Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir

cosinus · 26.07.2013, 18:33

Bitte die Logs on CODE-Tags posten!

Hat MBAT etwas gefunden, konntest du das sehen?

matzepatze · 26.07.2013, 18:36

Leider konnte ich nicht sehen, ob MBAT etwas gefunden hat. Bis zum Disk-Check scheint alles ok zu sein. Dann kommt irgendwann der BlueScreen.

Hier nochmal die Microsoft-Log in Code-Tag:

Code:

ATTFilter

Problemsignatur:
Problemereignisname:	BlueScreen
Betriebsystemversion:	6.0.6002.2.2.0.768.3
Gebietsschema-ID:	1033

Zusatzinformationen zum Problem:
BCCode:	1000007e
BCP1:	FFFFFFFFC0000005
BCP2:	FFFFFA6009AD109C
BCP3:	FFFFFA600BFA42D8
BCP4:	FFFFFA600BFA3CB0
OS Version:	6_0_6002
Service Pack:	2_0
Product:	768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\Mini072613-02.dmp
C:\Users\Matze\AppData\Local\temp\WER-385400-0.sysdata.xml
C:\Users\Matze\AppData\Local\temp\WER4327.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407

cosinus · 26.07.2013, 18:41

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

matzepatze · 26.07.2013, 18:52

Ok, werde ich ausführen. Noch eine Frage: Ich kann AntiVir nicht deaktivieren. Ist das schlimm? Eigentlich soll der ja deaktiviert werden. Soll beim aswMBR QuickScan aktiviert sein?

Übrigens: Wenn ich AntiVir deaktivieren möchte, wird gemeldet, dass ich nicht die Rechte habe, cuuac.exe zu beenden. Diese liegt angeblich auf dem Dektop!

cosinus · 26.07.2013, 19:09

Wie versuchst du es zu deaktivieren? Es reicht, den Schirm zu schließen....

matzepatze · 26.07.2013, 19:13

Den Haken vom Echtzeit-Scanner wegnehmen, klappt nicht.

Es kommt die Meldung:

Auf das angegebene Gerät bzw. den Pfad oder die Datei kann nicht zugegriffen werden...

C:\Program Files (x86)\Avira\AntiVir Desktop\cccuac.exe

cosinus · 26.07.2013, 19:25

Dann deinstalliere AntiVir erstmal. Sonst kommen wir nicht weiter.
Wenn wir durch sind kann ein Virenscanner wieder rauf.

matzepatze · 28.07.2013, 12:21

Ich werde verrückt. aswMBR lief als Full San über Nacht und nun ist er abgestürzt. Ich habe danach nochmal den TDDS-Killer laufen. Es wurde nichts gefunden:

Code:

ATTFilter

15:56:31.0749 6264  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:56:32.0060 6264  ============================================================
15:56:32.0060 6264  Current date / time: 2013/07/27 15:56:32.0060
15:56:32.0060 6264  SystemInfo:
15:56:32.0060 6264  
15:56:32.0060 6264  OS Version: 6.0.6002 ServicePack: 2.0
15:56:32.0060 6264  Product type: Workstation
15:56:32.0060 6264  ComputerName: MATZEBOOK
15:56:32.0061 6264  UserName: Matze
15:56:32.0061 6264  Windows directory: C:\Windows
15:56:32.0061 6264  System windows directory: C:\Windows
15:56:32.0061 6264  Running under WOW64
15:56:32.0061 6264  Processor architecture: Intel x64
15:56:32.0061 6264  Number of processors: 2
15:56:32.0061 6264  Page size: 0x1000
15:56:32.0061 6264  Boot type: Normal boot
15:56:32.0061 6264  ============================================================
15:56:33.0876 6264  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:56:33.0885 6264  ============================================================
15:56:33.0885 6264  \Device\Harddisk0\DR0:
15:56:33.0908 6264  MBR partitions:
15:56:33.0908 6264  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F000, BlocksNum 0x1400000
15:56:33.0908 6264  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143F000, BlocksNum 0x23AEEFF8
15:56:33.0913 6264  ============================================================
15:56:34.0019 6264  C: <-> \Device\Harddisk0\DR0\Partition2
15:56:34.0063 6264  D: <-> \Device\Harddisk0\DR0\Partition1
15:56:34.0063 6264  ============================================================
15:56:34.0063 6264  Initialize success
15:56:34.0063 6264  ============================================================
15:56:45.0449 5352  ============================================================
15:56:45.0449 5352  Scan started
15:56:45.0449 5352  Mode: Manual; TDLFS; 
15:56:45.0449 5352  ============================================================
15:56:52.0056 5352  ================ Scan system memory ========================
15:56:52.0056 5352  System memory - ok
15:56:52.0056 5352  ================ Scan services =============================
15:56:52.0749 5352  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
15:56:52.0906 5352  AAV UpdateService - ok
15:56:54.0840 5352  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:56:54.0872 5352  ACPI - ok
15:56:55.0208 5352  [ 9A80B4B07F89BDBF0D0037453C155402 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:56:55.0305 5352  AcrSch2Svc - ok
15:56:55.0602 5352  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:56:55.0634 5352  AdobeARMservice - ok
15:56:57.0360 5352  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:56:57.0420 5352  AdobeFlashPlayerUpdateSvc - ok
15:56:57.0853 5352  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:56:57.0922 5352  adp94xx - ok
15:56:58.0047 5352  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:56:58.0111 5352  adpahci - ok
15:56:58.0176 5352  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:56:58.0215 5352  adpu160m - ok
15:56:58.0267 5352  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:56:58.0300 5352  adpu320 - ok
15:56:58.0404 5352  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:56:58.0405 5352  AeLookupSvc - ok
15:56:59.0571 5352  [ 05F4262FDBDFAECA7EF9B3F0807508FC ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe
15:56:59.0604 5352  AESTFilters - ok
15:56:59.0884 5352  [ ADDBF461DFDBE079D11E94EC61FC2503 ] AF9035BDA       C:\Windows\system32\DRIVERS\AF9035BDA.sys
15:56:59.0903 5352  AF9035BDA - ok
15:57:00.0149 5352  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
15:57:00.0200 5352  AFD - ok
15:57:00.0355 5352  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:57:00.0391 5352  agp440 - ok
15:57:00.0535 5352  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:57:00.0555 5352  aic78xx - ok
15:57:00.0637 5352  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
15:57:00.0671 5352  ALG - ok
15:57:00.0702 5352  [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:57:00.0780 5352  aliide - ok
15:57:00.0813 5352  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
15:57:00.0854 5352  amdide - ok
15:57:00.0953 5352  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:57:00.0981 5352  AmdK8 - ok
15:57:01.0084 5352  [ 48F957A11AF8B8278C4A38EEEDDD49B9 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
15:57:01.0115 5352  ApfiltrService - ok
15:57:01.0309 5352  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
15:57:01.0311 5352  Appinfo - ok
15:57:01.0674 5352  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
15:57:01.0796 5352  arc - ok
15:57:02.0467 5352  [ 7D90F9568102AA6C163ECD2E97A45F77 ] ArcGIS License Manager C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
15:57:03.0888 5352  ArcGIS License Manager - ok
15:57:04.0073 5352  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:57:04.0117 5352  arcsas - ok
15:57:04.0942 5352  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:57:05.0381 5352  aspnet_state - ok
15:57:05.0690 5352  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:05.0731 5352  AsyncMac - ok
15:57:05.0792 5352  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:57:05.0811 5352  atapi - ok
15:57:06.0116 5352  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:06.0146 5352  AudioEndpointBuilder - ok
15:57:06.0319 5352  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:57:06.0321 5352  AudioSrv - ok
15:57:06.0358 5352  Beep - ok
15:57:06.0819 5352  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\system32\qmgr.dll
15:57:06.0905 5352  BITS - ok
15:57:06.0956 5352  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:57:06.0991 5352  blbdrive - ok
15:57:07.0094 5352  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:57:07.0154 5352  bowser - ok
15:57:07.0226 5352  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:57:07.0255 5352  BrFiltLo - ok
15:57:07.0303 5352  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:57:07.0338 5352  BrFiltUp - ok
15:57:07.0509 5352  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
15:57:07.0545 5352  Browser - ok
15:57:07.0630 5352  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:57:07.0657 5352  Brserid - ok
15:57:07.0721 5352  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:57:07.0734 5352  BrSerWdm - ok
15:57:07.0792 5352  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:57:07.0833 5352  BrUsbMdm - ok
15:57:07.0881 5352  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:57:07.0919 5352  BrUsbSer - ok
15:57:08.0052 5352  [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:57:08.0077 5352  BthEnum - ok
15:57:08.0204 5352  [ 72F70A38BB15252EB7C4DA7BA3BD4ED1 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:57:08.0234 5352  BTHMODEM - ok
15:57:08.0391 5352  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:57:08.0486 5352  BthPan - ok
15:57:08.0662 5352  [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:57:08.0696 5352  BTHPORT - ok
15:57:08.0762 5352  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ         C:\Windows\System32\bthserv.dll
15:57:08.0791 5352  BthServ - ok
15:57:08.0867 5352  [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:57:08.0894 5352  BTHUSB - ok
15:57:09.0085 5352  [ 3F9E2FA99C1604BA4D099116C49D2BE9 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:57:09.0114 5352  btwaudio - ok
15:57:09.0158 5352  [ 5CFF0F47E1372445F7D6CDA161CA8269 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
15:57:09.0191 5352  btwavdt - ok
15:57:09.0347 5352  [ 65864E5020E608BFBA6729C11E4EE9E9 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:57:09.0363 5352  btwrchid - ok
15:57:09.0689 5352  CAPI20 - ok
15:57:09.0836 5352  catchme - ok
15:57:09.0936 5352  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:57:09.0958 5352  cdfs - ok
15:57:10.0100 5352  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:57:10.0139 5352  cdrom - ok
15:57:10.0185 5352  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:57:10.0212 5352  CertPropSvc - ok
15:57:10.0299 5352  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:57:10.0332 5352  circlass - ok
15:57:10.0445 5352  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
15:57:10.0682 5352  CLFS - ok
15:57:10.0985 5352  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:11.0027 5352  clr_optimization_v2.0.50727_32 - ok
15:57:11.0203 5352  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:57:11.0253 5352  clr_optimization_v2.0.50727_64 - ok
15:57:11.0889 5352  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:12.0315 5352  clr_optimization_v4.0.30319_32 - ok
15:57:12.0475 5352  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:57:12.0972 5352  clr_optimization_v4.0.30319_64 - ok
15:57:13.0200 5352  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:13.0249 5352  CmBatt - ok
15:57:13.0296 5352  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:57:13.0348 5352  cmdide - ok
15:57:13.0405 5352  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:57:13.0437 5352  Compbatt - ok
15:57:13.0441 5352  COMSysApp - ok
15:57:13.0516 5352  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:57:13.0544 5352  crcdisk - ok
15:57:13.0743 5352  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:57:13.0770 5352  CryptSvc - ok
15:57:14.0026 5352  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:57:14.0116 5352  DcomLaunch - ok
15:57:14.0314 5352  DeltaCopyService - ok
15:57:14.0318 5352  DETEWECP - ok
15:57:14.0436 5352  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:57:14.0472 5352  DfsC - ok
15:57:15.0471 5352  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
15:57:17.0228 5352  DFSR - ok
15:57:17.0506 5352  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:57:17.0547 5352  Dhcp - ok
15:57:17.0586 5352  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
15:57:17.0588 5352  disk - ok
15:57:17.0664 5352  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:57:17.0667 5352  Dnscache - ok
15:57:17.0788 5352  [ DB29915209770D8B59654345EC2D943A ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:57:17.0798 5352  DockLoginService - ok
15:57:17.0866 5352  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:57:17.0903 5352  dot3svc - ok
15:57:18.0003 5352  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
15:57:18.0034 5352  DPS - ok
15:57:18.0084 5352  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:57:18.0085 5352  drmkaud - ok
15:57:18.0229 5352  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:57:18.0286 5352  DXGKrnl - ok
15:57:18.0890 5352  [ 17D40652EF3E55EEAE187A89DF40965A ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
15:57:18.0941 5352  e1express - ok
15:57:19.0003 5352  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:57:19.0013 5352  E1G60 - ok
15:57:19.0197 5352  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
15:57:19.0255 5352  EapHost - ok
15:57:19.0445 5352  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:57:19.0462 5352  Ecache - ok
15:57:19.0802 5352  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:57:19.0845 5352  ehRecvr - ok
15:57:19.0895 5352  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
15:57:19.0942 5352  ehSched - ok
15:57:19.0953 5352  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
15:57:19.0962 5352  ehstart - ok
15:57:20.0107 5352  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:57:20.0159 5352  elxstor - ok
15:57:20.0263 5352  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:57:20.0294 5352  EMDMgmt - ok
15:57:20.0337 5352  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:57:20.0338 5352  ErrDev - ok
15:57:20.0568 5352  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
15:57:20.0602 5352  EventSystem - ok
15:57:21.0152 5352  [ 7E763F8F300346A8F1DA8BB1DFA9CA97 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:57:21.0530 5352  EvtEng - ok
15:57:21.0680 5352  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:57:21.0684 5352  exfat - ok
15:57:21.0763 5352  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:57:21.0792 5352  fastfat - ok
15:57:21.0838 5352  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:57:21.0840 5352  fdc - ok
15:57:21.0945 5352  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
15:57:21.0969 5352  fdPHost - ok
15:57:22.0008 5352  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
15:57:22.0010 5352  FDResPub - ok
15:57:22.0062 5352  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:57:22.0088 5352  FileInfo - ok
15:57:22.0121 5352  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:57:22.0165 5352  Filetrace - ok
15:57:22.0464 5352  [ CFC890FF6797C6C4E4C4B9AD2258AF73 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
15:57:22.0550 5352  FileZilla Server - ok
15:57:23.0044 5352  [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:57:23.0176 5352  FLEXnet Licensing Service - ok
15:57:23.0843 5352  [ F1A9C61436E12A637A647870DD6D9EEF ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:57:24.0047 5352  FLEXnet Licensing Service 64 - ok
15:57:24.0089 5352  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:24.0090 5352  flpydisk - ok
15:57:24.0279 5352  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:57:24.0337 5352  FltMgr - ok
15:57:25.0273 5352  [ F20A97F51C104DD0A163251325460747 ] FontCache       C:\Windows\system32\FntCache.dll
15:57:25.0492 5352  FontCache - ok
15:57:25.0645 5352  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:57:25.0691 5352  FontCache3.0.0.0 - ok
15:57:25.0752 5352  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:57:25.0779 5352  Fs_Rec - ok
15:57:25.0838 5352  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:57:25.0867 5352  gagp30kx - ok
15:57:26.0083 5352  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:57:26.0140 5352  gpsvc - ok
15:57:26.0438 5352  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9a87df6fc8890 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:26.0475 5352  gupdate1c9a87df6fc8890 - ok
15:57:26.0672 5352  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:26.0672 5352  gupdatem - ok
15:57:27.0023 5352  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:27.0114 5352  HDAudBus - ok
15:57:27.0175 5352  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:57:27.0198 5352  HidBth - ok
15:57:27.0256 5352  [ 5F47839455D01FF6403B008D481A6F5B ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:57:27.0288 5352  HidIr - ok
15:57:27.0335 5352  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\System32\hidserv.dll
15:57:27.0360 5352  hidserv - ok
15:57:27.0422 5352  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:57:27.0423 5352  HidUsb - ok
15:57:27.0491 5352  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:57:27.0524 5352  hkmsvc - ok
15:57:27.0617 5352  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:57:27.0645 5352  HpCISSs - ok
15:57:28.0068 5352  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:57:28.0183 5352  hpqcxs08 - ok
15:57:28.0280 5352  [ DF446BA625CC441617843E87798CE048 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:57:28.0305 5352  hpqddsvc - ok
15:57:28.0710 5352  [ 969F2F6571B915BADA4FA68228C2CBBC ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:57:28.0842 5352  HPSLPSVC - ok
15:57:29.0016 5352  HTCAND64 - ok
15:57:29.0159 5352  [ 4F6C3122817049997CD696D4A38BFACB ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
15:57:29.0185 5352  htcnprot - ok
15:57:29.0671 5352  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:57:29.0770 5352  HTTP - ok
15:57:29.0874 5352  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:57:29.0905 5352  i2omp - ok
15:57:30.0002 5352  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:57:30.0027 5352  i8042prt - ok
15:57:30.0170 5352  [ 16A4671255CFB842225F0FDB6DBDB414 ] iaStor          C:\Windows\system32\drivers\iastor.sys
15:57:30.0172 5352  iaStor - ok
15:57:30.0288 5352  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:57:30.0346 5352  iaStorV - ok
15:57:30.0752 5352  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:57:30.0865 5352  idsvc - ok
15:57:30.0960 5352  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:57:31.0018 5352  iirsp - ok
15:57:31.0402 5352  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
15:57:31.0586 5352  IKEEXT - ok
15:57:31.0671 5352  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
15:57:31.0702 5352  intelide - ok
15:57:31.0735 5352  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:57:31.0736 5352  intelppm - ok
15:57:31.0924 5352  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:57:31.0959 5352  IPBusEnum - ok
15:57:32.0023 5352  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:32.0085 5352  IpFilterDriver - ok
15:57:32.0213 5352  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:57:32.0253 5352  iphlpsvc - ok
15:57:32.0256 5352  IpInIp - ok
15:57:32.0317 5352  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:57:32.0350 5352  IPMIDRV - ok
15:57:32.0381 5352  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:57:32.0385 5352  IPNAT - ok
15:57:32.0448 5352  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:57:32.0519 5352  IRENUM - ok
15:57:32.0620 5352  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:57:32.0654 5352  isapnp - ok
15:57:32.0782 5352  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:57:32.0811 5352  iScsiPrt - ok
15:57:32.0835 5352  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:57:32.0862 5352  iteatapi - ok
15:57:32.0895 5352  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:57:32.0950 5352  iteraid - ok
15:57:33.0013 5352  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:33.0045 5352  kbdclass - ok
15:57:33.0139 5352  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:57:33.0200 5352  kbdhid - ok
15:57:33.0285 5352  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
15:57:33.0334 5352  KeyIso - ok
15:57:33.0379 5352  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:57:33.0431 5352  KSecDD - ok
15:57:33.0529 5352  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:57:33.0559 5352  ksthunk - ok
15:57:33.0805 5352  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:57:33.0902 5352  KtmRm - ok
15:57:34.0010 5352  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:57:34.0029 5352  LanmanServer - ok
15:57:34.0230 5352  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:57:34.0288 5352  LanmanWorkstation - ok
15:57:34.0323 5352  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:57:34.0351 5352  lltdio - ok
15:57:34.0399 5352  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:57:34.0483 5352  lltdsvc - ok
15:57:34.0524 5352  lmab_device - ok
15:57:34.0591 5352  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:57:34.0646 5352  lmhosts - ok
15:57:34.0767 5352  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:57:34.0828 5352  LSI_FC - ok
15:57:34.0860 5352  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:57:34.0887 5352  LSI_SAS - ok
15:57:34.0933 5352  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:57:34.0961 5352  LSI_SCSI - ok
15:57:34.0996 5352  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:57:34.0999 5352  luafv - ok
15:57:35.0408 5352  [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
15:57:35.0461 5352  mbamchameleon - ok
15:57:35.0509 5352  [ DD8BCFCA0A082670116E17F875306FCB ] mbamswissarmy   C:\Windows\system32\drivers\mbamswissarmy.sys
15:57:35.0536 5352  mbamswissarmy - ok
15:57:35.0588 5352  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:57:35.0629 5352  Mcx2Svc - ok
15:57:35.0785 5352  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
15:57:35.0808 5352  megasas - ok
15:57:35.0986 5352  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:57:36.0011 5352  MegaSR - ok
15:57:36.0379 5352  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:57:36.0511 5352  Microsoft Office Groove Audit Service - ok
15:57:36.0617 5352  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
15:57:36.0647 5352  MMCSS - ok
15:57:36.0934 5352  [ 6D4236D8B7BD6557B77FBF2AB001CAD4 ] mod7700         C:\Windows\system32\DRIVERS\dvb7700all.sys
15:57:37.0062 5352  mod7700 - ok
15:57:37.0154 5352  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
15:57:37.0186 5352  Modem - ok
15:57:37.0221 5352  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:57:37.0222 5352  monitor - ok
15:57:37.0276 5352  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:57:37.0306 5352  mouclass - ok
15:57:37.0403 5352  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:57:37.0432 5352  mouhid - ok
15:57:37.0473 5352  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:57:37.0516 5352  MountMgr - ok
15:57:37.0983 5352  [ E3252991298FB01B3D3B6433A5FBF8EE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:57:38.0003 5352  MozillaMaintenance - ok
15:57:38.0093 5352  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:57:38.0127 5352  mpio - ok
15:57:38.0212 5352  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:57:38.0295 5352  mpsdrv - ok
15:57:38.0383 5352  MpsSvc - ok
15:57:38.0469 5352  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:57:38.0471 5352  Mraid35x - ok
15:57:38.0613 5352  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:57:38.0645 5352  MRxDAV - ok
15:57:38.0694 5352  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:38.0779 5352  mrxsmb - ok
15:57:38.0906 5352  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:38.0973 5352  mrxsmb10 - ok
15:57:39.0017 5352  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:39.0056 5352  mrxsmb20 - ok
15:57:39.0156 5352  [ 730B784962D22D2C6481EAE2370E7C8C ] msahci          C:\Windows\system32\drivers\msahci.sys
15:57:39.0192 5352  msahci - ok
15:57:39.0231 5352  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:57:39.0280 5352  msdsm - ok
15:57:39.0311 5352  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
15:57:39.0340 5352  MSDTC - ok
15:57:39.0379 5352  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:57:39.0388 5352  Msfs - ok
15:57:39.0492 5352  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:57:39.0507 5352  msisadrv - ok
15:57:39.0676 5352  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:57:39.0716 5352  MSiSCSI - ok
15:57:39.0719 5352  msiserver - ok
15:57:39.0808 5352  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:57:39.0857 5352  MSKSSRV - ok
15:57:39.0964 5352  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:39.0988 5352  MSPCLOCK - ok
15:57:40.0077 5352  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:57:40.0107 5352  MSPQM - ok
15:57:40.0293 5352  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:57:40.0354 5352  MsRPC - ok
15:57:40.0396 5352  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:40.0427 5352  mssmbios - ok
15:57:40.0792 5352  MSSQL$SQLEXPRESS - ok
15:57:41.0006 5352  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:57:41.0027 5352  MSSQLServerADHelper100 - ok
15:57:41.0068 5352  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:57:41.0145 5352  MSTEE - ok
15:57:41.0177 5352  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:57:41.0186 5352  Mup - ok
15:57:41.0410 5352  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
15:57:41.0454 5352  napagent - ok
15:57:41.0631 5352  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:57:41.0674 5352  NativeWifiP - ok
15:57:41.0869 5352  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:57:42.0005 5352  NDIS - ok
15:57:42.0099 5352  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:42.0100 5352  NdisTapi - ok
15:57:42.0150 5352  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:42.0182 5352  Ndisuio - ok
15:57:42.0337 5352  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:42.0615 5352  NdisWan - ok
15:57:42.0658 5352  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:57:42.0685 5352  NDProxy - ok
15:57:42.0747 5352  [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:57:42.0800 5352  Net Driver HPZ12 - ok
15:57:42.0834 5352  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:57:42.0864 5352  NetBIOS - ok
15:57:42.0939 5352  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:57:42.0970 5352  netbt - ok
15:57:43.0000 5352  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
15:57:43.0000 5352  Netlogon - ok
15:57:43.0225 5352  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
15:57:43.0284 5352  Netman - ok
15:57:43.0333 5352  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0706 5352  NetMsmqActivator - ok
15:57:43.0711 5352  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0712 5352  NetPipeActivator - ok
15:57:43.0948 5352  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
15:57:44.0056 5352  netprofm - ok
15:57:44.0064 5352  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:44.0065 5352  NetTcpActivator - ok
15:57:44.0069 5352  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:44.0071 5352  NetTcpPortSharing - ok
15:57:44.0857 5352  [ C75C966DEAD7A84E112A1F30C4781951 ] NETw4v64        C:\Windows\system32\DRIVERS\NETw4v64.sys
15:57:45.0915 5352  NETw4v64 - ok
15:57:47.0316 5352  [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
15:57:49.0574 5352  NETw5v64 - ok
15:57:49.0671 5352  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:57:49.0701 5352  nfrd960 - ok
15:57:49.0798 5352  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:57:49.0832 5352  NlaSvc - ok
15:57:50.0052 5352  [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU      C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
15:57:50.0080 5352  NMSAccessU - ok
15:57:50.0120 5352  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:57:50.0166 5352  Npfs - ok
15:57:50.0196 5352  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
15:57:50.0220 5352  nsi - ok
15:57:50.0297 5352  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:57:50.0337 5352  nsiproxy - ok
15:57:51.0083 5352  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:57:51.0965 5352  Ntfs - ok
15:57:52.0052 5352  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
15:57:52.0079 5352  Null - ok
15:57:56.0036 5352  [ BBE872A814B00798C2D568D46C42A71B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:58:01.0704 5352  nvlddmkm - ok
15:58:01.0737 5352  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:58:01.0815 5352  nvraid - ok
15:58:01.0902 5352  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:58:01.0940 5352  nvstor - ok
15:58:02.0097 5352  [ C924F5B0C0F423103234CABB8DC68C15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:58:02.0139 5352  nvsvc - ok
15:58:02.0172 5352  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:58:02.0221 5352  nv_agp - ok
15:58:02.0223 5352  NwlnkFlt - ok
15:58:02.0227 5352  NwlnkFwd - ok
15:58:02.0473 5352  [ FAEF7B156E073F0450C5087F57696F0B ] OAcat           C:\Program Files (x86)\Online Armor\OAcat.exe
15:58:02.0515 5352  OAcat - ok
15:58:03.0737 5352  [ 9C78F13766AB2629E11FB0DFB162EE33 ] OADevice        C:\Windows\SysWow64\Drivers\OADriver.sys
15:58:03.0778 5352  OADevice - ok
15:58:03.0869 5352  [ 6CDB036083EF969210D2F747C8AB5771 ] oahlpXX         C:\Windows\syswow64\drivers\oahlp64.sys
15:58:03.0894 5352  oahlpXX - ok
15:58:03.0992 5352  [ C2B6A1CCEE9669119A7FC9DAB2008B68 ] OAmon           C:\Windows\SysWOW64\Drivers\OAmon.sys
15:58:04.0019 5352  OAmon - ok
15:58:04.0055 5352  [ F99C170CF63DE515C51BB11E76EA23EC ] OAnet           C:\Windows\system32\DRIVERS\oanet.sys
15:58:04.0080 5352  OAnet - ok
15:58:04.0516 5352  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:58:04.0917 5352  odserv - ok
15:58:05.0067 5352  [ 44A9473D72983DD484B4F1BF0D946571 ] OEM02Dev        C:\Windows\system32\DRIVERS\OEM02Dev.sys
15:58:05.0102 5352  OEM02Dev - ok
15:58:05.0140 5352  [ 766F689564BC30E5A91F8621CE65AD68 ] OEM02Vfx        C:\Windows\system32\DRIVERS\OEM02Vfx.sys
15:58:05.0169 5352  OEM02Vfx - ok
15:58:05.0339 5352  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:58:05.0384 5352  ohci1394 - ok
15:58:05.0594 5352  [ 447D71FFCEFAD01D6787422A6286A182 ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
15:58:05.0635 5352  OpenVPNService - ok
15:58:05.0712 5352  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:58:05.0733 5352  ose - ok
15:58:05.0872 5352  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:58:05.0920 5352  p2pimsvc - ok
15:58:05.0968 5352  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
15:58:05.0972 5352  p2psvc - ok
15:58:06.0082 5352  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
15:58:06.0123 5352  Parport - ok
15:58:06.0183 5352  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:58:06.0225 5352  partmgr - ok
15:58:06.0504 5352  [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:58:06.0526 5352  PassThru Service - ok
15:58:06.0612 5352  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:58:06.0650 5352  PcaSvc - ok
15:58:06.0820 5352  pccsmcfd - ok
15:58:06.0911 5352  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
15:58:06.0944 5352  pci - ok
15:58:07.0028 5352  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:58:07.0052 5352  pciide - ok
15:58:07.0197 5352  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:58:07.0282 5352  pcmcia - ok
15:58:07.0443 5352  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:58:07.0544 5352  PEAUTH - ok
15:58:07.0585 5352  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:58:07.0612 5352  PerfHost - ok
15:58:08.0007 5352  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
15:58:08.0026 5352  pla - ok
15:58:08.0153 5352  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:58:08.0188 5352  PlugPlay - ok
15:58:08.0258 5352  [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:58:08.0304 5352  Pml Driver HPZ12 - ok
15:58:08.0355 5352  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:58:08.0360 5352  PNRPAutoReg - ok
15:58:08.0389 5352  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:58:08.0394 5352  PNRPsvc - ok
15:58:08.0519 5352  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:58:08.0529 5352  PolicyAgent - ok
15:58:08.0583 5352  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:58:08.0600 5352  PptpMiniport - ok
15:58:08.0644 5352  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
15:58:08.0655 5352  Processor - ok
15:58:08.0709 5352  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:58:08.0735 5352  ProfSvc - ok
15:58:08.0762 5352  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:58:08.0762 5352  ProtectedStorage - ok
15:58:08.0839 5352  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:58:08.0867 5352  PSched - ok
15:58:08.0914 5352  [ 901DBA98359966A62A6548596988E931 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:58:08.0916 5352  PxHlpa64 - ok
15:58:08.0956 5352  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:58:08.0991 5352  ql2300 - ok
15:58:09.0015 5352  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:58:09.0017 5352  ql40xx - ok
15:58:09.0048 5352  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
15:58:09.0054 5352  QWAVE - ok
15:58:09.0066 5352  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:58:09.0067 5352  QWAVEdrv - ok
15:58:09.0526 5352  [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
15:58:09.0625 5352  R300 - ok
15:58:09.0719 5352  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
15:58:09.0740 5352  RapiMgr - ok
15:58:09.0764 5352  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:58:09.0765 5352  RasAcd - ok
15:58:09.0792 5352  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
15:58:09.0794 5352  RasAuto - ok
15:58:09.0855 5352  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:09.0875 5352  Rasl2tp - ok
15:58:09.0905 5352  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
15:58:09.0911 5352  RasMan - ok
15:58:09.0993 5352  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:09.0995 5352  RasPppoe - ok
15:58:10.0057 5352  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:58:10.0059 5352  RasSstp - ok
15:58:10.0125 5352  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:58:10.0131 5352  rdbss - ok
15:58:10.0172 5352  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:10.0172 5352  RDPCDD - ok
15:58:10.0244 5352  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:58:10.0272 5352  rdpdr - ok
15:58:10.0309 5352  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:58:10.0310 5352  RDPENCDD - ok
15:58:10.0352 5352  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:58:10.0450 5352  RDPWD - ok
15:58:10.0700 5352  [ 0BF9E30D4F981CAFEDE7DE13604A45F5 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:58:10.0714 5352  RegSrvc - ok
15:58:10.0735 5352  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:58:10.0738 5352  RemoteAccess - ok
15:58:10.0837 5352  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:58:10.0923 5352  RemoteRegistry - ok
15:58:10.0994 5352  [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:58:10.0997 5352  RFCOMM - ok
15:58:11.0031 5352  [ D13D70FAC45FC1DF69F88559B1F72F0A ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
15:58:11.0033 5352  rimmptsk - ok
15:58:11.0048 5352  [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
15:58:11.0049 5352  rimsptsk - ok
15:58:11.0053 5352  [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
15:58:11.0055 5352  rismxdp - ok
15:58:11.0101 5352  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:58:11.0102 5352  ROOTMODEM - ok
15:58:11.0148 5352  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
15:58:11.0172 5352  RpcLocator - ok
15:58:11.0242 5352  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
15:58:11.0246 5352  RpcSs - ok
15:58:11.0308 5352  [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105        C:\Windows\system32\DRIVERS\RsFx0105.sys
15:58:11.0337 5352  RsFx0105 - ok
15:58:11.0367 5352  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:58:11.0369 5352  rspndr - ok
15:58:11.0378 5352  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
15:58:11.0379 5352  SamSs - ok
15:58:11.0412 5352  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:58:11.0450 5352  sbp2port - ok
15:58:11.0540 5352  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:58:11.0575 5352  SCardSvr - ok
15:58:11.0705 5352  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
15:58:11.0752 5352  Schedule - ok
15:58:11.0824 5352  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:58:11.0825 5352  SCPolicySvc - ok
15:58:11.0910 5352  [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:58:11.0912 5352  sdbus - ok
15:58:11.0941 5352  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:58:11.0963 5352  SDRSVC - ok
15:58:12.0013 5352  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:58:12.0043 5352  secdrv - ok
15:58:12.0073 5352  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
15:58:12.0075 5352  seclogon - ok
15:58:12.0089 5352  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\system32\sens.dll
15:58:12.0090 5352  SENS - ok
15:58:12.0145 5352  [ 82215BBED5D37B0C354F0E83FD0C8423 ] Sentinel        C:\Windows\System32\Drivers\SENTINEL64.SYS
15:58:12.0168 5352  Sentinel - ok
15:58:12.0227 5352  [ 708DFADE0905B24375D696F0DB244993 ] sepdal          C:\Windows\System32\Drivers\sepdal.sys
15:58:12.0228 5352  sepdal - ok
15:58:12.0242 5352  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:58:12.0244 5352  Serenum - ok
15:58:12.0261 5352  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
15:58:12.0264 5352  Serial - ok
15:58:12.0285 5352  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:58:12.0286 5352  sermouse - ok
15:58:12.0316 5352  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:58:12.0319 5352  SessionEnv - ok
15:58:12.0375 5352  [ 3A19C899BCF0EA24CFEC2038E6A489DB ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:58:12.0376 5352  sffdisk - ok
15:58:12.0389 5352  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:58:12.0391 5352  sffp_mmc - ok
15:58:12.0410 5352  [ FDCA63A2EEE528585EB66CEAC183EC22 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:58:12.0411 5352  sffp_sd - ok
15:58:12.0463 5352  [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:58:12.0481 5352  sfloppy - ok
15:58:12.0577 5352  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:58:12.0597 5352  SharedAccess - ok
15:58:12.0726 5352  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:58:12.0859 5352  ShellHWDetection - ok
15:58:12.0923 5352  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:58:12.0946 5352  SiSRaid2 - ok
15:58:12.0985 5352  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:58:13.0033 5352  SiSRaid4 - ok
15:58:13.0250 5352  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
15:58:13.0310 5352  slsvc - ok
15:58:13.0370 5352  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:58:13.0373 5352  SLUINotify - ok
15:58:13.0432 5352  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:58:13.0434 5352  Smb - ok
15:58:13.0507 5352  [ 001901F10423616CA0D4AECDCCE8B855 ] snapman380      C:\Windows\system32\DRIVERS\snman380.sys
15:58:13.0511 5352  snapman380 - ok
15:58:13.0534 5352  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:58:13.0535 5352  SNMPTRAP - ok
15:58:13.0590 5352  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
15:58:13.0591 5352  spldr - ok
15:58:13.0698 5352  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
15:58:13.0756 5352  Spooler - ok
15:58:13.0834 5352  [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2       C:\Windows\system32\DRIVERS\stflt.sys
15:58:13.0845 5352  sp_rsdrv2 - ok
15:58:14.0182 5352  [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:58:14.0211 5352  SQLAgent$SQLEXPRESS - ok
15:58:14.0383 5352  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:58:14.0389 5352  SQLBrowser - ok
15:58:14.0468 5352  [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:58:14.0487 5352  SQLWriter - ok
15:58:14.0639 5352  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:58:14.0695 5352  srv - ok
15:58:14.0831 5352  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:58:14.0876 5352  srv2 - ok
15:58:14.0962 5352  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:58:14.0977 5352  srvnet - ok
15:58:15.0012 5352  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:58:15.0017 5352  SSDPSRV - ok
15:58:15.0049 5352  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:58:15.0052 5352  SstpSvc - ok
15:58:15.0698 5352  [ 24543AAF056D3AFCED3F4FF487F53C90 ] ST2012_Svc      C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
15:58:15.0714 5352  ST2012_Svc - ok
15:58:16.0484 5352  [ F883003AC6715537950D0B3E4C609C42 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe
15:58:16.0528 5352  STacSV - ok
15:58:16.0566 5352  [ E964DB5400CFD56FC99CD2AB1B21213F ] STHDA           C:\Windows\system32\drivers\stwrt64.sys
15:58:16.0573 5352  STHDA - ok
15:58:16.0673 5352  [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:58:16.0714 5352  StillCam - ok
15:58:16.0876 5352  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
15:58:16.0908 5352  stisvc - ok
15:58:18.0625 5352  [ 578A7D52C4F7CA65E109B4E7C7AC5CB3 ] SvcOnlineArmor  C:\Program Files (x86)\Online Armor\oasrv.exe
15:58:18.0757 5352  SvcOnlineArmor - ok
15:58:18.0793 5352  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:58:18.0803 5352  swenum - ok
15:58:18.0934 5352  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
15:58:18.0956 5352  swprv - ok
15:58:18.0983 5352  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:58:18.0984 5352  Symc8xx - ok
15:58:19.0003 5352  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:58:19.0005 5352  Sym_hi - ok
15:58:19.0019 5352  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:58:19.0021 5352  Sym_u3 - ok
15:58:19.0471 5352  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
15:58:19.0543 5352  SysMain - ok
15:58:19.0581 5352  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:58:19.0584 5352  TabletInputService - ok
15:58:19.0649 5352  [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
15:58:19.0659 5352  tap0901 - ok
15:58:19.0745 5352  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:58:19.0779 5352  TapiSrv - ok
15:58:19.0808 5352  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
15:58:19.0810 5352  TBS - ok
15:58:20.0100 5352  [ 19A5E570048788BE9343FA96C15CEF6F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:58:20.0248 5352  Tcpip - ok
15:58:20.0524 5352  [ 19A5E570048788BE9343FA96C15CEF6F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:58:20.0534 5352  Tcpip6 - ok
15:58:20.0579 5352  [ F6F46226D0104D997AF8B2ADFABE4B24 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:58:20.0598 5352  tcpipreg - ok
15:58:20.0657 5352  [ CBD13E809E81B07116C8D51AA199F69B ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
15:58:20.0678 5352  TcUsb - ok
15:58:20.0712 5352  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:58:20.0714 5352  TDPIPE - ok
15:58:20.0960 5352  [ FE37527578EFEAF87C7C6040BF4F8226 ] tdrpman147      C:\Windows\system32\DRIVERS\tdrpm147.sys
15:58:21.0000 5352  tdrpman147 - ok
15:58:21.0039 5352  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:58:21.0058 5352  TDTCP - ok
15:58:21.0115 5352  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:58:21.0132 5352  tdx - ok
15:58:21.0193 5352  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:58:21.0211 5352  TermDD - ok
15:58:21.0437 5352  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
15:58:21.0544 5352  TermService - ok
15:58:21.0600 5352  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
15:58:21.0602 5352  Themes - ok
15:58:21.0701 5352  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:58:21.0702 5352  THREADORDER - ok
15:58:21.0771 5352  [ 156EF5E1164BBA862EEE84400C7BA034 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
15:58:21.0792 5352  tifsfilter - ok
15:58:21.0864 5352  [ 8A474022C0465797B13A4EA7535D4C5B ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
15:58:21.0880 5352  timounter - ok
15:58:21.0911 5352  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
15:58:21.0921 5352  TrkWks - ok
15:58:22.0016 5352  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:58:22.0034 5352  TrustedInstaller - ok
15:58:22.0064 5352  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:22.0066 5352  tssecsrv - ok
15:58:22.0082 5352  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:58:22.0083 5352  tunmp - ok
15:58:22.0136 5352  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:58:22.0142 5352  tunnel - ok
15:58:22.0161 5352  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:58:22.0164 5352  uagp35 - ok
15:58:22.0273 5352  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:58:22.0316 5352  udfs - ok
15:58:22.0384 5352  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:58:22.0406 5352  UI0Detect - ok
15:58:22.0447 5352  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:58:22.0486 5352  uliagpkx - ok
15:58:22.0609 5352  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:58:22.0698 5352  uliahci - ok
15:58:22.0772 5352  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:58:22.0815 5352  UlSata - ok
15:58:22.0833 5352  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:58:22.0836 5352  ulsata2 - ok
15:58:22.0866 5352  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:58:22.0868 5352  umbus - ok
15:58:22.0895 5352  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
15:58:22.0901 5352  upnphost - ok
15:58:22.0965 5352  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:58:22.0981 5352  usbaudio - ok
15:58:23.0009 5352  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:23.0011 5352  usbccgp - ok
15:58:23.0072 5352  [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
15:58:23.0080 5352  usbcir - ok
15:58:23.0137 5352  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:58:23.0149 5352  usbehci - ok
15:58:23.0168 5352  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:58:23.0174 5352  usbhub - ok
15:58:23.0206 5352  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:58:23.0221 5352  usbohci - ok
15:58:23.0279 5352  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:58:23.0316 5352  usbprint - ok
15:58:23.0380 5352  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:58:23.0400 5352  USBSTOR - ok
15:58:23.0465 5352  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:58:23.0482 5352  usbuhci - ok
15:58:23.0541 5352  [ C690C8B45DB67DBA284B72D1FD649D2C ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:58:23.0556 5352  usb_rndisx - ok
15:58:23.0626 5352  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
15:58:23.0641 5352  UxSms - ok
15:58:23.0812 5352  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
15:58:23.0844 5352  vds - ok
15:58:23.0892 5352  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:23.0899 5352  vga - ok
15:58:23.0934 5352  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:58:23.0946 5352  VgaSave - ok
15:58:23.0957 5352  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
15:58:23.0958 5352  viaide - ok
15:58:24.0013 5352  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:58:24.0019 5352  volmgr - ok
15:58:24.0134 5352  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:58:24.0177 5352  volmgrx - ok
15:58:24.0273 5352  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:58:24.0319 5352  volsnap - ok
15:58:24.0363 5352  vpnva - ok
15:58:24.0419 5352  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:58:24.0438 5352  vsmraid - ok
15:58:24.0735 5352  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
15:58:24.0815 5352  VSS - ok
15:58:24.0929 5352  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
15:58:24.0965 5352  W32Time - ok
15:58:25.0021 5352  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:58:25.0031 5352  WacomPen - ok
15:58:25.0089 5352  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:58:25.0096 5352  Wanarp - ok
15:58:25.0100 5352  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:58:25.0100 5352  Wanarpv6 - ok
15:58:25.0213 5352  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
15:58:25.0228 5352  WcesComm - ok
15:58:25.0322 5352  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:58:25.0332 5352  wcncsvc - ok
15:58:25.0355 5352  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:58:25.0357 5352  WcsPlugInService - ok
15:58:25.0369 5352  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
15:58:25.0391 5352  Wd - ok
15:58:25.0609 5352  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:58:25.0695 5352  Wdf01000 - ok
15:58:25.0723 5352  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:58:25.0748 5352  WdiServiceHost - ok
15:58:25.0752 5352  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:58:25.0753 5352  WdiSystemHost - ok
15:58:25.0850 5352  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
15:58:25.0856 5352  WebClient - ok
15:58:25.0937 5352  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:58:25.0998 5352  Wecsvc - ok
15:58:26.0037 5352  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:58:26.0040 5352  wercplsupport - ok
15:58:26.0053 5352  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
15:58:26.0057 5352  WerSvc - ok
15:58:26.0066 5352  WinDefend - ok
15:58:26.0073 5352  WinHttpAutoProxySvc - ok
15:58:26.0295 5352  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:58:26.0322 5352  Winmgmt - ok
15:58:26.0732 5352  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:58:26.0785 5352  WinRM - ok
15:58:26.0843 5352  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
15:58:26.0844 5352  WinUSB - ok
15:58:26.0912 5352  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:58:26.0925 5352  Wlansvc - ok
15:58:26.0948 5352  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:58:26.0948 5352  WmiAcpi - ok
15:58:27.0004 5352  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:58:27.0008 5352  wmiApSrv - ok
15:58:27.0038 5352  WMPNetworkSvc - ok
15:58:27.0061 5352  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:58:27.0066 5352  WPCSvc - ok
15:58:27.0115 5352  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:58:27.0154 5352  WPDBusEnum - ok
15:58:27.0239 5352  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:58:27.0240 5352  WpdUsb - ok
15:58:27.0842 5352  [ 8E344C1B4FE7EDE0E9055405B9987862 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:58:28.0279 5352  WPFFontCache_v0400 - ok
15:58:28.0340 5352  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:58:28.0366 5352  ws2ifsl - ok
15:58:28.0395 5352  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\system32\wscsvc.dll
15:58:28.0397 5352  wscsvc - ok
15:58:28.0446 5352  [ DE5F5212AB34221DD1618B5FEFE8DB6C ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:58:28.0448 5352  WSDPrintDevice - ok
15:58:28.0452 5352  WSearch - ok
15:58:29.0300 5352  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:58:29.0557 5352  wuauserv - ok
15:58:29.0808 5352  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:58:29.0831 5352  WudfPf - ok
15:58:29.0957 5352  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:30.0176 5352  WUDFRd - ok
15:58:30.0306 5352  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:58:30.0402 5352  wudfsvc - ok
15:58:30.0666 5352  [ 2AE06B41B36549FABF0886B2AF89A599 ] yukonx64        C:\Windows\system32\DRIVERS\yk60x64.sys
15:58:30.0821 5352  yukonx64 - ok
15:58:30.0942 5352  ================ Scan global ===============================
15:58:31.0084 5352  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:58:31.0480 5352  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:58:32.0228 5352  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:58:32.0410 5352  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:58:32.0637 5352  [Global] - ok
15:58:32.0638 5352  ================ Scan MBR ==================================
15:58:32.0704 5352  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:58:39.0255 5352  \Device\Harddisk0\DR0 - ok
15:58:39.0255 5352  ================ Scan VBR ==================================
15:58:39.0534 5352  [ 8B033D701C25D85CA13DE9B4EFD898BD ] \Device\Harddisk0\DR0\Partition1
15:58:39.0661 5352  \Device\Harddisk0\DR0\Partition1 - ok
15:58:39.0739 5352  [ 1FEB59700548E2463CC7B693833E0320 ] \Device\Harddisk0\DR0\Partition2
15:58:39.0824 5352  \Device\Harddisk0\DR0\Partition2 - ok
15:58:39.0824 5352  ============================================================
15:58:39.0824 5352  Scan finished
15:58:39.0824 5352  ============================================================
15:58:39.0831 4484  Detected object count: 0
15:58:39.0831 4484  Actual detected object count: 0
15:59:19.0784 6880  Deinitialize success

Wieso laufen die Scanner nicht bei mir? Malwarebytes hat ja auch nicht funktioniert

Kaum zu glauben, MalwareBytes ist nun durchgelaufen. Es wurde nichts gefunden!

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.27.05

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Matze :: MATZEBOOK [administrator]

7/27/2013 9:18:41 PM
mbar-log-2013-07-27 (21-18-41).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 304398
Time elapsed: 17 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Ich habe mein Microsoft Visual Basic deinstalliert und nun konnte ich auch einen Quick-Scan mit aswMBR durchführen. Scheinbar keine Funde:

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-28 08:56:05
-----------------------------
08:56:05.863    OS Version: Windows x64 6.0.6002 Service Pack 2
08:56:05.863    Number of processors: 2 586 0x1706
08:56:05.864    ComputerName: MATZEBOOK  UserName: Matze
08:56:40.325    Initialize success
08:57:14.821    AVAST engine defs: 13072700
08:57:22.127    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:57:22.129    Disk 0 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
08:57:22.629    Disk 0 MBR read successfully
08:57:22.631    Disk 0 MBR scan
08:57:22.658    Disk 0 Windows VISTA default MBR code
08:57:22.661    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      125 MB offset 63
08:57:22.675    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10240 MB offset 258048
08:57:22.688    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       292317 MB offset 21229568
08:57:22.693    Disk 0 Partition - 00     0F Extended LBA              2560 MB offset 619896832
08:57:22.775    Disk 0 Partition 4 00     DD              MSDOS5.0     2559 MB offset 619898880
08:57:22.969    Disk 0 scanning C:\Windows\system32\drivers
08:57:47.151    Service scanning
08:59:26.548    Modules scanning
08:59:26.554    Disk 0 trace - called modules:
08:59:26.602    ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 
08:59:26.606    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006622640]
08:59:26.610    3 CLASSPNP.SYS[fffffa60012e3c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa80045ac050]
08:59:38.217    AVAST engine scan C:\Windows
08:59:57.722    AVAST engine scan C:\Windows\system32
09:11:35.822    AVAST engine scan C:\Windows\system32\drivers
09:12:38.894    AVAST engine scan C:\Users\Matze
13:02:25.705    AVAST engine scan C:\ProgramData
13:15:23.576    Scan finished successfully
13:17:02.014    Disk 0 MBR has been saved successfully to "C:\Users\Matze\Desktop\MBR.dat"
13:17:02.019    The log file has been saved successfully to "C:\Users\Matze\Desktop\aswMBR.txt"

cosinus · 28.07.2013, 22:29

Mal als Zwischenstand, was genau ist jetzt an Problemen noch offen?

matzepatze · 29.07.2013, 07:32

Ok! Also:

Die Kommandozeile funktioniert wieder reibungslos. AntiVir habe ich vorsichtshalber wieder installiert und dies funktioniert auch wieder tadellos.

Avast hat mit einem QuickScan nichts gefunden, bietet jedoch den FixMBR an. Ebenso hat TDsskiller und Malwarebytes nichts gefunden. Ich lasse gerade AntiVir nochmal über das gesamte Laufwerk suchen.

Was sollte noch gemacht werden?

cosinus · 29.07.2013, 11:30

Mit aswMBR bitte NICHTS machen!

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit Farbars Tool bitte:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

matzepatze · 29.07.2013, 17:25

So, hier die logs. Zuerst JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.7 (07.29.2013:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Matze on Mon 07/29/2013 at 17:28:43.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Successfully deleted: [File] C:\Users\Matze\AppData\Roaming\mozilla\firefox\profiles\82wuf84f.default\user.js
Emptied folder: C:\Users\Matze\AppData\Roaming\mozilla\firefox\profiles\82wuf84f.default\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/29/2013 at 17:37:06.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dann adwcleaner:

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 29/07/2013 um 17:45:49 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Matze - MATZEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Matze\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : APNMCP

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
Datei Gelöscht : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\searchplugins\11-suche.xml
Gelöscht mit Neustart : C:\Program Files (x86)\AskPartnerNetwork
Gelöscht mit Neustart : C:\ProgramData\AskPartnerNetwork
Gelöscht mit Neustart : C:\Users\Matthias\AppData\Local\Temp\APN
Gelöscht mit Neustart : C:\Users\Matze\AppData\Local\PackageAware
Gelöscht mit Neustart : C:\Users\Matze\AppData\Local\Temp\APN

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v14.0.1 (de)

Datei : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\a1923cqi.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1927 octets] - [29/07/2013 17:44:37]
AdwCleaner[S1].txt - [1901 octets] - [29/07/2013 17:45:49]

########## EOF - C:\AdwCleaner[S1].txt - [1961 octets] ##########

und zum Schluss noch FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Matze (administrator) on 29-07-2013 18:18:27
Running from C:\Users\Matze\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(Emsi Software GmbH) C:\Program Files (x86)\Online Armor\OAcat.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
( ) C:\Windows\system32\LMabcoms.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Dropbox, Inc.) C:\Users\Matze\AppData\Roaming\Dropbox\bin\Dropbox.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Users\Matze\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Matze\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Matze\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Matze\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Matze\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [271872 2008-07-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PSQLLauncher] - C:\Program Files\Protector Suite QL\launcher.exe [66824 2008-06-19] (UPEK Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [425984 2008-07-17] (IDT, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [165144 2008-10-13] (Acronis)
HKLM\...\Run: [SpywareTerminatorShield] - "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [x]
HKLM\...\Run: [SpywareTerminatorUpdater] - "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [x]
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2008-08-06] (Creative Technology Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4378000 2008-10-13] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [962480 2008-10-13] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] -  [x]
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {8CC1B7C0-3FDB-4368-82C6-F39F339FB180} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\XChangePDFViewer\PDF Viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\XChangePDFViewer\PDF Viewer\Win32\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{18BC9B2B-79BD-404A-8FF1-669714163C2B}: [NameServer]134.245.10.7,134.245.1.36

FireFox:
========
FF ProfilePath: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default
FF SelectedSearchEngine: foxsearch
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\XChangePDFViewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=0.9.9 - C:\Program Files (x86)\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Matze\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Matze\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Matze\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Matze\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TVU Web Player - C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\Extensions\firefox@tvunetworks.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: toolbar_AVIRA-V7 - C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\82wuf84f.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Matze\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Matze\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Matze\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Matze\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox351\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (Gutscheinmieze-Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe [86016 2008-07-17] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-28] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [1386320 2010-11-09] (Flexera Software, Inc.)
S3 BFE; C:\Windows\SysWow64\. [0 2013-07-29] ()
S4 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [691200 2009-03-03] (FileZilla Project)
S2 gupdate1c9a87df6fc8890; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-03-19] (Google Inc.)
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1044992 2009-09-25] ( )
S3 MpsSvc; C:\Windows\SysWow64\. [0 2013-07-29] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [210920 2012-06-04] (Emsi Software GmbH)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-11-08] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe [122880 2008-07-17] (IDT, Inc.)
S3 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4382968 2012-06-04] (Emsi Software GmbH)
S3 DeltaCopyService; "C:\Program Files (x86)\DeltaCopy\DCServce.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF9035BDA.sys [273088 2009-11-05] (AfaTech                  )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-07-28] (Avira Operations GmbH & Co. KG)
S3 mod7700; C:\Windows\System32\DRIVERS\dvb7700all.sys [865344 2009-11-02] (DiBcom)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [61624 2012-06-04] ()
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [61624 2012-06-04] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [61624 2012-06-04] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [61624 2012-06-04] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [40512 2012-06-04] (Emsisoft)
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [40512 2012-06-04] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2012-06-04] (Emsisoft)
R3 OEM02Dev; C:\Windows\System32\DRIVERS\OEM02Dev.sys [266624 2007-10-10] (Creative Technology Ltd.)
R3 OEM02Vfx; C:\Windows\System32\DRIVERS\OEM02Vfx.sys [12288 2008-08-06] (EyePower Games Pte. Ltd.)
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL64.SYS [141888 2006-04-20] (SafeNet, Inc.)
R1 sepdal; C:\Windows\System32\Drivers\sepdal.sys [16760 2011-12-26] (Intel Corporation)
R1 sepdal; C:\Windows\System32\Drivers\sepdal.sys [16760 2011-12-26] (Intel Corporation)
R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [237600 2009-06-03] (Acronis)
R0 tdrpman147; C:\Windows\System32\DRIVERS\tdrpm147.sys [1580576 2009-06-03] (Acronis)
S2 CAPI20; System32\Drivers\CAPI20.SYS [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S2 DETEWECP; \SystemRoot\System32\drivers\detewecp.sys [x]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]
S3 vpnva; system32\DRIVERS\vpnva64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 18:04 - 2013-07-29 18:12 - 00055162 _____ C:\Users\Matze\Downloads\FRST.txt
2013-07-29 17:59 - 2013-07-29 17:59 - 01780547 _____ (Farbar) C:\Users\Matze\Downloads\FRST64.exe
2013-07-29 17:46 - 2013-07-29 17:46 - 00000322 _____ C:\Windows\DeleteOnReboot.bat
2013-07-29 17:45 - 2013-07-29 17:46 - 00002030 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:44 - 2013-07-29 17:45 - 00001927 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00001412 _____ C:\Users\Matze\Desktop\JRT.txt
2013-07-29 17:25 - 2013-07-29 17:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:21 - 2013-07-29 17:21 - 01780547 _____ (Farbar) C:\Users\Matze\Desktop\FRST64 (1).exe
2013-07-29 17:20 - 2013-07-29 17:20 - 00666633 _____ C:\Users\Matze\Desktop\adwcleaner.exe
2013-07-29 17:17 - 2013-07-29 17:19 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Matze\Desktop\JRT (1).exe
2013-07-29 10:26 - 2013-07-29 10:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-28 13:17 - 2013-07-28 13:17 - 00002099 _____ C:\Users\Matze\Desktop\aswMBR.txt
2013-07-28 13:17 - 2013-07-28 13:17 - 00000512 _____ C:\Users\Matze\Desktop\MBR.dat
2013-07-28 08:47 - 2013-07-28 08:47 - 00015488 _____ C:\Users\Matze\AppData\Local\dd_vstor40_x64UI4858.txt
2013-07-28 08:46 - 2013-07-28 08:47 - 00502248 _____ C:\Users\Matze\AppData\Local\dd_vstor40_lp_x64_deuMSI47C2.txt
2013-07-28 08:46 - 2013-07-28 08:47 - 00014206 _____ C:\Users\Matze\AppData\Local\dd_vstor40_lp_x64_deuUI47C2.txt
2013-07-28 08:41 - 2013-07-28 08:41 - 00000000 ____D C:\Users\Matze\AppData\Roaming\Avira
2013-07-28 07:57 - 2013-07-28 07:57 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Avira
2013-07-28 07:56 - 2013-07-28 08:23 - 04745728 _____ (AVAST Software) C:\Users\Matthias\Desktop\aswMBR.exe
2013-07-28 07:55 - 2013-07-28 07:55 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Dell
2013-07-28 07:54 - 2013-07-28 07:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Adobe
2013-07-28 07:54 - 2013-07-28 07:54 - 00000000 ____D C:\Users\Matthias\AppData\Local\Macromedia
2013-07-28 07:53 - 2013-07-28 07:53 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Mozilla
2013-07-28 07:53 - 2013-07-28 07:53 - 00000000 ____D C:\Users\Matthias\AppData\Local\Mozilla
2013-07-28 07:52 - 2013-07-28 07:52 - 00166576 _____ C:\Users\Matthias\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-28 07:51 - 2013-07-28 07:51 - 00000000 ____D C:\Users\Matthias\AppData\Local\VirtualStore
2013-07-28 07:44 - 2013-07-28 07:44 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-28 07:44 - 2013-07-28 07:44 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-28 07:42 - 2013-07-28 07:42 - 00001863 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-28 07:42 - 2013-07-28 07:40 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-28 07:42 - 2013-07-28 07:40 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-28 07:42 - 2013-07-28 07:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-28 07:41 - 2013-07-28 07:42 - 00000000 ____D C:\ProgramData\Avira
2013-07-28 07:41 - 2013-07-28 07:41 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-28 07:31 - 2013-07-28 07:31 - 02092792 _____ C:\Users\Matze\Downloads\avira_free_antivirus (1).exe
2013-07-27 21:47 - 2013-07-27 21:49 - 04745728 _____ (AVAST Software) C:\Users\Matze\Desktop\aswMBR (1).exe
2013-07-27 21:16 - 2013-07-27 21:44 - 00000000 ____D C:\Users\Matze\Desktop\mbar
2013-07-27 21:14 - 2013-07-27 21:15 - 13399154 _____ C:\Users\Matze\Desktop\mbar-1.06.0.1004 (1).zip
2013-07-27 20:44 - 2013-07-27 20:44 - 00021004 _____ C:\ComboFix.txt
2013-07-27 19:39 - 2013-07-27 19:52 - 00040794 _____ C:\Users\Matze\Desktop\Addition.txt
2013-07-27 19:36 - 2013-07-27 19:36 - 00000000 ____D C:\FRST
2013-07-27 19:34 - 2013-07-27 19:35 - 01780815 _____ (Farbar) C:\Users\Matze\Desktop\FRST64.exe
2013-07-26 19:44 - 2013-07-26 19:45 - 04745728 _____ (AVAST Software) C:\Users\Matze\Downloads\aswMBR.exe
2013-07-26 19:44 - 2013-07-26 19:45 - 04745728 _____ (AVAST Software) C:\Users\Matze\Desktop\aswMBR.exe
2013-07-26 19:44 - 2013-07-26 19:45 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Matze\Desktop\tdsskiller.exe
2013-07-26 19:13 - 2013-07-26 19:13 - 00291360 _____ C:\Windows\Minidump\Mini072613-02.dmp
2013-07-26 19:08 - 2013-07-26 19:08 - 00000000 ____D C:\found.000
2013-07-26 07:45 - 2013-07-26 07:45 - 00284480 _____ C:\Windows\Minidump\Mini072613-01.dmp
2013-07-26 06:51 - 2013-07-27 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-26 06:35 - 2013-07-26 06:35 - 13399154 _____ C:\Users\Matze\Desktop\mbar-1.06.0.1004.zip
2013-07-25 23:18 - 2013-07-25 23:19 - 05093969 ____R (Swearware) C:\Users\Matze\Desktop\ComboFix.exe
2013-07-25 22:10 - 2013-07-27 20:45 - 00000000 ____D C:\Qoobox
2013-07-25 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-25 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-25 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-25 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-25 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-25 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-25 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-25 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-25 22:08 - 2013-07-27 20:17 - 00000000 ____D C:\Windows\erdnt
2013-07-25 19:39 - 2013-07-25 19:39 - 00005169 _____ C:\Users\Matze\Desktop\gmer.txt
2013-07-25 11:26 - 2013-07-25 11:27 - 00082956 _____ C:\Users\Matze\Desktop\Extras.Txt
2013-07-25 11:24 - 2013-07-25 21:47 - 00123888 _____ C:\Users\Matze\Desktop\OTL.Txt
2013-07-25 11:02 - 2013-07-25 11:02 - 00377856 _____ C:\Users\Matze\Downloads\gmer_2.1.19163.exe
2013-07-25 11:02 - 2013-07-25 11:02 - 00377856 _____ C:\Users\Matze\Desktop\gmer_2.1.19163.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00793536 _____ C:\Users\Matze\Downloads\ZipOpenerSetup.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Matze\Downloads\OTL.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Matze\Desktop\OTL.exe
2013-07-25 10:46 - 2013-07-25 10:46 - 00000472 _____ C:\Users\Matze\Desktop\defogger_disable.log
2013-07-25 10:46 - 2013-07-25 10:46 - 00000000 _____ C:\Users\Matze\defogger_reenable
2013-07-25 10:46 - 2013-07-25 10:45 - 00050477 _____ C:\Users\Matze\Desktop\Defogger.exe
2013-07-25 10:45 - 2013-07-25 10:45 - 00050477 _____ C:\Users\Matze\Downloads\Defogger.exe
2013-07-25 10:37 - 2013-07-25 10:37 - 00018532 _____ C:\Users\Matze\Desktop\hijackthis.log
2013-07-25 10:28 - 2013-07-25 10:28 - 00018028 _____ C:\Users\Matze\Downloads\hijackthis.log
2013-07-25 10:26 - 2013-07-25 10:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Matze\Downloads\HiJackThis204.exe
2013-07-25 09:58 - 2013-07-28 07:51 - 00000000 ____D C:\Users\Matthias
2013-07-25 09:58 - 2013-07-25 09:58 - 00000020 ___SH C:\Users\Matthias\ntuser.ini
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Vorlagen
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Startmenü
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Netzwerkumgebung
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Lokale Einstellungen
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Eigene Dateien
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Druckumgebung
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Musik
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Bilder
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Verlauf
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Anwendungsdaten
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Anwendungsdaten
2013-07-25 09:58 - 2012-06-25 03:09 - 00000000 ____D C:\Users\Matthias\Documents\Visual Studio 2010
2013-07-25 09:58 - 2009-05-17 10:29 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Macromedia
2013-07-25 09:58 - 2009-03-13 10:07 - 00000000 ____D C:\Users\Matthias\AppData\Local\Microsoft Help
2013-07-24 15:19 - 2013-07-24 15:19 - 00002347 _____ C:\Users\Matze\Downloads\Gmer.txt
2013-07-24 15:12 - 2013-07-24 15:12 - 00377856 _____ C:\Users\Matze\Downloads\itlggpf8.exe
2013-07-24 15:09 - 2013-07-24 15:09 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-24 15:07 - 2013-07-24 15:07 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Matze\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-22 03:01 - 2013-07-22 03:09 - 00000000 ____D C:\Windows\system32\MRT
2013-07-16 08:20 - 2013-07-15 15:34 - 00000508 _____ C:\Users\Matze\Desktop\_1_lhs_nitrate004.R
2013-07-15 22:46 - 2013-07-16 12:57 - 00011544 _____ C:\Users\Matze\Desktop\fert_var.R
2013-07-13 08:25 - 2013-07-13 08:25 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221889202-2462721696-489215793-1000Core1ce7f91cc2b5360.job
2013-07-12 20:00 - 2013-07-12 20:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f29b9dedbe0.job
2013-07-10 15:44 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 15:44 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 15:44 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 15:44 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 15:44 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 15:44 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-10 15:44 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-10 15:44 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 15:44 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 15:44 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-10 15:44 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-10 15:44 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 15:44 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 15:44 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 15:44 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-10 15:44 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 15:44 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 15:44 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 15:44 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 15:44 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-10 15:44 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 15:44 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 15:44 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-10 15:44 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 15:44 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-10 15:44 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-10 15:44 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 15:44 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 15:44 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 15:44 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 15:44 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-10 15:44 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 15:34 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 15:34 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 15:33 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 15:33 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 15:33 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 15:33 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-10 15:33 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-10 15:33 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-10 15:33 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-10 15:33 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-10 15:33 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-10 15:33 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-10 15:33 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-10 15:33 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-10 15:33 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-10 15:33 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-10 15:33 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 15:33 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-10 15:33 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-10 15:33 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-10 15:33 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-10 15:33 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-05 12:59 - 2013-07-05 15:22 - 00005142 _____ C:\Users\Matze\Desktop\nitrat_frachten_year_sub.R
2013-07-04 17:13 - 2013-07-04 17:13 - 00000000 ____D C:\Users\Matze\AppData\Roaming\Ilkid
2013-07-02 09:15 - 2013-07-02 09:15 - 00002255 _____ C:\Users\Matze\Desktop\nitrate_shape.R

==================== One Month Modified Files and Folders =======

2013-07-29 18:12 - 2013-07-29 18:04 - 00055162 _____ C:\Users\Matze\Downloads\FRST.txt
2013-07-29 18:03 - 2009-03-06 12:24 - 01116626 _____ C:\Windows\WindowsUpdate.log
2013-07-29 17:59 - 2013-07-29 17:59 - 01780547 _____ (Farbar) C:\Users\Matze\Downloads\FRST64.exe
2013-07-29 17:59 - 2011-10-10 11:04 - 00000000 ____D C:\Users\Matze\AppData\Roaming\Dropbox
2013-07-29 17:54 - 2011-10-10 11:08 - 00000000 ___RD C:\Users\Matze\Dropbox
2013-07-29 17:53 - 2009-03-10 17:48 - 00166968 _____ C:\Users\Matze\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-29 17:51 - 2009-03-11 10:36 - 00194597 _____ C:\ProgramData\nvModes.001
2013-07-29 17:51 - 2009-03-11 10:27 - 00194597 _____ C:\ProgramData\nvModes.dat
2013-07-29 17:50 - 2006-11-02 17:21 - 03172976 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-29 17:49 - 2008-01-21 05:26 - 00156772 _____ C:\Windows\PFRO.log
2013-07-29 17:49 - 2006-11-02 17:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:49 - 2006-11-02 17:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:47 - 2009-03-06 12:25 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-29 17:46 - 2013-07-29 17:46 - 00000322 _____ C:\Windows\DeleteOnReboot.bat
2013-07-29 17:46 - 2013-07-29 17:45 - 00002030 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:45 - 2013-07-29 17:44 - 00001927 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00001412 _____ C:\Users\Matze\Desktop\JRT.txt
2013-07-29 17:25 - 2013-07-29 17:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:21 - 2013-07-29 17:21 - 01780547 _____ (Farbar) C:\Users\Matze\Desktop\FRST64 (1).exe
2013-07-29 17:20 - 2013-07-29 17:20 - 00666633 _____ C:\Users\Matze\Desktop\adwcleaner.exe
2013-07-29 17:19 - 2013-07-29 17:17 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Matze\Desktop\JRT (1).exe
2013-07-29 10:26 - 2013-07-29 10:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-07-29 10:26 - 2009-03-10 17:46 - 00000000 ____D C:\Users\Matze
2013-07-29 09:22 - 2009-03-11 20:47 - 00123904 _____ C:\Users\Matze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-28 16:58 - 2009-03-23 20:07 - 00000000 ____D C:\Program Files\Jdownloader
2013-07-28 15:56 - 2010-05-03 08:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-28 15:56 - 2010-05-03 08:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-28 15:53 - 2011-01-11 21:29 - 00000000 ____D C:\Users\Matze\AppData\Roaming\TerraTec
2013-07-28 15:19 - 2010-03-08 12:23 - 00000000 ____D C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2013-07-28 14:29 - 2010-09-14 11:21 - 00000000 ____D C:\Users\Matze\AppData\Roaming\BirdieSync
2013-07-28 13:17 - 2013-07-28 13:17 - 00002099 _____ C:\Users\Matze\Desktop\aswMBR.txt
2013-07-28 13:17 - 2013-07-28 13:17 - 00000512 _____ C:\Users\Matze\Desktop\MBR.dat
2013-07-28 13:13 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\tracing
2013-07-28 08:49 - 2006-11-02 15:33 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-28 08:48 - 2012-06-21 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-07-28 08:47 - 2013-07-28 08:47 - 00015488 _____ C:\Users\Matze\AppData\Local\dd_vstor40_x64UI4858.txt
2013-07-28 08:47 - 2013-07-28 08:46 - 00502248 _____ C:\Users\Matze\AppData\Local\dd_vstor40_lp_x64_deuMSI47C2.txt
2013-07-28 08:47 - 2013-07-28 08:46 - 00014206 _____ C:\Users\Matze\AppData\Local\dd_vstor40_lp_x64_deuUI47C2.txt
2013-07-28 08:45 - 2012-06-21 12:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-07-28 08:41 - 2013-07-28 08:41 - 00000000 ____D C:\Users\Matze\AppData\Roaming\Avira
2013-07-28 08:23 - 2013-07-28 07:56 - 04745728 _____ (AVAST Software) C:\Users\Matthias\Desktop\aswMBR.exe
2013-07-28 07:57 - 2013-07-28 07:57 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Avira
2013-07-28 07:55 - 2013-07-28 07:55 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Dell
2013-07-28 07:54 - 2013-07-28 07:54 - 00000000 ____D C:\Users\Matthias\AppData\Local\Macromedia
2013-07-28 07:53 - 2013-07-28 07:53 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Mozilla
2013-07-28 07:53 - 2013-07-28 07:53 - 00000000 ____D C:\Users\Matthias\AppData\Local\Mozilla
2013-07-28 07:52 - 2013-07-28 07:52 - 00166576 _____ C:\Users\Matthias\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-28 07:51 - 2013-07-28 07:51 - 00000000 ____D C:\Users\Matthias\AppData\Local\VirtualStore
2013-07-28 07:51 - 2013-07-25 09:58 - 00000000 ____D C:\Users\Matthias
2013-07-28 07:44 - 2013-07-28 07:44 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-28 07:44 - 2013-07-28 07:44 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-28 07:42 - 2013-07-28 07:42 - 00001863 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-28 07:42 - 2013-07-28 07:41 - 00000000 ____D C:\ProgramData\Avira
2013-07-28 07:41 - 2013-07-28 07:41 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-28 07:40 - 2013-07-28 07:42 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-28 07:40 - 2013-07-28 07:42 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-28 07:40 - 2013-07-28 07:42 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-28 07:31 - 2013-07-28 07:31 - 02092792 _____ C:\Users\Matze\Downloads\avira_free_antivirus (1).exe
2013-07-27 21:49 - 2013-07-27 21:47 - 04745728 _____ (AVAST Software) C:\Users\Matze\Desktop\aswMBR (1).exe
2013-07-27 21:44 - 2013-07-27 21:16 - 00000000 ____D C:\Users\Matze\Desktop\mbar
2013-07-27 21:44 - 2013-07-26 06:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-27 21:15 - 2013-07-27 21:14 - 13399154 _____ C:\Users\Matze\Desktop\mbar-1.06.0.1004 (1).zip
2013-07-27 20:45 - 2013-07-25 22:10 - 00000000 ____D C:\Qoobox
2013-07-27 20:44 - 2013-07-27 20:44 - 00021004 _____ C:\ComboFix.txt
2013-07-27 20:21 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2013-07-27 20:17 - 2013-07-25 22:08 - 00000000 ____D C:\Windows\erdnt
2013-07-27 19:52 - 2013-07-27 19:39 - 00040794 _____ C:\Users\Matze\Desktop\Addition.txt
2013-07-27 19:36 - 2013-07-27 19:36 - 00000000 ____D C:\FRST
2013-07-27 19:35 - 2013-07-27 19:34 - 01780815 _____ (Farbar) C:\Users\Matze\Desktop\FRST64.exe
2013-07-27 18:35 - 2008-01-21 13:10 - 01776322 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-27 18:35 - 2008-01-21 13:09 - 00753028 _____ C:\Windows\system32\perfh007.dat
2013-07-27 18:35 - 2008-01-21 13:09 - 00174794 _____ C:\Windows\system32\perfc007.dat
2013-07-26 19:45 - 2013-07-26 19:44 - 04745728 _____ (AVAST Software) C:\Users\Matze\Downloads\aswMBR.exe
2013-07-26 19:45 - 2013-07-26 19:44 - 04745728 _____ (AVAST Software) C:\Users\Matze\Desktop\aswMBR.exe
2013-07-26 19:45 - 2013-07-26 19:44 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Matze\Desktop\tdsskiller.exe
2013-07-26 19:13 - 2013-07-26 19:13 - 00291360 _____ C:\Windows\Minidump\Mini072613-02.dmp
2013-07-26 19:13 - 2012-02-10 17:33 - 573082519 _____ C:\Windows\MEMORY.DMP
2013-07-26 19:13 - 2009-04-27 08:14 - 00000000 ____D C:\Windows\Minidump
2013-07-26 19:08 - 2013-07-26 19:08 - 00000000 ____D C:\found.000
2013-07-26 07:45 - 2013-07-26 07:45 - 00284480 _____ C:\Windows\Minidump\Mini072613-01.dmp
2013-07-26 06:35 - 2013-07-26 06:35 - 13399154 _____ C:\Users\Matze\Desktop\mbar-1.06.0.1004.zip
2013-07-25 23:19 - 2013-07-25 23:18 - 05093969 ____R (Swearware) C:\Users\Matze\Desktop\ComboFix.exe
2013-07-25 22:56 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default
2013-07-25 21:47 - 2013-07-25 11:24 - 00123888 _____ C:\Users\Matze\Desktop\OTL.Txt
2013-07-25 19:39 - 2013-07-25 19:39 - 00005169 _____ C:\Users\Matze\Desktop\gmer.txt
2013-07-25 11:27 - 2013-07-25 11:26 - 00082956 _____ C:\Users\Matze\Desktop\Extras.Txt
2013-07-25 11:02 - 2013-07-25 11:02 - 00377856 _____ C:\Users\Matze\Downloads\gmer_2.1.19163.exe
2013-07-25 11:02 - 2013-07-25 11:02 - 00377856 _____ C:\Users\Matze\Desktop\gmer_2.1.19163.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00793536 _____ C:\Users\Matze\Downloads\ZipOpenerSetup.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Matze\Downloads\OTL.exe
2013-07-25 11:01 - 2013-07-25 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Matze\Desktop\OTL.exe
2013-07-25 10:46 - 2013-07-25 10:46 - 00000472 _____ C:\Users\Matze\Desktop\defogger_disable.log
2013-07-25 10:46 - 2013-07-25 10:46 - 00000000 _____ C:\Users\Matze\defogger_reenable
2013-07-25 10:45 - 2013-07-25 10:46 - 00050477 _____ C:\Users\Matze\Desktop\Defogger.exe
2013-07-25 10:45 - 2013-07-25 10:45 - 00050477 _____ C:\Users\Matze\Downloads\Defogger.exe
2013-07-25 10:37 - 2013-07-25 10:37 - 00018532 _____ C:\Users\Matze\Desktop\hijackthis.log
2013-07-25 10:28 - 2013-07-25 10:28 - 00018028 _____ C:\Users\Matze\Downloads\hijackthis.log
2013-07-25 10:27 - 2013-07-25 10:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\Matze\Downloads\HiJackThis204.exe
2013-07-25 09:58 - 2013-07-25 09:58 - 00000020 ___SH C:\Users\Matthias\ntuser.ini
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Vorlagen
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Startmenü
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Netzwerkumgebung
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Lokale Einstellungen
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Eigene Dateien
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Druckumgebung
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Musik
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Documents\Eigene Bilder
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Verlauf
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\AppData\Local\Anwendungsdaten
2013-07-25 09:58 - 2013-07-25 09:58 - 00000000 _SHDL C:\Users\Matthias\Anwendungsdaten
2013-07-24 15:19 - 2013-07-24 15:19 - 00002347 _____ C:\Users\Matze\Downloads\Gmer.txt
2013-07-24 15:12 - 2013-07-24 15:12 - 00377856 _____ C:\Users\Matze\Downloads\itlggpf8.exe
2013-07-24 15:09 - 2013-07-24 15:09 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-24 15:07 - 2013-07-24 15:07 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Matze\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-24 08:06 - 2009-05-23 13:17 - 00001782 ____H C:\Users\Matze\Documents\Default.rdp
2013-07-22 03:09 - 2013-07-22 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 09:35 - 2012-11-19 20:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-21 09:35 - 2012-03-30 18:56 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 09:35 - 2011-12-07 21:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 09:05 - 2012-02-07 15:07 - 00000600 _____ C:\Users\Matze\AppData\Local\PUTTY.RND
2013-07-21 05:32 - 2009-04-16 19:47 - 00000680 _____ C:\Users\Matze\AppData\Local\d3d9caps.dat
2013-07-16 12:57 - 2013-07-15 22:46 - 00011544 _____ C:\Users\Matze\Desktop\fert_var.R
2013-07-15 15:34 - 2013-07-16 08:20 - 00000508 _____ C:\Users\Matze\Desktop\_1_lhs_nitrate004.R
2013-07-14 20:05 - 2013-04-25 12:45 - 00000000 ____D C:\Users\Matze\Desktop\indices_paper
2013-07-13 08:31 - 2013-05-16 09:01 - 00002044 _____ C:\Users\Matze\Desktop\Google Chrome.lnk
2013-07-13 08:25 - 2013-07-13 08:25 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221889202-2462721696-489215793-1000Core1ce7f91cc2b5360.job
2013-07-12 20:00 - 2013-07-12 20:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f29b9dedbe0.job
2013-07-12 09:31 - 2009-03-06 12:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 22:15 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-11 22:15 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 16:01 - 2009-03-11 09:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 08:45 - 2006-11-02 17:42 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-08 08:45 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-08 08:16 - 2012-09-04 12:42 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221889202-2462721696-489215793-1000UA.job
2013-07-08 08:00 - 2009-06-27 20:45 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-05 15:22 - 2013-07-05 12:59 - 00005142 _____ C:\Users\Matze\Desktop\nitrat_frachten_year_sub.R
2013-07-05 08:39 - 2012-04-27 09:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 18:11 - 2012-09-04 12:42 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-221889202-2462721696-489215793-1000UA
2013-07-04 18:11 - 2012-09-04 12:42 - 00003396 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-221889202-2462721696-489215793-1000Core
2013-07-04 17:13 - 2013-07-04 17:13 - 00000000 ____D C:\Users\Matze\AppData\Roaming\Ilkid
2013-07-04 12:46 - 2009-06-27 20:45 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-04 12:46 - 2009-06-27 20:45 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-02 16:29 - 2013-02-01 21:19 - 00000000 ____D C:\Users\Matze\Desktop\lowflow_paper
2013-07-02 14:27 - 2013-06-26 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-02 09:15 - 2013-07-02 09:15 - 00002255 _____ C:\Users\Matze\Desktop\nitrate_shape.R

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-29 18:07

==================== End Of Log ============================

--- --- ---

Sieht es schon besser aus?

cosinus · 29.07.2013, 22:52

Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

matzepatze · 31.07.2013, 20:03

So, hier nun endlich die finalen logs.

Zuerst Malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.30.03

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Matze :: MATZEBOOK [Administrator]

Schutz: Aktiviert

7/30/2013 7:18:34 AM
MBAM-log-2013-07-30 (16-12-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1578129
Laufzeit: 8 Stunde(n), 15 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\$RECYCLE.BIN\S-1-5-21-221889202-2462721696-489215793-1000\$RKLURQJ.zip (Trojan.Agent.CK) -> Keine Aktion durchgeführt.
C:\Users\Matze\Downloads\SoftonicDownloader_fuer_calibre.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.

(Ende)

Und dann noch Eset:

Code:

ATTFilter

C:\Users\Matze\Downloads\3b37ed.pdf	JS/Agent.NHZ trojan

cosinus · 31.07.2013, 23:36

Bitte den Müll in "Downloads" löschen und lass bitte in Zukunft die Finger von Softonic!

Außerdem bitte TFC ausführen:

TFC - Temp File Cleaner

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

26.07.2013, 18:33	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir Bitte die Logs on CODE-Tags posten! Hat MBAT etwas gefunden, konntest du das sehen? __________________ Logfiles bitte immer in CODE-Tags posten

26.07.2013, 19:09	#20
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir Wie versuchst du es zu deaktivieren? Es reicht, den Schirm zu schließen.... __________________ Logfiles bitte immer in CODE-Tags posten

26.07.2013, 19:25	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir Dann deinstalliere AntiVir erstmal. Sonst kommen wir nicht weiter. Wenn wir durch sind kann ein Virenscanner wieder rauf. __________________ Logfiles bitte immer in CODE-Tags posten

28.07.2013, 22:29	#24
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir Mal als Zwischenstand, was genau ist jetzt an Problemen noch offen? __________________ Logfiles bitte immer in CODE-Tags posten

Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir

Log-Analyse und Auswertung: Kommandozeile lässt sich nicht mehr öffnen, kein Zugriff auf AntiVir