok
08:59:04.0954 3156  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:59:04.0954 3156  TDTCP - ok
08:59:04.0969 3156  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:59:04.0985 3156  tdx - ok
08:59:05.0016 3156  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
08:59:05.0016 3156  TermDD - ok
08:59:05.0063 3156  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:59:05.0079 3156  TermService - ok
08:59:05.0110 3156  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:59:05.0110 3156  Themes - ok
08:59:05.0141 3156  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:59:05.0141 3156  THREADORDER - ok
08:59:05.0235 3156  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
08:59:05.0235 3156  TiMiniService - ok
08:59:05.0250 3156  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
08:59:05.0250 3156  tmactmon - ok
08:59:05.0266 3156  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
08:59:05.0266 3156  tmcomm - ok
08:59:05.0297 3156  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
08:59:05.0297 3156  tmevtmgr - ok
08:59:05.0328 3156  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
08:59:05.0328 3156  tmtdi - ok
08:59:05.0359 3156  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:59:05.0375 3156  TrkWks - ok
08:59:05.0422 3156  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:59:05.0437 3156  TrustedInstaller - ok
08:59:05.0469 3156  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:59:05.0484 3156  tssecsrv - ok
08:59:05.0515 3156  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:59:05.0515 3156  TsUsbFlt - ok
08:59:05.0547 3156  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
08:59:05.0547 3156  TsUsbGD - ok
08:59:05.0578 3156  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:59:05.0578 3156  tunnel - ok
08:59:05.0593 3156  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
08:59:05.0609 3156  uagp35 - ok
08:59:05.0640 3156  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:59:05.0640 3156  udfs - ok
08:59:05.0687 3156  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:59:05.0703 3156  UI0Detect - ok
08:59:05.0718 3156  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:59:05.0718 3156  uliagpkx - ok
08:59:05.0765 3156  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:59:05.0765 3156  umbus - ok
08:59:05.0765 3156  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
08:59:05.0765 3156  UmPass - ok
08:59:05.0796 3156  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:59:05.0812 3156  upnphost - ok
08:59:05.0843 3156  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:59:05.0859 3156  usbccgp - ok
08:59:05.0890 3156  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:59:05.0890 3156  usbcir - ok
08:59:05.0921 3156  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:59:05.0921 3156  usbehci - ok
08:59:05.0968 3156  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
08:59:05.0968 3156  usbfilter - ok
08:59:06.0030 3156  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:59:06.0046 3156  usbhub - ok
08:59:06.0093 3156  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
08:59:06.0093 3156  usbohci - ok
08:59:06.0124 3156  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
08:59:06.0139 3156  usbprint - ok
08:59:06.0186 3156  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:59:06.0186 3156  USBSTOR - ok
08:59:06.0217 3156  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:59:06.0217 3156  usbuhci - ok
08:59:06.0295 3156  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
08:59:06.0311 3156  usbvideo - ok
08:59:06.0342 3156  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:59:06.0342 3156  UxSms - ok
08:59:06.0389 3156  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
08:59:06.0389 3156  VaultSvc - ok
08:59:06.0405 3156  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:59:06.0405 3156  vdrvroot - ok
08:59:06.0436 3156  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:59:06.0451 3156  vds - ok
08:59:06.0498 3156  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:59:06.0498 3156  vga - ok
08:59:06.0545 3156  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:59:06.0545 3156  VgaSave - ok
08:59:06.0561 3156  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:59:06.0576 3156  vhdmp - ok
08:59:06.0576 3156  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:59:06.0592 3156  viaide - ok
08:59:06.0607 3156  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:59:06.0607 3156  volmgr - ok
08:59:06.0639 3156  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:59:06.0639 3156  volmgrx - ok
08:59:06.0670 3156  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:59:06.0670 3156  volsnap - ok
08:59:06.0732 3156  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
08:59:06.0748 3156  vsmraid - ok
08:59:06.0810 3156  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:59:06.0888 3156  VSS - ok
08:59:06.0919 3156  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:59:06.0919 3156  vwifibus - ok
08:59:06.0951 3156  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:59:06.0951 3156  vwififlt - ok
08:59:07.0013 3156  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:59:07.0029 3156  W32Time - ok
08:59:07.0091 3156  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
08:59:07.0091 3156  WacomPen - ok
08:59:07.0138 3156  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:59:07.0153 3156  WANARP - ok
08:59:07.0169 3156  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:59:07.0185 3156  Wanarpv6 - ok
08:59:07.0341 3156  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:59:07.0403 3156  wbengine - ok
08:59:07.0450 3156  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:59:07.0450 3156  WbioSrvc - ok
08:59:07.0512 3156  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:59:07.0528 3156  wcncsvc - ok
08:59:07.0559 3156  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:59:07.0559 3156  WcsPlugInService - ok
08:59:07.0606 3156  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
08:59:07.0621 3156  Wd - ok
08:59:07.0668 3156  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:59:07.0699 3156  Wdf01000 - ok
08:59:07.0731 3156  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:59:07.0731 3156  WdiServiceHost - ok
08:59:07.0762 3156  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:59:07.0762 3156  WdiSystemHost - ok
08:59:07.0809 3156  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:59:07.0824 3156  WebClient - ok
08:59:07.0871 3156  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:59:07.0871 3156  Wecsvc - ok
08:59:07.0902 3156  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:59:07.0918 3156  wercplsupport - ok
08:59:08.0043 3156  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:59:08.0089 3156  WerSvc - ok
08:59:08.0152 3156  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:59:08.0152 3156  WfpLwf - ok
08:59:08.0214 3156  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
08:59:08.0214 3156  WimFltr - ok
08:59:08.0245 3156  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:59:08.0245 3156  WIMMount - ok
08:59:08.0277 3156  WinHttpAutoProxySvc - ok
08:59:08.0355 3156  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:59:08.0355 3156  Winmgmt - ok
08:59:08.0542 3156  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:59:08.0635 3156  WinRM - ok
08:59:08.0745 3156  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:59:08.0776 3156  Wlansvc - ok
08:59:08.0838 3156  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:59:08.0838 3156  wlcrasvc - ok
08:59:09.0135 3156  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:59:09.0197 3156  wlidsvc - ok
08:59:09.0244 3156  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
08:59:09.0244 3156  WmiAcpi - ok
08:59:09.0291 3156  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:59:09.0291 3156  wmiApSrv - ok
08:59:09.0322 3156  WMPNetworkSvc - ok
08:59:09.0369 3156  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:59:09.0369 3156  WPCSvc - ok
08:59:09.0400 3156  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:59:09.0415 3156  WPDBusEnum - ok
08:59:09.0447 3156  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:59:09.0447 3156  ws2ifsl - ok
08:59:09.0462 3156  WSearch - ok
08:59:09.0525 3156  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:59:09.0540 3156  WudfPf - ok
08:59:09.0603 3156  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:59:09.0618 3156  WUDFRd - ok
08:59:09.0665 3156  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:59:09.0681 3156  wudfsvc - ok
08:59:09.0712 3156  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:59:09.0727 3156  WwanSvc - ok
08:59:10.0211 3156  X6va012 - ok
08:59:10.0258 3156  ================ Scan global ===============================
08:59:10.0273 3156  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:59:10.0320 3156  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:59:10.0336 3156  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:59:10.0367 3156  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:59:10.0414 3156  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
08:59:10.0429 3156  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
08:59:10.0429 3156  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
08:59:10.0429 3156  ================ Scan MBR ==================================
08:59:10.0445 3156  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:59:13.0237 3156  \Device\Harddisk0\DR0 - ok
08:59:13.0237 3156  ================ Scan VBR ==================================
08:59:13.0253 3156  [ EEC6EAF0FBDD67077502DEC728B66DAD ] \Device\Harddisk0\DR0\Partition1
08:59:13.0284 3156  \Device\Harddisk0\DR0\Partition1 - ok
08:59:13.0315 3156  [ C1CAB073C50571A7E3E52CEA338F9D1A ] \Device\Harddisk0\DR0\Partition2
08:59:13.0362 3156  \Device\Harddisk0\DR0\Partition2 - ok
08:59:13.0362 3156  ============================================================
08:59:13.0362 3156  Scan finished
08:59:13.0362 3156  ============================================================
08:59:13.0393 3844  Detected object count: 1
08:59:13.0393 3844  Actual detected object count: 1
08:59:27.0589 3844  C:\Windows\system32\services.exe - copied to quarantine
08:59:29.0009 3844  C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
08:59:29.0025 3844  C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
09:00:53.0249 3844  Backup copy not found, trying to cure infected file..
09:00:53.0249 3844  Cure success, using it..
09:00:53.0390 3844  C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
09:00:53.0390 3844  C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
09:00:53.0421 3844  C:\Windows\system32\services.exe - will be cured on reboot
09:00:53.0421 3844  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure 
09:02:26.0545 3216  Deinitialize success

Alt 16.07.2013, 08:11   #12
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Code:
ATTFilter
09:04:54.0255 2772  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:04:54.0613 2772  ============================================================
09:04:54.0613 2772  Current date / time: 2013/07/16 09:04:54.0613
09:04:54.0613 2772  SystemInfo:
09:04:54.0613 2772  
09:04:54.0613 2772  OS Version: 6.1.7601 ServicePack: 1.0
09:04:54.0613 2772  Product type: Workstation
09:04:54.0613 2772  ComputerName: BF3LOVEX3
09:04:54.0613 2772  UserName: Paul
09:04:54.0613 2772  Windows directory: C:\Windows
09:04:54.0613 2772  System windows directory: C:\Windows
09:04:54.0613 2772  Running under WOW64
09:04:54.0613 2772  Processor architecture: Intel x64
09:04:54.0613 2772  Number of processors: 2
09:04:54.0613 2772  Page size: 0x1000
09:04:54.0613 2772  Boot type: Normal boot
09:04:54.0613 2772  ============================================================
09:05:04.0592 2772  BG loaded
09:05:05.0403 2772  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:05:05.0434 2772  ============================================================
09:05:05.0434 2772  \Device\Harddisk0\DR0:
09:05:05.0434 2772  MBR partitions:
09:05:05.0434 2772  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
09:05:05.0450 2772  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0F000, BlocksNum 0x1281F000
09:05:05.0450 2772  ============================================================
09:05:05.0528 2772  C: <-> \Device\Harddisk0\DR0\Partition1
09:05:05.0621 2772  D: <-> \Device\Harddisk0\DR0\Partition2
09:05:05.0621 2772  ============================================================
09:05:05.0621 2772  Initialize success
09:05:05.0621 2772  ============================================================
09:05:25.0995 3244  ============================================================
09:05:25.0995 3244  Scan started
09:05:25.0995 3244  Mode: Manual; 
09:05:25.0995 3244  ============================================================
09:05:28.0085 3244  ================ Scan system memory ========================
09:05:28.0085 3244  System memory - ok
09:05:28.0101 3244  ================ Scan services =============================
09:05:30.0129 3244  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:05:30.0145 3244  1394ohci - ok
09:05:30.0238 3244  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:05:30.0254 3244  ACPI - ok
09:05:30.0347 3244  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:05:30.0394 3244  AcpiPmi - ok
09:05:32.0266 3244  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:05:32.0282 3244  AdobeFlashPlayerUpdateSvc - ok
09:05:32.0391 3244  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:05:32.0407 3244  adp94xx - ok
09:05:32.0516 3244  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:05:32.0531 3244  adpahci - ok
09:05:32.0578 3244  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:05:32.0625 3244  adpu320 - ok
09:05:32.0719 3244  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:05:32.0734 3244  AeLookupSvc - ok
09:05:32.0828 3244  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
09:05:32.0843 3244  AFBAgent - ok
09:05:33.0062 3244  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
09:05:33.0062 3244  AFD - ok
09:05:33.0155 3244  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:05:33.0171 3244  agp440 - ok
09:05:33.0296 3244  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
09:05:33.0296 3244  ALG - ok
09:05:33.0405 3244  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:05:33.0421 3244  aliide - ok
09:05:33.0530 3244  [ 9CCAF5CCD848F8D77CD18DAA51F9C987 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:05:33.0530 3244  AMD External Events Utility - ok
09:05:33.0655 3244  AMD FUEL Service - ok
09:05:33.0748 3244  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
09:05:33.0764 3244  amdide - ok
09:05:33.0857 3244  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
09:05:33.0873 3244  amdiox64 - ok
09:05:33.0935 3244  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:05:33.0951 3244  AmdK8 - ok
09:05:34.0731 3244  [ 8BD152EAAEFEB8667E7E43FD8CAC3642 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:05:34.0825 3244  amdkmdag - ok
09:05:34.0887 3244  [ 4112266BD3949EBE9B0B8AB198D3D0EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:05:34.0903 3244  amdkmdap - ok
09:05:34.0965 3244  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:05:34.0965 3244  AmdPPM - ok
09:05:35.0059 3244  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:05:35.0059 3244  amdsata - ok
09:05:35.0105 3244  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:05:35.0105 3244  amdsbs - ok
09:05:35.0137 3244  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:05:35.0152 3244  amdxata - ok
09:05:35.0183 3244  [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
09:05:35.0199 3244  amd_sata - ok
09:05:35.0215 3244  [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
09:05:35.0215 3244  amd_xata - ok
09:05:35.0589 3244  [ D24AE3842FEFDC4C2AB77F8D893CFBB2 ] AMOptimalDiskService C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
09:05:35.0729 3244  AMOptimalDiskService - ok
09:05:35.0807 3244  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
09:05:35.0823 3244  Amsp - ok
09:05:35.0885 3244  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
09:05:35.0885 3244  AppID - ok
09:05:35.0948 3244  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:05:35.0948 3244  AppIDSvc - ok
09:05:35.0979 3244  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
09:05:35.0979 3244  Appinfo - ok
09:05:36.0010 3244  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
09:05:36.0026 3244  arc - ok
09:05:36.0041 3244  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:05:36.0041 3244  arcsas - ok
09:05:36.0119 3244  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:05:36.0119 3244  ASLDRService - ok
09:05:36.0135 3244  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:05:36.0135 3244  ASMMAP64 - ok
09:05:36.0322 3244  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:05:36.0353 3244  aspnet_state - ok
09:05:36.0400 3244  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:05:36.0416 3244  AsyncMac - ok
09:05:36.0463 3244  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
09:05:36.0463 3244  atapi - ok
09:05:36.0572 3244  [ F8633CDD09647A64EE8DB550630427FF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
09:05:36.0587 3244  athr - ok
09:05:36.0681 3244  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:05:36.0681 3244  AtiHDAudioService - ok
09:05:36.0712 3244  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:05:36.0712 3244  ATKGFNEXSrv - ok
09:05:36.0790 3244  [ AC31727F9946E9009480708E4D1B9986 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:05:36.0790 3244  ATKWMIACPIIO - ok
09:05:36.0884 3244  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:05:36.0899 3244  AudioEndpointBuilder - ok
09:05:36.0915 3244  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:05:36.0931 3244  AudioSrv - ok
09:05:37.0009 3244  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:05:37.0009 3244  AxInstSV - ok
09:05:37.0087 3244  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:05:37.0102 3244  b06bdrv - ok
09:05:37.0149 3244  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:05:37.0165 3244  b57nd60a - ok
09:05:37.0289 3244  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:05:37.0289 3244  BBSvc - ok
09:05:37.0352 3244  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:05:37.0352 3244  BDESVC - ok
09:05:37.0399 3244  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:05:37.0399 3244  Beep - ok
09:05:37.0445 3244  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:05:37.0445 3244  blbdrive - ok
09:05:37.0492 3244  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:05:37.0508 3244  bowser - ok
09:05:37.0555 3244  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:05:37.0570 3244  BrFiltLo - ok
09:05:37.0601 3244  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:05:37.0601 3244  BrFiltUp - ok
09:05:37.0648 3244  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
09:05:37.0664 3244  Browser - ok
09:05:37.0679 3244  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:05:37.0695 3244  Brserid - ok
09:05:37.0711 3244  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:05:37.0711 3244  BrSerWdm - ok
09:05:37.0726 3244  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:05:37.0726 3244  BrUsbMdm - ok
09:05:37.0742 3244  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:05:37.0742 3244  BrUsbSer - ok
09:05:37.0804 3244  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:05:37.0820 3244  BthEnum - ok
09:05:37.0867 3244  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:05:37.0867 3244  BTHMODEM - ok
09:05:37.0913 3244  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:05:37.0913 3244  BthPan - ok
09:05:37.0976 3244  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:05:37.0991 3244  BTHPORT - ok
09:05:38.0038 3244  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
09:05:38.0038 3244  bthserv - ok
09:05:38.0069 3244  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:05:38.0085 3244  BTHUSB - ok
09:05:38.0116 3244  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:05:38.0132 3244  cdfs - ok
09:05:38.0163 3244  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:05:38.0163 3244  cdrom - ok
09:05:38.0241 3244  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
09:05:38.0241 3244  CertPropSvc - ok
09:05:38.0288 3244  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
09:05:38.0288 3244  circlass - ok
09:05:38.0335 3244  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
09:05:38.0335 3244  CLFS - ok
09:05:38.0444 3244  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:05:38.0459 3244  clr_optimization_v2.0.50727_32 - ok
09:05:38.0569 3244  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:05:38.0584 3244  clr_optimization_v2.0.50727_64 - ok
09:05:38.0740 3244  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:05:38.0896 3244  clr_optimization_v4.0.30319_32 - ok
09:05:38.0943 3244  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:05:39.0052 3244  clr_optimization_v4.0.30319_64 - ok
09:05:39.0083 3244  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:05:39.0083 3244  CmBatt - ok
09:05:39.0130 3244  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:05:39.0130 3244  cmdide - ok
09:05:39.0255 3244  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
09:05:39.0271 3244  CNG - ok
09:05:39.0317 3244  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:05:39.0317 3244  Compbatt - ok
09:05:39.0333 3244  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:05:39.0349 3244  CompositeBus - ok
09:05:39.0364 3244  COMSysApp - ok
09:05:39.0395 3244  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:05:39.0395 3244  crcdisk - ok
09:05:39.0489 3244  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:05:39.0489 3244  CryptSvc - ok
09:05:39.0739 3244  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:05:39.0754 3244  DcomLaunch - ok
09:05:39.0988 3244  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
09:05:39.0988 3244  defragsvc - ok
09:05:40.0051 3244  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:05:40.0051 3244  DfsC - ok
09:05:40.0097 3244  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:05:40.0113 3244  Dhcp - ok
09:05:40.0113 3244  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
09:05:40.0129 3244  discache - ok
09:05:40.0160 3244  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
09:05:40.0175 3244  Disk - ok
09:05:40.0238 3244  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:05:40.0238 3244  Dnscache - ok
09:05:40.0253 3244  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:05:40.0269 3244  dot3svc - ok
09:05:40.0300 3244  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
09:05:40.0300 3244  DPS - ok
09:05:40.0316 3244  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:05:40.0331 3244  drmkaud - ok
09:05:40.0425 3244  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:05:40.0425 3244  DXGKrnl - ok
09:05:40.0472 3244  EagleX64 - ok
09:05:40.0519 3244  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
09:05:40.0519 3244  EapHost - ok
09:05:40.0753 3244  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:05:40.0846 3244  ebdrv - ok
09:05:40.0893 3244  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
09:05:40.0909 3244  EFS - ok
09:05:41.0002 3244  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:05:41.0002 3244  ehRecvr - ok
09:05:41.0033 3244  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
09:05:41.0049 3244  ehSched - ok
09:05:41.0127 3244  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:05:41.0143 3244  elxstor - ok
09:05:41.0158 3244  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:05:41.0174 3244  ErrDev - ok
09:05:41.0221 3244  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
09:05:41.0221 3244  ETD - ok
09:05:41.0252 3244  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
09:05:41.0267 3244  EventSystem - ok
09:05:41.0283 3244  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
09:05:41.0299 3244  exfat - ok
09:05:41.0330 3244  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:05:41.0330 3244  fastfat - ok
09:05:41.0377 3244  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
09:05:41.0392 3244  Fax - ok
09:05:41.0423 3244  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
09:05:41.0423 3244  fdc - ok
09:05:41.0455 3244  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:05:41.0455 3244  fdPHost - ok
09:05:41.0486 3244  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:05:41.0486 3244  FDResPub - ok
09:05:41.0517 3244  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:05:41.0517 3244  FileInfo - ok
09:05:41.0533 3244  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:05:41.0533 3244  Filetrace - ok
09:05:41.0548 3244  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:05:41.0548 3244  flpydisk - ok
09:05:41.0579 3244  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:05:41.0579 3244  FltMgr - ok
09:05:41.0657 3244  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
09:05:41.0673 3244  FontCache - ok
09:05:41.0798 3244  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:05:41.0798 3244  FontCache3.0.0.0 - ok
09:05:41.0829 3244  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:05:41.0891 3244  FsDepends - ok
09:05:41.0954 3244  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
09:05:42.0016 3244  fssfltr - ok
09:05:42.0128 3244  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:05:42.0177 3244  fsssvc - ok
09:05:42.0227 3244  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:05:42.0229 3244  Fs_Rec - ok
09:05:42.0298 3244  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:05:42.0303 3244  fvevol - ok
09:05:42.0335 3244  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:05:42.0335 3244  gagp30kx - ok
09:05:42.0413 3244  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
09:05:42.0428 3244  gpsvc - ok
09:05:42.0491 3244  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:05:42.0506 3244  gupdate - ok
09:05:42.0537 3244  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:05:42.0553 3244  gupdatem - ok
09:05:42.0584 3244  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:05:42.0584 3244  gusvc - ok
09:05:42.0647 3244  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:05:42.0647 3244  hcw85cir - ok
09:05:43.0021 3244  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:05:43.0037 3244  HdAudAddService - ok
09:05:43.0083 3244  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:05:43.0099 3244  HDAudBus - ok
09:05:43.0364 3244  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:05:43.0380 3244  HidBatt - ok
09:05:43.0411 3244  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:05:43.0411 3244  HidBth - ok
09:05:43.0473 3244  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:05:43.0473 3244  HidIr - ok
09:05:43.0520 3244  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
09:05:43.0520 3244  hidserv - ok
09:05:43.0583 3244  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:05:43.0583 3244  HidUsb - ok
09:05:43.0629 3244  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:05:43.0629 3244  hkmsvc - ok
09:05:43.0707 3244  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:05:43.0723 3244  HomeGroupListener - ok
09:05:43.0770 3244  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:05:43.0785 3244  HomeGroupProvider - ok
09:05:43.0848 3244  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:05:43.0879 3244  HpSAMD - ok
09:05:43.0926 3244  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:05:43.0941 3244  HTTP - ok
09:05:44.0051 3244  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:05:44.0207 3244  hwpolicy - ok
09:05:44.0253 3244  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:05:44.0269 3244  i8042prt - ok
09:05:44.0394 3244  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:05:44.0441 3244  iaStorV - ok
09:05:44.0565 3244  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:05:44.0581 3244  idsvc - ok
09:05:44.0612 3244  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:05:44.0612 3244  iirsp - ok
09:05:44.0737 3244  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:05:44.0768 3244  IKEEXT - ok
09:05:44.0831 3244  IntcAzAudAddService - ok
09:05:44.0940 3244  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
09:05:44.0940 3244  intelide - ok
09:05:44.0955 3244  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
09:05:44.0971 3244  intelppm - ok
09:05:45.0002 3244  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:05:45.0002 3244  IPBusEnum - ok
09:05:45.0033 3244  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:05:45.0033 3244  IpFilterDriver - ok
09:05:45.0080 3244  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:05:45.0080 3244  IPMIDRV - ok
09:05:45.0127 3244  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:05:45.0143 3244  IPNAT - ok
09:05:45.0174 3244  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:05:45.0174 3244  IRENUM - ok
09:05:45.0221 3244  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:05:45.0221 3244  isapnp - ok
09:05:45.0299 3244  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:05:45.0314 3244  iScsiPrt - ok
09:05:45.0361 3244  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:05:45.0361 3244  kbdclass - ok
09:05:45.0392 3244  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:05:45.0392 3244  kbdhid - ok
09:05:45.0486 3244  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
09:05:45.0501 3244  kbfiltr - ok
09:05:45.0564 3244  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
09:05:45.0564 3244  KeyIso - ok
09:05:45.0626 3244  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:05:45.0626 3244  KSecDD - ok
09:05:45.0673 3244  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:05:45.0673 3244  KSecPkg - ok
09:05:45.0720 3244  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:05:45.0720 3244  ksthunk - ok
09:05:45.0798 3244  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:05:45.0829 3244  KtmRm - ok
09:05:45.0876 3244  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
09:05:45.0876 3244  L1C - ok
09:05:45.0954 3244  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:05:45.0969 3244  LanmanServer - ok
09:05:46.0001 3244  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:05:46.0001 3244  LanmanWorkstation - ok
09:05:46.0063 3244  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:05:46.0079 3244  lltdio - ok
09:05:46.0141 3244  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:05:46.0141 3244  lltdsvc - ok
09:05:46.0172 3244  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:05:46.0188 3244  lmhosts - ok
09:05:46.0250 3244  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:05:46.0281 3244  LSI_FC - ok
09:05:46.0313 3244  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:05:46.0328 3244  LSI_SAS - ok
09:05:46.0344 3244  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:05:46.0344 3244  LSI_SAS2 - ok
09:05:46.0391 3244  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:05:46.0391 3244  LSI_SCSI - ok
09:05:46.0406 3244  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
09:05:46.0422 3244  luafv - ok
09:05:46.0484 3244  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:05:46.0484 3244  MBAMProtector - ok
09:05:46.0609 3244  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:05:46.0609 3244  MBAMScheduler - ok
09:05:46.0687 3244  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:05:46.0687 3244  MBAMService - ok
09:05:46.0734 3244  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:05:46.0734 3244  Mcx2Svc - ok
09:05:46.0781 3244  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:05:46.0781 3244  megasas - ok
09:05:46.0812 3244  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:05:46.0827 3244  MegaSR - ok
09:05:46.0859 3244  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
09:05:46.0859 3244  MMCSS - ok
09:05:46.0890 3244  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
09:05:46.0890 3244  Modem - ok
09:05:46.0937 3244  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:05:46.0937 3244  monitor - ok
09:05:46.0968 3244  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:05:46.0983 3244  mouclass - ok
09:05:47.0015 3244  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:05:47.0015 3244  mouhid - ok
09:05:47.0046 3244  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:05:47.0046 3244  mountmgr - ok
09:05:47.0108 3244  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:05:47.0108 3244  MozillaMaintenance - ok
09:05:47.0139 3244  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:05:47.0155 3244  mpio - ok
09:05:47.0171 3244  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:05:47.0171 3244  mpsdrv - ok
09:05:47.0202 3244  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:05:47.0217 3244  MRxDAV - ok
09:05:47.0295 3244  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:05:47.0295 3244  mrxsmb - ok
09:05:47.0358 3244  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:05:47.0373 3244  mrxsmb10 - ok
09:05:47.0436 3244  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:05:47.0436 3244  mrxsmb20 - ok
09:05:47.0483 3244  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:05:47.0483 3244  msahci - ok
09:05:47.0498 3244  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:05:47.0514 3244  msdsm - ok
09:05:47.0529 3244  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
09:05:47.0545 3244  MSDTC - ok
09:05:47.0576 3244  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:05:47.0576 3244  Msfs - ok
09:05:47.0607 3244  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:05:47.0607 3244  mshidkmdf - ok
09:05:47.0623 3244  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:05:47.0623 3244  msisadrv - ok
09:05:47.0670 3244  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:05:47.0670 3244  MSiSCSI - ok
09:05:47.0685 3244  msiserver - ok
09:05:47.0701 3244  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:05:47.0717 3244  MSKSSRV - ok
09:05:47.0732 3244  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:05:47.0748 3244  MSPCLOCK - ok
09:05:47.0763 3244  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:05:47.0763 3244  MSPQM - ok
09:05:47.0779 3244  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:05:47.0795 3244  MsRPC - ok
09:05:47.0857 3244  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:05:47.0857 3244  mssmbios - ok
09:05:47.0873 3244  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:05:47.0873 3244  MSTEE - ok
09:05:47.0904 3244  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:05:47.0904 3244  MTConfig - ok
09:05:47.0919 3244  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:05:47.0935 3244  Mup - ok
09:05:47.0966 3244  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
09:05:47.0997 3244  napagent - ok
09:05:48.0044 3244  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:05:48.0060 3244  NativeWifiP - ok
09:05:48.0153 3244  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:05:48.0169 3244  NDIS - ok
09:05:48.0216 3244  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:05:48.0216 3244  NdisCap - ok
09:05:48.0247 3244  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:05:48.0247 3244  NdisTapi - ok
09:05:48.0263 3244  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:05:48.0263 3244  Ndisuio - ok
09:05:48.0309 3244  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:05:48.0309 3244  NdisWan - ok
09:05:48.0372 3244  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:05:48.0372 3244  NDProxy - ok
09:05:48.0419 3244  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:05:48.0419 3244  NetBIOS - ok
09:05:48.0450 3244  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:05:48.0450 3244  NetBT - ok
09:05:48.0481 3244  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
09:05:48.0481 3244  Netlogon - ok
09:05:48.0559 3244  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
09:05:48.0559 3244  Netman - ok
09:05:48.0653 3244  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:05:48.0668 3244  NetMsmqActivator - ok
09:05:48.0715 3244  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:05:48.0731 3244  NetPipeActivator - ok
09:05:48.0777 3244  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
09:05:48.0793 3244  netprofm - ok
09:05:48.0809 3244  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:05:48.0809 3244  NetTcpActivator - ok
09:05:48.0824 3244  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:05:48.0840 3244  NetTcpPortSharing - ok
09:05:48.0855 3244  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:05:48.0855 3244  nfrd960 - ok
09:05:48.0918 3244  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:05:48.0918 3244  NlaSvc - ok
09:05:48.0949 3244  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:05:48.0949 3244  Npfs - ok
09:05:48.0980 3244  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
09:05:48.0980 3244  nsi - ok
09:05:48.0996 3244  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:05:48.0996 3244  nsiproxy - ok
09:05:49.0074 3244  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:05:49.0136 3244  Ntfs - ok
09:05:49.0152 3244  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
09:05:49.0167 3244  Null - ok
09:05:49.0199 3244  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:05:49.0214 3244  nvraid - ok
09:05:49.0245 3244  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:05:49.0245 3244  nvstor - ok
09:05:49.0277 3244  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:05:49.0277 3244  nv_agp - ok
09:05:49.0292 3244  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:05:49.0292 3244  ohci1394 - ok
09:05:49.0370 3244  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:05:49.0370 3244  ose - ok
09:05:49.0401 3244  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:05:49.0417 3244  p2pimsvc - ok
09:05:49.0464 3244  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:05:49.0479 3244  p2psvc - ok
09:05:49.0526 3244  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
09:05:49.0526 3244  Parport - ok
09:05:49.0573 3244  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:05:49.0573 3244  partmgr - ok
09:05:49.0604 3244  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:05:49.0604 3244  PcaSvc - ok
09:05:49.0620 3244  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
09:05:49.0635 3244  pci - ok
09:05:49.0651 3244  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
09:05:49.0651 3244  pciide - ok
09:05:49.0682 3244  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:05:49.0698 3244  pcmcia - ok
09:05:49.0713 3244  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:05:49.0713 3244  pcw - ok
09:05:49.0745 3244  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:05:49.0745 3244  PEAUTH - ok
09:05:49.0885 3244  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:05:49.0885 3244  PerfHost - ok
09:05:50.0010 3244  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
09:05:50.0072 3244  pla - ok
09:05:50.0135 3244  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:05:50.0150 3244  PlugPlay - ok
09:05:50.0166 3244  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:05:50.0166 3244  PNRPAutoReg - ok
09:05:50.0197 3244  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:05:50.0213 3244  PNRPsvc - ok
09:05:50.0259 3244  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:05:50.0259 3244  PolicyAgent - ok
09:05:50.0306 3244  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
09:05:50.0306 3244  Power - ok
09:05:50.0353 3244  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:05:50.0353 3244  PptpMiniport - ok
09:05:50.0384 3244  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
09:05:50.0384 3244  Processor - ok
09:05:50.0431 3244  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:05:50.0431 3244  ProfSvc - ok
09:05:50.0447 3244  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:05:50.0447 3244  ProtectedStorage - ok
09:05:50.0478 3244  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:05:50.0478 3244  Psched - ok
09:05:50.0540 3244  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:05:50.0587 3244  ql2300 - ok
09:05:50.0603 3244  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:05:50.0603 3244  ql40xx - ok
09:05:50.0665 3244  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
09:05:50.0665 3244  QWAVE - ok
09:05:50.0696 3244  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:05:50.0696 3244  QWAVEdrv - ok
09:05:50.0712 3244  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:05:50.0727 3244  RasAcd - ok
09:05:50.0759 3244  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:05:50.0759 3244  RasAgileVpn - ok
09:05:50.0790 3244  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
09:05:50.0790 3244  RasAuto - ok
09:05:50.0805 3244  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:05:50.0805 3244  Rasl2tp - ok
09:05:50.0821 3244  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
09:05:50.0837 3244  RasMan - ok
09:05:50.0852 3244  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:05:50.0852 3244  RasPppoe - ok
09:05:50.0883 3244  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:05:50.0883 3244  RasSstp - ok
09:05:50.0899 3244  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:05:50.0899 3244  rdbss - ok
09:05:50.0930 3244  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:05:50.0930 3244  rdpbus - ok
09:05:50.0946 3244  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:05:50.0961 3244  RDPCDD - ok
09:05:50.0961 3244  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:05:50.0977 3244  RDPENCDD - ok
09:05:50.0993 3244  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:05:50.0993 3244  RDPREFMP - ok
09:05:51.0039 3244  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:05:51.0055 3244  RDPWD - ok
09:05:51.0086 3244  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:05:51.0102 3244  rdyboost - ok
09:05:51.0133 3244  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:05:51.0133 3244  RemoteAccess - ok
09:05:51.0164 3244  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:05:51.0180 3244  RemoteRegistry - ok
09:05:51.0211 3244  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:05:51.0211 3244  RFCOMM - ok
09:05:51.0242 3244  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:05:51.0242 3244  RpcEptMapper - ok
09:05:51.0273 3244  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
09:05:51.0273 3244  RpcLocator - ok
09:05:51.0305 3244  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
09:05:51.0305 3244  RpcSs - ok
09:05:51.0351 3244  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:05:51.0351 3244  rspndr - ok
09:05:51.0414 3244  [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
09:05:51.0414 3244  RSUSBSTOR - ok
09:05:51.0445 3244  [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:05:51.0445 3244  RTL8167 - ok
09:05:51.0461 3244  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
09:05:51.0461 3244  SamSs - ok
09:05:51.0476 3244  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:05:51.0492 3244  sbp2port - ok
09:05:51.0523 3244  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:05:51.0523 3244  SCardSvr - ok
09:05:51.0554 3244  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:05:51.0554 3244  scfilter - ok
09:05:51.0601 3244  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
09:05:51.0617 3244  Schedule - ok
09:05:51.0648 3244  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:05:51.0648 3244  SCPolicySvc - ok
09:05:51.0663 3244  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:05:51.0679 3244  SDRSVC - ok
09:05:51.0726 3244  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:05:51.0726 3244  SeaPort - ok
09:05:51.0757 3244  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:05:51.0757 3244  secdrv - ok
09:05:51.0788 3244  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
09:05:51.0788 3244  seclogon - ok
09:05:51.0819 3244  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
09:05:51.0819 3244  SENS - ok
09:05:51.0835 3244  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:05:51.0835 3244  SensrSvc - ok
09:05:51.0866 3244  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:05:51.0866 3244  Serenum - ok
09:05:51.0929 3244  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
09:05:51.0929 3244  Serial - ok
09:05:51.0944 3244  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:05:51.0944 3244  sermouse - ok
09:05:52.0038 3244  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:05:52.0038 3244  SessionEnv - ok
09:05:52.0053 3244  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:05:52.0069 3244  sffdisk - ok
09:05:52.0069 3244  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:05:52.0085 3244  sffp_mmc - ok
09:05:52.0085 3244  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:05:52.0100 3244  sffp_sd - ok
09:05:52.0116 3244  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:05:52.0116 3244  sfloppy - ok
09:05:52.0147 3244  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:05:52.0163 3244  ShellHWDetection - ok
09:05:52.0194 3244  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
09:05:52.0194 3244  SiSGbeLH - ok
09:05:52.0209 3244  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:05:52.0209 3244  SiSRaid2 - ok
09:05:52.0225 3244  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:05:52.0225 3244  SiSRaid4 - ok
09:05:52.0272 3244  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:05:52.0272 3244  SkypeUpdate - ok
09:05:52.0303 3244  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:05:52.0303 3244  Smb - ok
09:05:52.0350 3244  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:05:52.0350 3244  SNMPTRAP - ok
09:05:52.0490 3244  [ D310A8B84911C7C14876EBDAE0302DBF ] SpeedBoosterSvc C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe
09:05:52.0568 3244  SpeedBoosterSvc - ok
09:05:52.0615 3244  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:05:52.0615 3244  spldr - ok
09:05:52.0662 3244  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
09:05:52.0677 3244  Spooler - ok
09:05:52.0787 3244  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
09:05:52.0833 3244  sppsvc - ok
09:05:52.0865 3244  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:05:52.0865 3244  sppuinotify - ok
09:05:52.0943 3244  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:05:52.0943 3244  srv - ok
09:05:52.0989 3244  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:05:52.0989 3244  srv2 - ok
09:05:53.0036 3244  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:05:53.0036 3244  srvnet - ok
09:05:53.0083 3244  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:05:53.0083 3244  SSDPSRV - ok
09:05:53.0114 3244  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:05:53.0114 3244  SstpSvc - ok
09:05:53.0145 3244  Steam Client Service - ok
09:05:53.0192 3244  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:05:53.0192 3244  stexstor - ok
09:05:53.0255 3244  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
09:05:53.0301 3244  stisvc - ok
09:05:53.0333 3244  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:05:53.0333 3244  swenum - ok
09:05:53.0364 3244  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
09:05:53.0379 3244  swprv - ok
09:05:53.0442 3244  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
09:05:53.0457 3244  SysMain - ok
09:05:53.0504 3244  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:05:53.0520 3244  TabletInputService - ok
09:05:53.0535 3244  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:05:53.0551 3244  TapiSrv - ok
09:05:53.0567 3244  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
09:05:53.0567 3244  TBS - ok
09:05:53.0676 3244  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:05:53.0769 3244  Tcpip - ok
09:05:53.0832 3244  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:05:53.0847 3244  TCPIP6 - ok
09:05:53.0910 3244  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:05:53.0910 3244  tcpipreg - ok
09:05:53.0957 3244  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:05:53.0957 3244  TDPIPE - ok
09:05:54.0003 3244  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:05:54.0003 3244  TDTCP - ok
09:05:54.0035 3244  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:05:54.0035 3244  tdx - ok
09:05:54.0066 3244  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:05:54.0081 3244  TermDD - ok
09:05:54.0128 3244  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
09:05:54.0144 3244  TermService - ok
09:05:54.0159 3244  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
09:05:54.0175 3244  Themes - ok
09:05:54.0206 3244  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:05:54.0206 3244  THREADORDER - ok
09:05:54.0300 3244  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
09:05:54.0300 3244  TiMiniService - ok
09:05:54.0347 3244  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
09:05:54.0347 3244  tmactmon - ok
09:05:54.0362 3244  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
09:05:54.0378 3244  tmcomm - ok
09:05:54.0378 3244  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
09:05:54.0378 3244  tmevtmgr - ok
09:05:54.0409 3244  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
09:05:54.0409 3244  tmtdi - ok
09:05:54.0440 3244  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
09:05:54.0440 3244  TrkWks - ok
09:05:54.0503 3244  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:05:54.0503 3244  TrustedInstaller - ok
09:05:54.0549 3244  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:05:54.0549 3244  tssecsrv - ok
09:05:54.0581 3244  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:05:54.0596 3244  TsUsbFlt - ok
09:05:54.0612 3244  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:05:54.0612 3244  TsUsbGD - ok
09:05:54.0643 3244  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:05:54.0643 3244  tunnel - ok
09:05:54.0674 3244  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:05:54.0674 3244  uagp35 - ok
09:05:54.0705 3244  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:05:54.0721 3244  udfs - ok
09:05:54.0752 3244  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:05:54.0752 3244  UI0Detect - ok
09:05:54.0783 3244  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:05:54.0783 3244  uliagpkx - ok
09:05:54.0815 3244  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:05:54.0815 3244  umbus - ok
09:05:54.0830 3244  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:05:54.0830 3244  UmPass - ok
09:05:54.0861 3244  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
09:05:54.0877 3244  upnphost - ok
09:05:54.0924 3244  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:05:54.0924 3244  usbccgp - ok
09:05:54.0971 3244  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:05:54.0971 3244  usbcir - ok
09:05:55.0002 3244  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:05:55.0002 3244  usbehci - ok
09:05:55.0049 3244  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
09:05:55.0049 3244  usbfilter - ok
09:05:55.0111 3244  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:05:55.0127 3244  usbhub - ok
09:05:55.0173 3244  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:05:55.0173 3244  usbohci - ok
09:05:55.0205 3244  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:05:55.0205 3244  usbprint - ok
09:05:55.0251 3244  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:05:55.0251 3244  USBSTOR - ok
09:05:55.0283 3244  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:05:55.0283 3244  usbuhci - ok
09:05:55.0329 3244  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:05:55.0329 3244  usbvideo - ok
09:05:55.0345 3244  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
09:05:55.0361 3244  UxSms - ok
09:05:55.0376 3244  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
09:05:55.0376 3244  VaultSvc - ok
09:05:55.0392 3244  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:05:55.0392 3244  vdrvroot - ok
09:05:55.0423 3244  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
09:05:55.0439 3244  vds - ok
09:05:55.0470 3244  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:05:55.0470 3244  vga - ok
09:05:55.0485 3244  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:05:55.0501 3244  VgaSave - ok
09:05:55.0532 3244  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:05:55.0532 3244  vhdmp - ok
09:05:55.0548 3244  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:05:55.0548 3244  viaide - ok
09:05:55.0579 3244  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:05:55.0579 3244  volmgr - ok
09:05:55.0595 3244  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:05:55.0610 3244  volmgrx - ok
09:05:55.0626 3244  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:05:55.0641 3244  volsnap - ok
09:05:55.0673 3244  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:05:55.0673 3244  vsmraid - ok
09:05:55.0751 3244  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
09:05:55.0766 3244  VSS - ok
09:05:55.0782 3244  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:05:55.0782 3244  vwifibus - ok
09:05:55.0797 3244  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:05:55.0813 3244  vwififlt - ok
09:05:55.0844 3244  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
09:05:55.0844 3244  W32Time - ok
09:05:55.0891 3244  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:05:55.0891 3244  WacomPen - ok
09:05:55.0922 3244  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:05:55.0922 3244  WANARP - ok
09:05:55.0938 3244  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:05:55.0938 3244  Wanarpv6 - ok
09:05:56.0000 3244  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
09:05:56.0016 3244  wbengine - ok
09:05:56.0031 3244  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:05:56.0047 3244  WbioSrvc - ok
09:05:56.0063 3244  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:05:56.0078 3244  wcncsvc - ok
09:05:56.0094 3244  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:05:56.0094 3244  WcsPlugInService - ok
09:05:56.0125 3244  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
09:05:56.0125 3244  Wd - ok
09:05:56.0187 3244  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:05:56.0219 3244  Wdf01000 - ok
09:05:56.0250 3244  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:05:56.0250 3244  WdiServiceHost - ok
09:05:56.0250 3244  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:05:56.0265 3244  WdiSystemHost - ok
09:05:56.0297 3244  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
09:05:56.0312 3244  WebClient - ok
09:05:56.0328 3244  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:05:56.0328 3244  Wecsvc - ok
09:05:56.0359 3244  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:05:56.0359 3244  wercplsupport - ok
09:05:56.0375 3244  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:05:56.0390 3244  WerSvc - ok
09:05:56.0421 3244  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:05:56.0421 3244  WfpLwf - ok
09:05:56.0468 3244  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
09:05:56.0468 3244  WimFltr - ok
09:05:56.0484 3244  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:05:56.0499 3244  WIMMount - ok
09:05:56.0515 3244  WinHttpAutoProxySvc - ok
09:05:56.0577 3244  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:05:56.0593 3244  Winmgmt - ok
09:05:56.0687 3244  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
09:05:56.0765 3244  WinRM - ok
09:05:56.0843 3244  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:05:56.0858 3244  Wlansvc - ok
09:05:56.0921 3244  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:05:56.0921 3244  wlcrasvc - ok
09:05:57.0045 3244  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:05:57.0077 3244  wlidsvc - ok
09:05:57.0108 3244  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:05:57.0108 3244  WmiAcpi - ok
09:05:57.0155 3244  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:05:57.0155 3244  wmiApSrv - ok
09:05:57.0201 3244  WMPNetworkSvc - ok
09:05:57.0233 3244  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:05:57.0233 3244  WPCSvc - ok
09:05:57.0264 3244  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:05:57.0264 3244  WPDBusEnum - ok
09:05:57.0295 3244  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:05:57.0295 3244  ws2ifsl - ok
09:05:57.0311 3244  WSearch - ok
09:05:57.0357 3244  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:05:57.0373 3244  WudfPf - ok
09:05:57.0420 3244  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:05:57.0420 3244  WUDFRd - ok
09:05:57.0467 3244  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:05:57.0467 3244  wudfsvc - ok
09:05:57.0514 3244  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:05:57.0514 3244  WwanSvc - ok
09:05:57.0623 3244  X6va012 - ok
09:05:57.0654 3244  ================ Scan global ===============================
09:05:57.0685 3244  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:05:57.0716 3244  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:05:57.0748 3244  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:05:57.0779 3244  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:05:57.0810 3244  [ 2F46C1760C531EB2B181F9076E552E8A ] C:\Windows\system32\services.exe
09:05:57.0826 3244  [Global] - ok
09:05:57.0826 3244  ================ Scan MBR ==================================
09:05:57.0841 3244  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:05:58.0200 3244  \Device\Harddisk0\DR0 - ok
09:05:58.0200 3244  ================ Scan VBR ==================================
09:05:58.0216 3244  [ EEC6EAF0FBDD67077502DEC728B66DAD ] \Device\Harddisk0\DR0\Partition1
09:05:58.0216 3244  \Device\Harddisk0\DR0\Partition1 - ok
09:05:58.0231 3244  [ C1CAB073C50571A7E3E52CEA338F9D1A ] \Device\Harddisk0\DR0\Partition2
09:05:58.0247 3244  \Device\Harddisk0\DR0\Partition2 - ok
09:05:58.0247 3244  ============================================================
09:05:58.0247 3244  Scan finished
09:05:58.0247 3244  ============================================================
09:05:58.0262 3236  Detected object count: 0
09:05:58.0262 3236  Actual detected object count: 0
09:06:16.0686 1124  Deinitialize success

Vielen dank das du mir hilfst schrauber


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Paul (administrator) on 16-07-2013 09:09:49
Running from C:\Users\Paul\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Think Tank Labs, LLC) C:\Program Files (x86)\Search Fairy\SMBarBroker.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Trend Micro Client Framework] - "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] - %ProgramFiles%\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll (Results Media Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 11 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 11 mswsock.dll File Not found (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\searchplugins\SweetIM Search.xml
FF Extension: No Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.)
R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-16 08:59 - 2013-07-16 08:59 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-15 21:49 - 2013-07-15 21:49 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Paul\Desktop\tdsskiller.exe
2013-07-15 20:12 - 2013-07-15 20:14 - 00051193 _____ C:\Users\Paul\Downloads\FRST.txt
2013-07-15 20:11 - 2013-07-15 20:12 - 00022156 _____ C:\Users\Paul\Downloads\Addition.txt
2013-07-15 20:09 - 2013-07-15 20:41 - 00000000 ____D C:\FRST
2013-07-15 20:08 - 2013-07-15 20:09 - 01777839 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2013-07-15 15:49 - 2013-07-15 15:52 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 14:38 - 2013-07-15 20:39 - 00001640 _____ C:\Windows\PFRO.log
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:29 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 19:04 - 2013-07-14 23:54 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-16 09:03 - 00000840 _____ C:\Windows\setupact.log
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 07:48 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 07:48 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 07:48 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 07:48 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 07:48 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 07:48 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 07:48 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 09:46 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-12 09:46 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 09:46 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-12 09:46 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-12 09:45 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 09:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 09:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 18:05 - 2013-07-11 18:06 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:41 - 2013-07-10 22:42 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 16:58 - 2013-07-10 17:09 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 15:59 - 2013-07-10 16:16 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:16 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:30 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:28 - 2013-07-03 16:30 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:28 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:10 - 2013-07-03 16:30 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:10 - 2013-07-03 16:12 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:10 - 2013-07-03 16:11 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:09 - 2013-07-02 18:13 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:09 - 2013-07-02 18:10 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-06-30 22:12 - 2013-07-01 17:02 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:10 - 2013-06-30 22:23 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:08 - 2013-06-30 22:09 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 21:50 - 2013-06-24 22:37 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:33 - 2013-06-23 22:42 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:10 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-06-23 14:10 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 13:18 - 2013-07-15 23:51 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-06-23 13:18 - 2013-07-15 23:51 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-23 13:18 - 2013-06-23 14:00 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-23 19:15 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-20 22:17 - 2013-06-20 22:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:08 - 2013-07-03 16:45 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:03 - 2013-06-20 20:02 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:03 - 2013-06-20 20:02 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:03 - 2013-06-20 20:02 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:54 - 2013-06-17 18:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft

==================== One Month Modified Files and Folders =======

2013-07-16 09:03 - 2013-07-14 19:02 - 00000840 _____ C:\Windows\setupact.log
2013-07-16 09:03 - 2013-05-22 13:15 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-07-16 09:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 09:03 - 2009-07-14 01:19 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2013-07-16 08:59 - 2013-07-16 08:59 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-16 08:59 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 08:59 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 23:51 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\AppData\Local\PMB Files
2013-07-15 23:51 - 2013-06-23 13:18 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-15 23:40 - 2013-06-01 19:53 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Skype
2013-07-15 22:36 - 2013-05-26 13:13 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TS3Client
2013-07-15 21:49 - 2013-07-15 21:49 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Paul\Desktop\tdsskiller.exe
2013-07-15 20:41 - 2013-07-15 20:09 - 00000000 ____D C:\FRST
2013-07-15 20:39 - 2013-07-15 14:38 - 00001640 _____ C:\Windows\PFRO.log
2013-07-15 20:39 - 2013-05-22 13:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 20:39 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 20:39 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 20:14 - 2013-07-15 20:12 - 00051193 _____ C:\Users\Paul\Downloads\FRST.txt
2013-07-15 20:12 - 2013-07-15 20:11 - 00022156 _____ C:\Users\Paul\Downloads\Addition.txt
2013-07-15 20:09 - 2013-07-15 20:08 - 01777839 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2013-07-15 15:52 - 2013-07-15 15:49 - 286015563 _____ C:\Users\Paul\Downloads\CallofDutyBlackOpsIISoundtrack.zip
2013-07-15 14:45 - 2013-07-15 14:45 - 00030084 _____ C:\Users\Paul\Downloads\Archive.zip
2013-07-15 14:43 - 2013-07-15 14:43 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-07-15 11:45 - 2013-07-15 11:45 - 00007623 _____ C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2013-07-14 23:59 - 2013-07-14 23:59 - 00067029 _____ C:\Users\Paul\Downloads\poweroff_deutsch.zip
2013-07-14 23:54 - 2013-07-14 19:04 - 00068025 _____ C:\Windows\WindowsUpdate.log
2013-07-14 22:43 - 2013-05-28 01:22 - 00000000 ____D C:\Windows\pss
2013-07-14 22:42 - 2013-06-08 19:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-14 22:42 - 2013-05-22 13:15 - 00000000 ___HD C:\ASUS.DAT
2013-07-14 22:37 - 2013-07-14 22:37 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223(1).zip
2013-07-14 22:34 - 2011-04-13 04:47 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-07-14 22:30 - 2013-07-14 22:30 - 00365066 _____ C:\Users\Paul\Downloads\WinFlash_Win7_32_Win7_64_Z2311.zip
2013-07-14 22:29 - 2013-07-14 22:29 - 14767595 _____ C:\Users\Paul\Downloads\AsusUpdt_V71803.zip
2013-07-14 22:29 - 2013-07-14 22:20 - 00021048 _____ (AsusTek Computer Inc.) C:\Windows\BS_DEF.sys
2013-07-14 22:22 - 2013-07-14 22:22 - 433357706 _____ C:\Windows\MEMORY.DMP
2013-07-14 22:22 - 2013-07-14 22:22 - 00275216 _____ C:\Windows\Minidump\071413-35443-01.dmp
2013-07-14 22:22 - 2013-07-14 22:22 - 00000000 ____D C:\Windows\Minidump
2013-07-14 22:20 - 2013-07-14 22:20 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7(1).zip
2013-07-14 22:20 - 2013-07-14 22:20 - 00001769 _____ C:\Windows\Language_trs.ini
2013-07-14 22:19 - 2013-07-14 22:19 - 14769627 _____ C:\Users\Paul\Downloads\AsusUpdt_V71802_XPVISTAWIN7.zip
2013-07-14 22:16 - 2013-07-14 22:16 - 00151656 _____ C:\Users\Paul\Downloads\DOS Boot-Dateien.7z
2013-07-14 22:14 - 2013-07-14 22:14 - 00019690 _____ C:\Users\Paul\Downloads\AFLASH2_Z312.zip
2013-07-14 22:07 - 2013-07-14 22:07 - 01515318 _____ C:\Users\Paul\Downloads\K43BY223.zip
2013-07-14 21:59 - 2013-07-14 21:59 - 01432424 _____ (                                                            ) C:\Users\Paul\Downloads\cpu-z_1.65-setup-en.exe
2013-07-14 21:59 - 2013-07-14 21:59 - 00000000 ____D C:\Program Files\CPUID
2013-07-14 21:56 - 2013-07-14 21:56 - 00065015 _____ C:\Users\Paul\Downloads\memtest86+-4.20.zip
2013-07-14 21:49 - 2013-05-22 13:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 21:49 - 2011-04-13 04:33 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-14 21:49 - 2011-04-13 04:33 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 19:03 - 2013-07-14 19:03 - 00058520 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00276600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 19:02 - 2013-07-14 19:02 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 15:49 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2013-07-14 01:33 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 01:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 10:20 - 2013-07-13 10:20 - 03798712 _____ (Cryptic Studios) C:\Users\Paul\Downloads\neverwinter_setup.exe
2013-07-13 10:20 - 2013-07-13 10:20 - 00000000 ____D C:\Users\Public\Games
2013-07-13 10:20 - 2013-06-05 17:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 07:40 - 2013-05-28 07:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 19:10 - 2011-02-19 06:24 - 00710754 _____ C:\Windows\system32\perfh007.dat
2013-07-11 19:10 - 2011-02-19 06:24 - 00153202 _____ C:\Windows\system32\perfc007.dat
2013-07-11 19:10 - 2009-07-14 07:13 - 01650312 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 18:06 - 2013-07-11 18:05 - 102885657 _____ C:\Users\Paul\Downloads\Al Gear - Kein feat. fur Spastis.rar
2013-07-10 22:42 - 2013-07-10 22:41 - 03684312 _____ C:\Users\Paul\Downloads\rgnlauncher0.9.6.exe
2013-07-10 17:09 - 2013-07-10 16:58 - 954267158 _____ C:\Users\Paul\Downloads\Poseidon2.v3.rar
2013-07-10 16:16 - 2013-07-10 15:59 - 972753630 _____ C:\Users\Paul\Downloads\PrevionClient1.3.rar
2013-07-10 13:28 - 2013-07-10 13:28 - 00001121 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-10 13:28 - 2013-07-10 13:28 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-10 13:27 - 2013-07-10 13:27 - 03014767 _____ (Tim Witschel Serververmietung                               ) C:\Users\Paul\Downloads\anotherlifesetup.exe
2013-07-09 19:46 - 2013-07-09 19:46 - 00036055 _____ C:\Users\Paul\Downloads\[SAMP]Aimbot from www.Opcode.de.vu.rar
2013-07-07 21:17 - 2013-05-22 21:47 - 00001319 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-07 19:17 - 2013-07-07 19:17 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-07 19:17 - 2013-07-07 19:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 19:16 - 2013-07-07 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-07 19:00 - 2013-07-07 19:00 - 00135124 _____ C:\Users\Paul\Downloads\Team MSKill Gen v1.0Beta.zip
2013-07-07 18:59 - 2013-07-07 18:59 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013](1).exe
2013-07-07 18:57 - 2013-07-07 18:57 - 00062976 _____ C:\Users\Paul\Downloads\MSPointsGeneratorV6.1.2[LATESTJULY42013].exe
2013-07-07 18:56 - 2013-07-07 18:56 - 00746453 _____ C:\Users\Paul\Downloads\Microsoft Points Generater.rar
2013-07-07 18:53 - 2013-07-07 18:53 - 00495120 _____ C:\Users\Paul\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-07 18:49 - 2013-07-07 18:49 - 01797941 _____ C:\Users\Paul\Downloads\Xbox Live Générateur.rar
2013-07-07 18:44 - 2013-07-07 18:44 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator(1).rar
2013-07-07 18:42 - 2013-07-07 18:42 - 02105758 _____ C:\Users\Paul\Downloads\Xbox Live Gold, microsoft points Generator.rar
2013-07-04 14:46 - 2013-05-22 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 19:04 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-07-03 19:04 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-07-03 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-03 19:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-07-03 19:03 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-03 18:54 - 2011-02-19 06:18 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\winrm
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\WCN
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\slmgr
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-07-03 18:54 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-03 18:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-07-03 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2013-07-03 16:45 - 2013-06-20 20:08 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2013-07-03 16:33 - 2013-07-03 16:33 - 00159801 _____ C:\Users\Paul\Downloads\Minecraft Cracked.rar
2013-07-03 16:30 - 2013-07-03 16:28 - 00000970 _____ C:\Users\Paul\Documents\options.txt
2013-07-03 16:30 - 2013-07-03 16:28 - 00000444 _____ C:\Users\Paul\Documents\output-client.log
2013-07-03 16:30 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\stats
2013-07-03 16:30 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\versions
2013-07-03 16:29 - 2013-07-03 16:29 - 00000163 _____ C:\Users\Paul\Documents\servers.dat
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\saves
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\resourcepacks
2013-07-03 16:28 - 2013-07-03 16:28 - 00000000 ____D C:\Users\Paul\Documents\libraries
2013-07-03 16:25 - 2013-07-03 16:25 - 00255428 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.8.3.zip
2013-07-03 16:12 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\minecraft
2013-07-03 16:11 - 2013-07-03 16:10 - 00000000 ____D C:\Users\Paul\Documents\assets
2013-07-03 16:10 - 2013-05-22 13:14 - 00000000 ____D C:\Users\Paul
2013-07-03 16:09 - 2013-07-03 16:09 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7(1).zip
2013-07-03 16:07 - 2013-07-03 16:07 - 00297561 _____ C:\Users\Paul\Downloads\MCOpenLauncher_0.7.zip
2013-07-03 14:11 - 2013-07-03 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:14 - 2011-04-13 04:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-02 18:13 - 2013-07-02 18:09 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-02 18:11 - 2013-07-02 18:11 - 02896896 _____ C:\Users\Paul\Downloads\speichermedien.ppt
2013-07-02 18:10 - 2013-07-02 18:09 - 63363736 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\PowerPointViewer.exe
2013-07-02 18:09 - 2013-07-02 18:09 - 25755856 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wordview_de-de.exe
2013-07-02 12:55 - 2013-07-02 12:55 - 00000000 ____D C:\Users\Paul\AppData\Local\Unity
2013-07-02 08:23 - 2013-07-02 08:23 - 00279340 _____ (Jitbit Macro Recorder) C:\Users\Paul\Downloads\SPATTACKVEE TRAINER.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 04260625 _____ C:\Users\Paul\Downloads\PokeBot 2.4 BetaR - 64.zip
2013-07-01 17:02 - 2013-06-30 22:12 - 00000000 ____D C:\Users\Paul\Desktop\Pokemon
2013-06-30 22:23 - 2013-06-30 22:10 - 59782173 _____ C:\Users\Paul\Downloads\Pokemon HeartGold.zip
2013-06-30 22:12 - 2013-06-30 22:12 - 09533978 _____ C:\Users\Paul\Downloads\PokeMMO-Client.zip
2013-06-30 22:09 - 2013-06-30 22:08 - 05250247 _____ C:\Users\Paul\Downloads\Pokemon FireRed.zip
2013-06-29 17:15 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-25 00:09 - 2013-06-25 00:09 - 00177190 _____ C:\Users\Paul\Documents\ts3_clientui-win32-1365064384-2013-06-25 00_09_20.508439.dmp
2013-06-24 22:37 - 2013-06-24 21:50 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-24 21:48 - 2013-06-24 21:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 22:42 - 2013-06-23 22:33 - 00000000 ____D C:\Users\Paul\Desktop\SSSSSSSSSSSSANNNNNNNNNNNNNNNNNNNNNNNNNNN
2013-06-23 21:18 - 2013-06-23 21:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-06-23 19:15 - 2013-06-22 18:31 - 00000000 ____D C:\Users\Paul\Documents\Medic-Keybinder
2013-06-23 16:06 - 2013-06-23 16:06 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2013-06-23 14:02 - 2013-06-23 14:02 - 00000000 ____D C:\Riot Games
2013-06-23 14:02 - 2013-05-22 21:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 14:00 - 2013-06-23 13:18 - 00000000 ____D C:\Users\Paul\Desktop\League of Legends
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Users\Paul\.swt
2013-06-23 13:17 - 2013-06-23 13:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-22 18:31 - 2013-06-22 18:31 - 00000000 ____D C:\Medic-Keybinder
2013-06-21 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-06-21 08:15 - 2013-05-22 21:47 - 00001874 _____ C:\Windows\system32\AutoRunFilter.ini
2013-06-20 22:37 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-20 22:17 - 2013-06-20 22:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\ProgramData\Sun
2013-06-20 20:02 - 2013-06-20 20:03 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-20 20:02 - 2013-06-20 20:03 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 20:02 - 2013-06-20 20:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 13:33 - 2013-06-20 13:33 - 05701195 _____ C:\Users\Paul\Desktop\Kanal-Trailer.mp4
2013-06-19 19:22 - 2013-05-28 00:49 - 04247414 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 22:29 - 2013-05-28 23:25 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-18 08:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-06-17 19:44 - 2013-06-17 19:44 - 00007451 _____ C:\Users\Paul\Documents\MY_DATA_061713_1.p2g
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-17 19:27 - 2013-06-17 19:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2013-06-17 19:27 - 2013-05-22 21:52 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-17 19:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-17 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 18:55 - 2013-06-17 18:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-17 12:44 - 2011-04-13 04:33 - 00000000 ____D C:\ProgramData\Partner

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 2F46C1760C531EB2B181F9076E552E8A ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-15 05:20

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 16.07.2013, 10:54   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2013, 11:48   #14
Paulx
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Code:
ATTFilter
ComboFix 13-07-15.01 - Paul 16.07.2013  12:10:31.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4076.2622 [GMT 2:00]
ausgeführt von:: c:\users\Paul\Downloads\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\users\Paul\AppData\Local\Temp\nsnFF1B.tmp\System.dll
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-16 bis 2013-07-16  ))))))))))))))))))))))))))))))
.
.
2013-07-16 10:34 . 2013-07-16 10:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-16 06:59 . 2013-07-16 06:59	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-07-15 18:09 . 2013-07-15 18:41	--------	d-----w-	C:\FRST
2013-07-14 20:20 . 2013-07-14 20:29	21048	----a-w-	c:\windows\BS_DEF.sys
2013-07-14 19:59 . 2013-07-14 19:59	--------	d-----w-	c:\program files\CPUID
2013-07-13 08:20 . 2013-07-13 08:20	--------	d-----w-	c:\users\Public\Games
2013-07-12 07:46 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-12 07:45 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-12 07:45 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-12 07:45 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-10 11:28 . 2013-07-10 11:28	--------	d-----w-	c:\program files (x86)\AnotherLifeClient
2013-07-07 17:17 . 2013-07-07 17:17	--------	d-----w-	c:\users\Paul\AppData\Roaming\Malwarebytes
2013-07-07 17:17 . 2013-07-07 17:17	--------	d-----w-	c:\programdata\Malwarebytes
2013-07-07 17:16 . 2013-07-07 17:17	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-07 17:16 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-07-03 14:10 . 2013-07-03 14:12	--------	d-----w-	c:\users\Paul\minecraft
2013-07-02 16:09 . 2013-07-02 16:13	--------	d-----w-	c:\program files (x86)\MSECache
2013-07-02 10:55 . 2013-07-02 10:55	--------	d-----w-	c:\users\Paul\AppData\Local\Unity
2013-06-24 19:50 . 2013-06-24 20:37	--------	d-----w-	c:\program files (x86)\osu!
2013-06-24 19:48 . 2013-06-24 19:48	--------	d-----w-	c:\users\Paul\AppData\Roaming\Downloaded Installations
2013-06-23 14:06 . 2013-06-23 14:06	--------	d-----w-	c:\users\Paul\AppData\Roaming\LolClient
2013-06-23 12:10 . 2008-07-12 06:18	467984	----a-w-	c:\windows\SysWow64\d3dx10_39.dll
2013-06-23 12:10 . 2008-07-12 06:18	1493528	----a-w-	c:\windows\SysWow64\D3DCompiler_39.dll
2013-06-23 12:10 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2013-06-23 12:02 . 2013-06-23 12:02	--------	d-----w-	C:\Riot Games
2013-06-23 11:18 . 2013-07-15 21:51	--------	d-----w-	c:\users\Paul\AppData\Local\PMB Files
2013-06-23 11:18 . 2013-07-15 21:51	--------	d-----w-	c:\programdata\PMB Files
2013-06-23 11:17 . 2013-06-23 11:17	--------	d-----w-	c:\program files (x86)\Pando Networks
2013-06-23 11:17 . 2013-06-23 11:17	--------	d-----w-	c:\users\Paul\.swt
2013-06-22 16:31 . 2013-06-22 16:31	--------	d-----w-	C:\Medic-Keybinder
2013-06-20 20:17 . 2013-06-20 20:37	--------	d-----w-	c:\users\Paul\AppData\Roaming\Notepad++
2013-06-20 20:17 . 2013-06-20 20:17	--------	d-----w-	c:\program files (x86)\Notepad++
2013-06-20 18:08 . 2013-07-03 14:45	--------	d-----w-	c:\users\Paul\AppData\Roaming\.minecraft
2013-06-20 18:03 . 2013-06-20 18:03	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-06-20 18:03 . 2013-06-20 18:02	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-06-20 18:03 . 2013-06-20 18:02	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-20 18:03 . 2013-06-20 18:02	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 18:02 . 2013-06-20 18:02	--------	d-----w-	c:\program files (x86)\Java
2013-06-17 17:27 . 2013-06-17 17:27	--------	d-----w-	c:\users\Public\CyberLink
2013-06-17 17:27 . 2013-06-17 17:27	--------	d-----w-	c:\users\Paul\AppData\Roaming\CyberLink
2013-06-17 16:54 . 2013-06-17 16:55	--------	d-----w-	c:\users\Paul\AppData\Roaming\DVDVideoSoft
2013-06-17 16:54 . 2013-06-17 16:55	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-06-17 16:54 . 2013-06-17 16:54	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-16 10:36 . 2013-05-22 11:15	45056	----a-w-	c:\windows\system32\acovcnt.exe
2013-06-12 18:29 . 2013-05-22 11:25	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:29 . 2013-05-22 11:25	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-07 22:27 . 2013-06-07 22:27	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-06-07 22:27 . 2013-06-07 22:27	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-06-07 22:27 . 2013-06-07 22:27	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-06-07 22:27 . 2013-06-07 22:27	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-06-07 22:27 . 2013-06-07 22:27	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-06-07 22:27 . 2013-06-07 22:27	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-06-07 22:27 . 2013-06-07 22:27	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-06-07 22:27 . 2013-06-07 22:27	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-07 22:27 . 2013-06-07 22:27	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-06-07 22:27 . 2013-06-07 22:27	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-06-07 22:27 . 2013-06-07 22:27	81408	----a-w-	c:\windows\system32\icardie.dll
2013-06-07 22:27 . 2013-06-07 22:27	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-06-07 22:27 . 2013-06-07 22:27	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-07 22:27 . 2013-06-07 22:27	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-06-07 22:27 . 2013-06-07 22:27	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-06-07 22:27 . 2013-06-07 22:27	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-06-07 22:27 . 2013-06-07 22:27	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-06-07 22:27 . 2013-06-07 22:27	441856	----a-w-	c:\windows\system32\html.iec
2013-06-07 22:27 . 2013-06-07 22:27	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-06-07 22:27 . 2013-06-07 22:27	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-06-07 22:27 . 2013-06-07 22:27	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-06-07 22:27 . 2013-06-07 22:27	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-06-07 22:27 . 2013-06-07 22:27	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-06-07 22:27 . 2013-06-07 22:27	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-06-07 22:27 . 2013-06-07 22:27	235008	----a-w-	c:\windows\system32\url.dll
2013-06-07 22:27 . 2013-06-07 22:27	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-06-07 22:27 . 2013-06-07 22:27	216064	----a-w-	c:\windows\system32\msls31.dll
2013-06-07 22:27 . 2013-06-07 22:27	197120	----a-w-	c:\windows\system32\msrating.dll
2013-06-07 22:27 . 2013-06-07 22:27	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-06-07 22:27 . 2013-06-07 22:27	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-06-07 22:27 . 2013-06-07 22:27	144896	----a-w-	c:\windows\system32\wextract.exe
2013-06-07 22:27 . 2013-06-07 22:27	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-06-07 22:27 . 2013-06-07 22:27	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-06-07 22:27 . 2013-06-07 22:27	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-06-07 22:27 . 2013-06-07 22:27	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-06-07 22:27 . 2013-06-07 22:27	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-06-07 22:27 . 2013-06-07 22:27	102912	----a-w-	c:\windows\system32\inseng.dll
2013-06-07 22:27 . 2013-06-07 22:27	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-06-07 22:27 . 2013-06-07 22:27	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-06-07 22:27 . 2013-06-07 22:27	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-06-07 22:27 . 2013-06-07 22:27	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-06-07 22:27 . 2013-06-07 22:27	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-06-07 22:27 . 2013-06-07 22:27	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-06-07 22:27 . 2013-06-07 22:27	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-06-07 22:27 . 2013-06-07 22:27	149504	----a-w-	c:\windows\system32\occache.dll
2013-06-07 22:27 . 2013-06-07 22:27	13824	----a-w-	c:\windows\system32\mshta.exe
2013-06-07 22:27 . 2013-06-07 22:27	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-06-07 22:27 . 2013-06-07 22:27	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-06-07 22:27 . 2013-06-07 22:27	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-06-07 22:23 . 2013-06-07 22:23	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-06-07 22:23 . 2013-06-07 22:23	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-06-07 22:23 . 2013-06-07 22:23	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-06-07 22:23 . 2013-06-07 22:23	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-06-07 22:23 . 2013-06-07 22:23	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-07 22:23 . 2013-06-07 22:23	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-06-07 22:23 . 2013-06-07 22:23	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-06-07 22:23 . 2013-06-07 22:23	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-06-07 22:23 . 2013-06-07 22:23	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-06-07 22:23 . 2013-06-07 22:23	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-06-07 22:23 . 2013-06-07 22:23	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-06-07 22:23 . 2013-06-07 22:23	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-06-07 22:23 . 2013-06-07 22:23	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-06-07 22:23 . 2013-06-07 22:23	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-06-07 22:23 . 2013-06-07 22:23	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-06-07 22:23 . 2013-06-07 22:23	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-07 22:23 . 2013-06-07 22:23	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-06-07 22:23 . 2013-06-07 22:23	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-06-07 22:23 . 2013-06-07 22:23	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-06-07 22:23 . 2013-06-07 22:23	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-06-07 22:23 . 2013-06-07 22:23	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-06-07 22:23 . 2013-06-07 22:23	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-06-07 22:23 . 2013-06-07 22:23	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-06-07 22:23 . 2013-06-07 22:23	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-06-07 22:23 . 2013-06-07 22:23	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-06-07 22:23 . 2013-06-07 22:23	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-06-07 22:23 . 2013-06-07 22:23	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-06-07 22:23 . 2013-06-07 22:23	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-06-07 22:23 . 2013-06-07 22:23	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-06-07 22:23 . 2013-06-07 22:23	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-06-02 02:15 . 2013-06-02 02:12	113152	----a-w-	C:\aim1
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
2012-05-25 15:32	229712	----a-w-	c:\program files (x86)\Search Fairy\SearchFairy.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SpeedBoosterSvc;appsmaker SpeedBooster 2.0 Service;c:\program files (x86)\Common Files\OptimalSuite Common\BoostService.exe;c:\program files (x86)\Common Files\OptimalSuite Common\BoostService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMOptimalDiskService;appsmaker OptimalDisk Service;c:\program files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe;c:\program files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-03 11:09	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-22 18:29]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - c:\program files (x86)\Search Fairy\SearchFairy.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\
FF - ExtSQL: 2013-06-04 20:31; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\wht6iy40.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-73271944.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Neverwinter - c:\users\Paul\Desktop\Cryptic Studios\Uninstall Neverwinter.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-16  12:43:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-16 10:43
.
Vor Suchlauf: 14 Verzeichnis(se), 52.249.993.216 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 52.388.876.288 Bytes frei
.
- - End Of File - - 5102BC93B8E5475E3EFD277A3AD7A80B
5C616939100B85E558DA92B899A0FC36

Alt 16.07.2013, 12:14   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Werbung ohne Browser geöffnet zu haben. - Standard

Werbung ohne Browser geöffnet zu haben.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 2 1 2

Themen zu Werbung ohne Browser geöffnet zu haben.
adobe, adobe flash player, browser, entfern, entfernt, fenster, flash, flash player, funde, malwarebytes, media, media player, offen, player, problem, scan, scanne, scannen, update, virus, werbung, windows, windows media player


« Malwareverdacht: Browserdaten werden auf unbekanntem Netzlaufwerk gespeichert | Auf jeder Website überall Werbung »


Ähnliche Themen: Werbung ohne Browser geöffnet zu haben.


  1. Werbung und Anime Audio im Hintergrund ohne ein Programm geöffnet zu haben
    Plagegeister aller Art und deren Bekämpfung - 31.07.2015 (1)
  2. Zip-Datei mit Malware auf iPad geöffnet - kann ich mir was eingefangen haben?
    Smartphone, Tablet & Handy Security - 06.05.2015 (9)
  3. Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.
    Log-Analyse und Auswertung - 02.03.2015 (23)
  4. Google Chrome öffnet Pop-Up Fenster (Werbung) ohne das ich im Browser etwas mache
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (15)
  5. Festplattenkapazität schwankt ständig, ohne etwas abgespeichert zu haben.
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (20)
  6. Töne und Werbung, ohne etwas geöffnet zu haben (evtl. Audio Trojaner?)
    Plagegeister aller Art und deren Bekämpfung - 28.01.2015 (15)
  7. Musik, Nachrichten und Werbung ohne Browser etc.
    Log-Analyse und Auswertung - 13.01.2015 (19)
  8. Hohe Pc auslastung(ram) ohne Programme geöffnet zu haben
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (5)
  9. Werbung im Hintergrund ohne etwas geöffnet zu haben
    Plagegeister aller Art und deren Bekämpfung - 05.12.2014 (4)
  10. Internetseiten haben Werbung eingeblendet, die da nicht sein sollte
    Plagegeister aller Art und deren Bekämpfung - 04.09.2014 (11)
  11. Browser Startseite haben sich nicht ändern lassen
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (5)
  12. Verdacht eine verseuchte E-Mail geöffnet zu haben.
    Log-Analyse und Auswertung - 19.03.2014 (12)
  13. Werbung im Browser; Unterstrichene Wörter mit Werbung; Taskleiste zeigt kurz ein Symbol
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (4)
  14. Hintergrundmusik/werbung zu hören ohne das was geöffnet ist.
    Plagegeister aller Art und deren Bekämpfung - 14.01.2014 (15)
  15. 99% Ramspeicher Auslastung Ohne Größeren Prozesse geöffnet haben
    Plagegeister aller Art und deren Bekämpfung - 08.12.2013 (22)
  16. Alle Browser haben verbindungsprobleme
    Log-Analyse und Auswertung - 30.03.2012 (13)
  17. IST ES AUSREICHEND, WENN ICH DIE EMAILS LÖSCHE (OHNE DEN ANHANG GEÖFFNET ZU HABEN)???
    Plagegeister aller Art und deren Bekämpfung - 23.12.2003 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Werbung ohne Browser geöffnet zu haben. - Ich habe ein Adobe flash Player update gemacht dieser Player aber ein Virus gewesen zu sein seit den höre ich Werbung ohne ein Fenster offen zu haben. Die Werbung kommt - Werbung ohne Browser geöffnet zu haben....
Archiv
Du betrachtest: Werbung ohne Browser geöffnet zu haben. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131