Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Plagegeister aller Art und deren Bekämpfung: Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 02.02.2017, 12:27   #1
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Hallo Ihr Lieben,

Ihr konntet mir schonmal super helfen und ich hoffe dieses Mal auch.
Seit einigen Tagen spinnt mein Pc rum die Uhr ist ständig verstellt, beim hoch fahren kommt die Meldung Server ist ausgelastet...
Habe nun Spybot runtergeladen um zu gucken ob ich mir was eingefangen habe.
Das Programm hat auch was gefunden, aber sagt beim beheben das es nicht gesäubert werden kann....
Ich habe von sowas NULL Ahnung
Und hoffe das Ihr mir mit Euren Anweisungen etwas helfen könntet?!

Liebe Grüße und schonmal Danke

Alt 02.02.2017, 14:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Wenn was gefunden wurde musst du auch schon mal notieren was und dann hier posten!
__________________

__________________
Alt 02.02.2017, 19:10   #3
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Fund Avira: PUA/Montiera.T.2 er zeigt mir keinen Bericht dazu an oder ich bin einfach zu blöd ihn zu finden....

Wie kann ich die Log-Dateien von SpyBot anhängen und welche brauchst du?

Sorry für meine Inkompetenz
__________________
Alt 03.02.2017, 03:20   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Hallo und


+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?



Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.02.2017, 08:27   #5
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Guten Morgen
Ich hatte Malewarebytes drauf aber das hab ich wieder deinstalliert - ich finde leider nix mehr dazu, auch der Bericht von Avira zu dem Fund ist leer...

Code:
ATTFilter
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Processing	170202-103401.xml
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Babylon.Toolbar
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	DownloadSponsor
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Win32.Agent.ws
[i]	17-02-02 11:28:17	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 11:28:17	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Ahead Nero Burning Rom
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Internet Explorer
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Isobuster
[+]	17-02-02 11:28:18	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 11:28:35	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Management Console
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Media Player
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Direct3D
[i]	17-02-02 11:28:35	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Office 12.0
[+]	17-02-02 11:28:35	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 11:28:50	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 11:28:50		
[i]	17-02-02 11:28:50	Product	MS Office 12.0 (Access)
[+]	17-02-02 11:28:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 11:29:05	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows
[i]	17-02-02 11:29:05	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows.OpenWith
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows Explorer
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows Media SDK
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Cookie
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 11:29:20	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Cache
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Verlauf
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Summary	
[i]	17-02-02 11:29:20	Errors while cleaning	0
[i]	17-02-02 11:29:20	Files moved into quarantine	9
[i]	17-02-02 11:29:20	Files successfully cleaned	69
[-]	17-02-02 11:29:21		5 items are not yet cleaned from file 170202-103401.xml
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Processing	170202-103401.xml
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Babylon.Toolbar
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	DownloadSponsor
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Win32.Agent.ws
[i]	17-02-02 12:08:01	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:08:01	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Internet Explorer
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Isobuster
[+]	17-02-02 12:08:01	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:08:16	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Management Console
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Media Player
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Direct3D
[i]	17-02-02 12:08:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Office 12.0
[+]	17-02-02 12:08:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:08:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:08:29		
[i]	17-02-02 12:08:29	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:08:29	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:08:43	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows
[i]	17-02-02 12:08:43	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows.OpenWith
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows Explorer
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows Media SDK
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Cookie
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:08:57	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Cache
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Verlauf
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Summary	
[i]	17-02-02 12:08:57	Errors while cleaning	0
[i]	17-02-02 12:08:57	Files moved into quarantine	9
[i]	17-02-02 12:08:57	Files successfully cleaned	69
[-]	17-02-02 12:08:57		5 items are not yet cleaned from file 170202-103401.xml
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Processing	170202-103401.xml
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Babylon.Toolbar
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	DownloadSponsor
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Win32.Agent.ws
[i]	17-02-02 12:10:01	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:10:01	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Internet Explorer
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Isobuster
[+]	17-02-02 12:10:01	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:10:16	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Management Console
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Media Player
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Direct3D
[i]	17-02-02 12:10:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Office 12.0
[+]	17-02-02 12:10:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:10:30	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:10:30		
[i]	17-02-02 12:10:30	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:10:30	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:10:44	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows
[i]	17-02-02 12:10:44	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows.OpenWith
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows Explorer
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows Media SDK
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Cookie
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:10:58	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Cache
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Verlauf
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Summary	
[i]	17-02-02 12:10:58	Errors while cleaning	0
[i]	17-02-02 12:10:58	Files moved into quarantine	9
[i]	17-02-02 12:10:58	Files successfully cleaned	69
[-]	17-02-02 12:10:58		5 items are not yet cleaned from file 170202-103401.xml
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Processing	170202-103401.xml
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Babylon.Toolbar
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	DownloadSponsor
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Win32.Agent.ws
[i]	17-02-02 12:11:16	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:11:16	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Internet Explorer
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Isobuster
[+]	17-02-02 12:11:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:11:31	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Management Console
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Media Player
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Direct3D
[i]	17-02-02 12:11:31	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Office 12.0
[+]	17-02-02 12:11:31	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:11:45	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:11:45		
[i]	17-02-02 12:11:45	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:11:45	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:11:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows
[i]	17-02-02 12:11:59	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows.OpenWith
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows Explorer
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows Media SDK
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Cookie
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:12:14	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Cache
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Verlauf
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Summary	
[i]	17-02-02 12:12:14	Errors while cleaning	0
[i]	17-02-02 12:12:14	Files moved into quarantine	9
[i]	17-02-02 12:12:14	Files successfully cleaned	69
[-]	17-02-02 12:12:14		5 items are not yet cleaned from file 170202-103401.xml


Alt 03.02.2017, 08:28   #6
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Code:
ATTFilter
[i]	17-02-02 11:17:47		
[i]	17-02-02 11:17:47	Product	Babylon.Toolbar
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[+]	17-02-02 11:17:47	Moving into quarantine	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[+]	17-02-02 11:18:04	Successfully cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 11:18:04		
[i]	17-02-02 11:18:04	Product	DownloadSponsor
[+]	17-02-02 11:18:04	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[+]	17-02-02 11:18:04	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[+]	17-02-02 11:18:19	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[+]	17-02-02 11:18:19	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 11:18:19		
[i]	17-02-02 11:18:19	Product	Win32.Agent.ws
[+]	17-02-02 11:18:19	Moving into quarantine	C:\Users\Public\Documents\Server\hlp.dat
[+]	17-02-02 11:18:19	Moving into quarantine	C:\Users\Public\Documents\Server\
[+]	17-02-02 11:18:33	Successfully cleaned	C:\Users\Public\Documents\Server\hlp.dat
[+]	17-02-02 11:18:33	Successfully cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 11:18:33		
[i]	17-02-02 11:18:33	Product	Ahead Nero Burning Rom
[+]	17-02-02 11:18:33	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[+]	17-02-02 11:18:33	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[+]	17-02-02 11:18:47	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[+]	17-02-02 11:18:47	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 11:18:47		
[i]	17-02-02 11:18:47	Product	Internet Explorer
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:18:47	Moving into quarantine	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:19:01	Successfully cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:19:01		
[i]	17-02-02 11:19:01	Product	Isobuster
[+]	17-02-02 11:19:01	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 11:19:15	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 11:19:15		
[i]	17-02-02 11:19:15	Product	MS Management Console
[+]	17-02-02 11:19:15	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[+]	17-02-02 11:19:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 11:19:29		
[i]	17-02-02 11:19:29	Product	MS Media Player
[+]	17-02-02 11:19:29	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+]	17-02-02 11:19:43	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 11:19:43		
[i]	17-02-02 11:19:43	Product	MS Direct3D
[+]	17-02-02 11:19:43	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:43	Moving into quarantine	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:43	Moving into quarantine	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:57	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:57	Successfully cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:19:57	Successfully cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:19:57		
[i]	17-02-02 11:19:57	Product	MS Office 12.0
[+]	17-02-02 11:19:57	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 11:20:11	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 11:20:11		
[i]	17-02-02 11:20:11	Product	MS Office 12.0 (Access)
[+]	17-02-02 11:20:11	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 11:20:25	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 11:20:25		
[i]	17-02-02 11:20:25	Product	Windows
[+]	17-02-02 11:20:25	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+]	17-02-02 11:20:41	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 11:20:41		
[i]	17-02-02 11:20:41	Product	Windows.OpenWith
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[+]	17-02-02 11:20:41	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[+]	17-02-02 11:20:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[+]	17-02-02 11:21:00	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 11:21:00		
[i]	17-02-02 11:21:00	Product	Windows Explorer
[+]	17-02-02 11:21:00	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]	17-02-02 11:21:00	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+]	17-02-02 11:21:15	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]	17-02-02 11:21:15	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 11:21:15		
[i]	17-02-02 11:21:15	Product	Windows Media SDK
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:21:15	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:21:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 11:21:29		
[i]	17-02-02 11:21:29	Product	Cookie
[+]	17-02-02 11:21:29	Moving into quarantine	Internet Explorer (Benutzer) (Odel)Cookies
[+]	17-02-02 11:21:29	Moving into quarantine	Thunderbird (PE_C_PUBLIC (default))Cookies
[+]	17-02-02 11:21:38	Successfully cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[+]	17-02-02 11:21:39	Successfully cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 11:21:39		
[i]	17-02-02 11:21:39	Product	Cache
[+]	17-02-02 11:21:39	Moving into quarantine	Internet Explorer (Benutzer) (Odel)Cache
[+]	17-02-02 11:21:48	Successfully cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 11:21:48		
[i]	17-02-02 11:21:48	Product	Verlauf
[+]	17-02-02 11:21:48	Moving into quarantine	Internet Explorer (Benutzer) (Odel)History
[+]	17-02-02 11:21:58	Successfully cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 11:21:58		
[i]	17-02-02 11:21:58	Summary	
[i]	17-02-02 11:21:58	Errors while cleaning	0
[i]	17-02-02 11:21:58	Files moved into quarantine	65
[i]	17-02-02 11:21:58	Files successfully cleaned	65
[i]	17-02-02 11:17:45		
[i]	17-02-02 11:17:45	Product	Babylon.Toolbar
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[+]	17-02-02 11:21:58	Moving into quarantine	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[+]	17-02-02 11:22:12	Successfully cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 11:22:12		
[i]	17-02-02 11:22:12	Product	DownloadSponsor
[+]	17-02-02 11:22:12	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[+]	17-02-02 11:22:12	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[+]	17-02-02 11:22:26	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[+]	17-02-02 11:22:26	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 11:22:26		
[i]	17-02-02 11:22:26	Product	Win32.Agent.ws
[+]	17-02-02 11:22:26	Moving into quarantine	C:\Users\Public\Documents\Server\hlp.dat
[+]	17-02-02 11:22:26	Moving into quarantine	C:\Users\Public\Documents\Server\
[+]	17-02-02 11:22:40	Successfully cleaned	C:\Users\Public\Documents\Server\hlp.dat
[+]	17-02-02 11:22:40	Successfully cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 11:22:40		
[i]	17-02-02 11:22:40	Product	Ahead Nero Burning Rom
[+]	17-02-02 11:22:40	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[+]	17-02-02 11:22:40	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[+]	17-02-02 11:22:54	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[+]	17-02-02 11:22:54	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 11:22:54		
[i]	17-02-02 11:22:54	Product	Internet Explorer
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:22:54	Moving into quarantine	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+]	17-02-02 11:23:08	Successfully cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:23:08		
[i]	17-02-02 11:23:08	Product	Isobuster
[+]	17-02-02 11:23:08	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 11:23:22	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 11:23:22		
[i]	17-02-02 11:23:22	Product	MS Management Console
[+]	17-02-02 11:23:22	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[+]	17-02-02 11:23:37	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 11:23:37		
[i]	17-02-02 11:23:37	Product	MS Media Player
[+]	17-02-02 11:23:37	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+]	17-02-02 11:23:51	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 11:23:51		
[i]	17-02-02 11:23:51	Product	MS Direct3D
[+]	17-02-02 11:23:51	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:23:51	Moving into quarantine	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:23:51	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:23:51	Moving into quarantine	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:24:05	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:24:05	Successfully cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:24:05	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	17-02-02 11:24:05	Successfully cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:24:05		
[i]	17-02-02 11:24:05	Product	MS Office 12.0
[+]	17-02-02 11:24:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 11:24:19	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 11:24:19		
[i]	17-02-02 11:24:19	Product	MS Office 12.0 (Access)
[+]	17-02-02 11:24:19	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 11:24:33	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 11:24:33		
[i]	17-02-02 11:24:33	Product	Windows
[+]	17-02-02 11:24:33	Moving into quarantine	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+]	17-02-02 11:24:50	Successfully cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 11:24:50		
[i]	17-02-02 11:24:50	Product	Windows.OpenWith
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[+]	17-02-02 11:24:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[+]	17-02-02 11:25:08	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 11:25:08		
[i]	17-02-02 11:25:08	Product	Windows Explorer
[+]	17-02-02 11:25:10	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]	17-02-02 11:25:10	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+]	17-02-02 11:25:26	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+]	17-02-02 11:25:26	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 11:25:26		
[i]	17-02-02 11:25:26	Product	Windows Media SDK
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:25:26	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:25:41	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 11:25:41		
[i]	17-02-02 11:25:41	Product	Cookie
[+]	17-02-02 11:25:41	Moving into quarantine	Internet Explorer (Benutzer) (Odel)Cookies
[+]	17-02-02 11:25:41	Moving into quarantine	Thunderbird (PE_C_PUBLIC (default))Cookies
[+]	17-02-02 11:25:51	Successfully cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[+]	17-02-02 11:25:51	Successfully cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 11:25:51		
[i]	17-02-02 11:25:51	Product	Cache
[+]	17-02-02 11:25:51	Moving into quarantine	Internet Explorer (Benutzer) (Odel)Cache
[+]	17-02-02 11:26:01	Successfully cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 11:26:01		
[i]	17-02-02 11:26:01	Product	Verlauf
[+]	17-02-02 11:26:01	Moving into quarantine	Internet Explorer (Benutzer) (Odel)History
[+]	17-02-02 11:26:43	Successfully cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 11:26:43		
[i]	17-02-02 11:26:43	Summary	
[i]	17-02-02 11:26:43	Errors while cleaning	0
[i]	17-02-02 11:26:43	Files moved into quarantine	65
[i]	17-02-02 11:26:43	Files successfully cleaned	65
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Babylon.Toolbar
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 11:28:17	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	DownloadSponsor
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Win32.Agent.ws
[i]	17-02-02 11:28:17	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 11:28:17	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Ahead Nero Burning Rom
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Internet Explorer
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 11:28:17		
[i]	17-02-02 11:28:17	Product	Isobuster
[+]	17-02-02 11:28:18	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 11:28:35	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Management Console
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Media Player
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Direct3D
[i]	17-02-02 11:28:35	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 11:28:35		
[i]	17-02-02 11:28:35	Product	MS Office 12.0
[+]	17-02-02 11:28:35	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 11:28:50	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 11:28:50		
[i]	17-02-02 11:28:50	Product	MS Office 12.0 (Access)
[+]	17-02-02 11:28:50	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 11:29:05	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows
[i]	17-02-02 11:29:05	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows.OpenWith
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows Explorer
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 11:29:05		
[i]	17-02-02 11:29:05	Product	Windows Media SDK
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 11:29:05	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:05	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 11:29:20	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Cookie
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 11:29:20	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Cache
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Product	Verlauf
[i]	17-02-02 11:29:20	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 11:29:20		
[i]	17-02-02 11:29:20	Summary	
[i]	17-02-02 11:29:20	Errors while cleaning	0
[i]	17-02-02 11:29:20	Files moved into quarantine	9
[i]	17-02-02 11:29:20	Files successfully cleaned	69
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Babylon.Toolbar
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:08:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	DownloadSponsor
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Win32.Agent.ws
[i]	17-02-02 12:08:01	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:08:01	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Internet Explorer
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:08:01		
[i]	17-02-02 12:08:01	Product	Isobuster
[+]	17-02-02 12:08:01	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:08:16	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Management Console
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Media Player
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Direct3D
[i]	17-02-02 12:08:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:08:16		
[i]	17-02-02 12:08:16	Product	MS Office 12.0
[+]	17-02-02 12:08:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:08:29	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:08:29		
[i]	17-02-02 12:08:29	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:08:29	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:08:43	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows
[i]	17-02-02 12:08:43	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows.OpenWith
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows Explorer
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:08:43		
[i]	17-02-02 12:08:43	Product	Windows Media SDK
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:08:43	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:43	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:08:57	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Cookie
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:08:57	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Cache
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Product	Verlauf
[i]	17-02-02 12:08:57	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:08:57		
[i]	17-02-02 12:08:57	Summary	
[i]	17-02-02 12:08:57	Errors while cleaning	0
[i]	17-02-02 12:08:57	Files moved into quarantine	9
[i]	17-02-02 12:08:57	Files successfully cleaned	69
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Babylon.Toolbar
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:10:01	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	DownloadSponsor
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Win32.Agent.ws
[i]	17-02-02 12:10:01	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:10:01	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Internet Explorer
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:10:01		
[i]	17-02-02 12:10:01	Product	Isobuster
[+]	17-02-02 12:10:01	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:10:16	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Management Console
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Media Player
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Direct3D
[i]	17-02-02 12:10:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:10:16		
[i]	17-02-02 12:10:16	Product	MS Office 12.0
[+]	17-02-02 12:10:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:10:30	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:10:30		
[i]	17-02-02 12:10:30	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:10:30	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:10:44	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows
[i]	17-02-02 12:10:44	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows.OpenWith
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows Explorer
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:10:44		
[i]	17-02-02 12:10:44	Product	Windows Media SDK
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:10:44	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:44	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:10:58	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Cookie
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:10:58	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Cache
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Product	Verlauf
[i]	17-02-02 12:10:58	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:10:58		
[i]	17-02-02 12:10:58	Summary	
[i]	17-02-02 12:10:58	Errors while cleaning	0
[i]	17-02-02 12:10:58	Files moved into quarantine	9
[i]	17-02-02 12:10:58	Files successfully cleaned	69
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Babylon.Toolbar
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
[i]	17-02-02 12:11:16	Already cleaned	HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	DownloadSponsor
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Win32.Agent.ws
[i]	17-02-02 12:11:16	Already cleaned	C:\Users\Public\Documents\Server\hlp.dat
[i]	17-02-02 12:11:16	Already cleaned	C:\Users\Public\Documents\Server\
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Ahead Nero Burning Rom
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Internet Explorer
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i]	17-02-02 12:11:16		
[i]	17-02-02 12:11:16	Product	Isobuster
[+]	17-02-02 12:11:16	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[+]	17-02-02 12:11:31	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Management Console
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Media Player
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Direct3D
[i]	17-02-02 12:11:31	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31	Already cleaned	HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	17-02-02 12:11:31		
[i]	17-02-02 12:11:31	Product	MS Office 12.0
[+]	17-02-02 12:11:31	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[+]	17-02-02 12:11:45	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
[i]	17-02-02 12:11:45		
[i]	17-02-02 12:11:45	Product	MS Office 12.0 (Access)
[+]	17-02-02 12:11:45	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[+]	17-02-02 12:11:59	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows
[i]	17-02-02 12:11:59	Already cleaned	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows.OpenWith
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows Explorer
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	17-02-02 12:11:59		
[i]	17-02-02 12:11:59	Product	Windows Media SDK
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[i]	17-02-02 12:11:59	Already cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:11:59	Moving into quarantine	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	17-02-02 12:12:14	Successfully cleaned	HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Cookie
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)Cookies
[i]	17-02-02 12:12:14	Already cleaned	Thunderbird (PE_C_PUBLIC (default))Cookies
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Cache
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)Cache
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Product	Verlauf
[i]	17-02-02 12:12:14	Already cleaned	Internet Explorer (Benutzer) (Odel)History
[i]	17-02-02 12:12:14		
[i]	17-02-02 12:12:14	Summary	
[i]	17-02-02 12:12:14	Errors while cleaning	0
[i]	17-02-02 12:12:14	Files moved into quarantine	9
[i]	17-02-02 12:12:14	Files successfully cleaned	69

Alt 03.02.2017, 08:31   #7
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Code:
ATTFilter
Search results from Spybot - Search & Destroy

02.02.2017 09:45:25
Scan took 00:00:00.
0 items found.


--- Spybot - Search & Destroy version: 2.6.44.134  DLL (build: 20160321) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2016-03-21 SDCleaner.exe (2.6.44.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2016-03-21 SDImmunize.exe (2.6.44.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2016-03-21 SDScan.exe (2.6.44.181)
2014-06-24 SDScript.exe (2.4.40.54)
2016-03-21 SDSettings.exe (2.6.44.141)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2016-09-21 SDUpdSvc.exe (2.5.44.79)
2014-06-24 SDWelcome.exe (2.4.40.130)
2016-11-24 SDWSCSvc.exe (2.5.55.3)
2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0)
2016-11-30 spybotsd2-install-wsc-update-a.exe (2.6.52.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2016-09-21 spybotsd2-updater-update.exe (2.6.52.0)
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2017-02-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2016-03-21 DelZip192.dll (1.9.2.132)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2016-03-21 SDScanLibrary.dll (2.6.44.134)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2016-10-28 Includes\Adware-000.sbi
2015-08-05 Includes\Adware-001.sbi
2017-01-25 Includes\Adware-C.sbi
2014-01-13 Includes\Adware.sbi
2014-01-13 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi
2014-11-14 Includes\Dialer-000.sbi
2014-11-14 Includes\Dialer-001.sbi
2016-11-16 Includes\Dialer-C.sbi
2014-01-13 Includes\Dialer.sbi
2014-01-13 Includes\DialerC.sbi
2014-01-09 Includes\Fraud-000.sbi
2017-01-30 Includes\Fraud-001.sbi
2014-03-31 Includes\Fraud-002.sbi
2016-07-06 Includes\Fraud-003.sbi
2012-11-14 Includes\HeavyDuty.sbi
2014-11-14 Includes\Hijackers-000.sbi
2014-11-14 Includes\Hijackers-001.sbi
2016-11-09 Includes\Hijackers-C.sbi
2014-01-13 Includes\Hijackers.sbi
2014-01-13 Includes\HijackersC.sbi
2014-01-08 Includes\iPhone-000.sbi
2014-01-08 Includes\iPhone.sbi
2016-05-27 Includes\Keyloggers-000.sbi
2017-02-01 Includes\Keyloggers-C.sbi
2014-01-13 Includes\Keyloggers.sbi
2014-01-13 Includes\KeyloggersC.sbi
2015-06-25 Includes\Malware-000.sbi
2014-11-14 Includes\Malware-001.sbi
2016-06-14 Includes\Malware-002.sbi
2016-11-07 Includes\Malware-003.sbi
2014-11-14 Includes\Malware-004.sbi
2014-11-14 Includes\Malware-005.sbi
2014-02-26 Includes\Malware-006.sbi
2014-01-09 Includes\Malware-007.sbi
2017-02-01 Includes\Malware-C.sbi
2014-01-13 Includes\Malware.sbi
2013-12-23 Includes\MalwareC.sbi
2014-11-14 Includes\PUPS-000.sbi
2014-01-15 Includes\PUPS-001.sbi
2014-01-15 Includes\PUPS-002.sbi
2017-02-01 Includes\PUPS-C.sbi
2012-11-14 Includes\PUPS.sbi
2014-01-07 Includes\PUPSC.sbi
2014-01-08 Includes\Security-000.sbi
2015-12-02 Includes\Security-C.sbi
2014-01-21 Includes\Security.sbi
2014-01-21 Includes\SecurityC.sbi
2015-11-11 Includes\Spyware-000.sbi
2015-05-06 Includes\Spyware-001.sbi
2016-08-10 Includes\Spyware-C.sbi
2014-01-21 Includes\Spyware.sbi
2014-01-21 Includes\SpywareC.sbi
2011-06-07 Includes\Tracks.sbi
2012-11-19 Includes\Tracks.uti
2014-01-15 Includes\Trojans-000.sbi
2014-01-15 Includes\Trojans-001.sbi
2014-11-14 Includes\Trojans-002.sbi
2016-01-20 Includes\Trojans-003.sbi
2014-01-15 Includes\Trojans-004.sbi
2014-03-19 Includes\Trojans-005.sbi
2015-03-31 Includes\Trojans-006.sbi
2014-01-15 Includes\Trojans-007.sbi
2014-07-09 Includes\Trojans-008.sbi
2014-07-09 Includes\Trojans-009.sbi
2017-02-01 Includes\Trojans-C.sbi
2014-01-15 Includes\Trojans-OG-000.sbi
2014-01-15 Includes\Trojans-TD-000.sbi
2014-01-15 Includes\Trojans-VM-000.sbi
2014-01-15 Includes\Trojans-VM-001.sbi
2014-01-15 Includes\Trojans-VM-002.sbi
2014-01-15 Includes\Trojans-VM-003.sbi
2014-01-15 Includes\Trojans-VM-004.sbi
2014-01-15 Includes\Trojans-VM-005.sbi
2014-01-15 Includes\Trojans-VM-006.sbi
2014-01-15 Includes\Trojans-VM-007.sbi
2014-01-15 Includes\Trojans-VM-008.sbi
2014-01-15 Includes\Trojans-VM-009.sbi
2014-01-15 Includes\Trojans-VM-010.sbi
2014-01-15 Includes\Trojans-VM-011.sbi
2014-01-15 Includes\Trojans-VM-012.sbi
2014-01-15 Includes\Trojans-VM-013.sbi
2014-01-15 Includes\Trojans-VM-014.sbi
2014-01-15 Includes\Trojans-VM-015.sbi
2014-01-15 Includes\Trojans-VM-016.sbi
2014-01-15 Includes\Trojans-VM-017.sbi
2014-01-15 Includes\Trojans-VM-018.sbi
2014-01-15 Includes\Trojans-VM-019.sbi
2014-01-15 Includes\Trojans-VM-020.sbi
2014-01-15 Includes\Trojans-VM-021.sbi
2014-01-15 Includes\Trojans-VM-022.sbi
2014-01-15 Includes\Trojans-VM-023.sbi
2014-01-15 Includes\Trojans-VM-024.sbi
2014-01-15 Includes\Trojans-ZB-000.sbi
2016-02-03 Includes\Trojans-ZL-000.sbi
2014-01-09 Includes\Trojans.sbi
2014-01-16 Includes\TrojansC-01.sbi
2014-01-16 Includes\TrojansC-02.sbi
2014-01-16 Includes\TrojansC-03.sbi
2014-01-16 Includes\TrojansC-04.sbi
2014-01-16 Includes\TrojansC-05.sbi
2014-01-09 Includes\TrojansC.sbi
Code:
ATTFilter
Search results from Spybot - Search & Destroy

02.02.2017 10:18:43
Scan took 00:33:11.
66 items found.

Babylon.Toolbar: [SBI $E0B59C7B] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $295D1CA8] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $6E59B901] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $7FCAFBEE] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $3BE29F71] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $2059D587] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $9230BC9B] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
  Category=PUPS
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
  Category=PUPS
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Win32.Agent.ws: [SBI $977BE0A9]  Data (File, nothing done)
  C:\Users\Public\Documents\Server\hlp.dat
  Category=Trojans
  ThreatLevel=10
  Weblink=hxxp://forums.spybot.info/showthread.php?50092
  Properties.size=36635
  Properties.md5=5C672206325FF7B7108A8F731C7797D6
  Properties.filedate=1247537777
  Properties.filedatetext=2009-07-14 02:16:17

Win32.Agent.ws: [SBI $45460E92] Program directory (Directory, nothing done)
  C:\Users\Public\Documents\Server\
  Category=Trojans
  ThreatLevel=10
  Weblink=hxxp://forums.spybot.info/showthread.php?50092
  Directory.subfile=C:\Users\Public\Documents\Server\hlp.dat
  Directory.subfile.size=36635
  Directory.subfile.md5=5C672206325FF7B7108A8F731C7797D6
  Directory.subfile.filedate=1247537777
  Directory.subfile.filedatetext=2009-07-14 02:16:17

Ahead Nero Burning Rom: [SBI $0D846EDB] Compilation directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Ahead Nero Burning Rom: [SBI $505FB952] Last Audio directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Office 12.0 (Access): [SBI $5FED5527] Recent Used DB Date #1 (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $787DC1A1] Open with list - .001 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $CDA7015F] Open with list - .ABS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $8CA07DDC] Open with list - .ADB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $647A8E01] Open with list - .AP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $DCEE25EC] Open with list - .BAK extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $C8454735] Open with list - .BIF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $C92C6763] Open with list - .BUP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $3A470490] Open with list - .CCF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $7681FFE3] Open with list - .CDR extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $B6B2B96E] Open with list - .CHM extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $49804B54] Browser: Cache (24) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Verlauf: [SBI $49804B54] Browser: History (9) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Verlauf: [SBI $49804B54] Browser: History (82) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54


--- Spybot - Search & Destroy version: 2.6.44.134  DLL (build: 20160321) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2016-03-21 SDCleaner.exe (2.6.44.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2016-03-21 SDImmunize.exe (2.6.44.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2016-03-21 SDScan.exe (2.6.44.181)
2014-06-24 SDScript.exe (2.4.40.54)
2016-03-21 SDSettings.exe (2.6.44.141)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2016-09-21 SDUpdSvc.exe (2.5.44.79)
2014-06-24 SDWelcome.exe (2.4.40.130)
2016-11-24 SDWSCSvc.exe (2.5.55.3)
2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0)
2016-11-30 spybotsd2-install-wsc-update-a.exe (2.6.52.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2016-09-21 spybotsd2-updater-update.exe (2.6.52.0)
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2017-02-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2016-03-21 DelZip192.dll (1.9.2.132)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2016-03-21 SDScanLibrary.dll (2.6.44.134)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2016-10-28 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2017-01-25 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2016-11-16 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2016-11-09 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2017-02-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2016-11-07 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2017-02-01 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2017-02-01 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2017-02-01 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Code:
ATTFilter
Search results from Spybot - Search & Destroy

02.02.2017 11:15:52
Scan took 00:41:48.
65 items found.

Babylon.Toolbar: [SBI $E0B59C7B] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $295D1CA8] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $6E59B901] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $7FCAFBEE] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\BabylonTC.EXE
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $3BE29F71] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $2059D587] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{3718D0AF-A3B8-4F5E-86F3-FAD8D02043BE}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $9230BC9B] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{78868069-5D96-4B47-BE52-3D625EE3D7CB}
  Category=Adware
  ThreatLevel=3
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\lastPID
  Category=PUPS
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\OCS\PID
  Category=PUPS
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Win32.Agent.ws: [SBI $977BE0A9]  Data (File, nothing done)
  C:\Users\Public\Documents\Server\hlp.dat
  Category=Trojans
  ThreatLevel=10
  Weblink=hxxp://forums.spybot.info/showthread.php?50092
  Properties.size=36635
  Properties.md5=5C672206325FF7B7108A8F731C7797D6
  Properties.filedate=1247537777
  Properties.filedatetext=2009-07-14 02:16:17

Win32.Agent.ws: [SBI $45460E92] Program directory (Directory, nothing done)
  C:\Users\Public\Documents\Server\
  Category=Trojans
  ThreatLevel=10
  Weblink=hxxp://forums.spybot.info/showthread.php?50092
  Directory.subfile=C:\Users\Public\Documents\Server\hlp.dat
  Directory.subfile.size=36635
  Directory.subfile.md5=5C672206325FF7B7108A8F731C7797D6
  Directory.subfile.filedate=1247537777
  Directory.subfile.filedatetext=2009-07-14 02:16:17

Ahead Nero Burning Rom: [SBI $0D846EDB] Compilation directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Ahead Nero Burning Rom: [SBI $505FB952] Last Audio directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\ahead\Nero - Burning Rom\General\OFDLastAudioDir
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Smart Projects\IsoBuster\LastSavedPath
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Microsoft Management Console\Recent File List
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

MS Office 12.0 (Access): [SBI $5FED5527] Recent Used DB Date #1 (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $787DC1A1] Open with list - .001 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $CDA7015F] Open with list - .ABS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ABS\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $8CA07DDC] Open with list - .ADB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADB\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $647A8E01] Open with list - .AP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $DCEE25EC] Open with list - .BAK extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $C8454735] Open with list - .BIF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $C92C6763] Open with list - .BUP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $3A470490] Open with list - .CCF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $7681FFE3] Open with list - .CDR extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDR\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $B6B2B96E] Open with list - .CHM extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CHM\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $49804B54] Browser: Cache (24) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Verlauf: [SBI $49804B54] Browser: History (9) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=hxxp://forums.spybot.info/forumdisplay.php?54


--- Spybot - Search & Destroy version: 2.6.44.134  DLL (build: 20160321) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2016-03-21 SDCleaner.exe (2.6.44.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2016-03-21 SDImmunize.exe (2.6.44.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2016-03-21 SDScan.exe (2.6.44.181)
2014-06-24 SDScript.exe (2.4.40.54)
2016-03-21 SDSettings.exe (2.6.44.141)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2016-09-21 SDUpdSvc.exe (2.5.44.79)
2014-06-24 SDWelcome.exe (2.4.40.130)
2016-11-24 SDWSCSvc.exe (2.5.55.3)
2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0)
2016-11-30 spybotsd2-install-wsc-update-a.exe (2.6.52.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2016-09-21 spybotsd2-updater-update.exe (2.6.52.0)
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2017-02-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2016-03-21 DelZip192.dll (1.9.2.132)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2016-03-21 SDScanLibrary.dll (2.6.44.134)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2016-10-28 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2017-01-25 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2016-11-16 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2016-11-09 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2017-02-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2016-11-07 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2017-02-01 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2017-02-01 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2017-02-01 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Code:
ATTFilter
Search results from Spybot - Search & Destroy

02.02.2017 12:29:20
Scan took 00:00:13.
0 items found.


--- Spybot - Search & Destroy version: 2.6.44.134  DLL (build: 20160321) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2016-03-21 SDCleaner.exe (2.6.44.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2016-03-21 SDImmunize.exe (2.6.44.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2016-03-21 SDScan.exe (2.6.44.181)
2014-06-24 SDScript.exe (2.4.40.54)
2016-03-21 SDSettings.exe (2.6.44.141)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2016-09-21 SDUpdSvc.exe (2.5.44.79)
2014-06-24 SDWelcome.exe (2.4.40.130)
2016-11-24 SDWSCSvc.exe (2.5.55.3)
2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0)
2016-11-30 spybotsd2-install-wsc-update-a.exe (2.6.52.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2016-09-21 spybotsd2-updater-update.exe (2.6.52.0)
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2017-02-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2016-03-21 DelZip192.dll (1.9.2.132)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2016-03-21 SDScanLibrary.dll (2.6.44.134)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2016-10-28 Includes\Adware-000.sbi
2015-08-05 Includes\Adware-001.sbi
2017-01-25 Includes\Adware-C.sbi
2014-01-13 Includes\Adware.sbi
2014-01-13 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi
2014-11-14 Includes\Dialer-000.sbi
2014-11-14 Includes\Dialer-001.sbi
2016-11-16 Includes\Dialer-C.sbi
2014-01-13 Includes\Dialer.sbi
2014-01-13 Includes\DialerC.sbi
2014-01-09 Includes\Fraud-000.sbi
2017-01-30 Includes\Fraud-001.sbi
2014-03-31 Includes\Fraud-002.sbi
2016-07-06 Includes\Fraud-003.sbi
2012-11-14 Includes\HeavyDuty.sbi
2014-11-14 Includes\Hijackers-000.sbi
2014-11-14 Includes\Hijackers-001.sbi
2016-11-09 Includes\Hijackers-C.sbi
2014-01-13 Includes\Hijackers.sbi
2014-01-13 Includes\HijackersC.sbi
2014-01-08 Includes\iPhone-000.sbi
2014-01-08 Includes\iPhone.sbi
2016-05-27 Includes\Keyloggers-000.sbi
2017-02-01 Includes\Keyloggers-C.sbi
2014-01-13 Includes\Keyloggers.sbi
2014-01-13 Includes\KeyloggersC.sbi
2015-06-25 Includes\Malware-000.sbi
2014-11-14 Includes\Malware-001.sbi
2016-06-14 Includes\Malware-002.sbi
2016-11-07 Includes\Malware-003.sbi
2014-11-14 Includes\Malware-004.sbi
2014-11-14 Includes\Malware-005.sbi
2014-02-26 Includes\Malware-006.sbi
2014-01-09 Includes\Malware-007.sbi
2017-02-01 Includes\Malware-C.sbi
2014-01-13 Includes\Malware.sbi
2013-12-23 Includes\MalwareC.sbi
2014-11-14 Includes\PUPS-000.sbi
2014-01-15 Includes\PUPS-001.sbi
2014-01-15 Includes\PUPS-002.sbi
2017-02-01 Includes\PUPS-C.sbi
2012-11-14 Includes\PUPS.sbi
2014-01-07 Includes\PUPSC.sbi
2014-01-08 Includes\Security-000.sbi
2015-12-02 Includes\Security-C.sbi
2014-01-21 Includes\Security.sbi
2014-01-21 Includes\SecurityC.sbi
2015-11-11 Includes\Spyware-000.sbi
2015-05-06 Includes\Spyware-001.sbi
2016-08-10 Includes\Spyware-C.sbi
2014-01-21 Includes\Spyware.sbi
2014-01-21 Includes\SpywareC.sbi
2011-06-07 Includes\Tracks.sbi
2012-11-19 Includes\Tracks.uti
2014-01-15 Includes\Trojans-000.sbi
2014-01-15 Includes\Trojans-001.sbi
2014-11-14 Includes\Trojans-002.sbi
2016-01-20 Includes\Trojans-003.sbi
2014-01-15 Includes\Trojans-004.sbi
2014-03-19 Includes\Trojans-005.sbi
2015-03-31 Includes\Trojans-006.sbi
2014-01-15 Includes\Trojans-007.sbi
2014-07-09 Includes\Trojans-008.sbi
2014-07-09 Includes\Trojans-009.sbi
2017-02-01 Includes\Trojans-C.sbi
2014-01-15 Includes\Trojans-OG-000.sbi
2014-01-15 Includes\Trojans-TD-000.sbi
2014-01-15 Includes\Trojans-VM-000.sbi
2014-01-15 Includes\Trojans-VM-001.sbi
2014-01-15 Includes\Trojans-VM-002.sbi
2014-01-15 Includes\Trojans-VM-003.sbi
2014-01-15 Includes\Trojans-VM-004.sbi
2014-01-15 Includes\Trojans-VM-005.sbi
2014-01-15 Includes\Trojans-VM-006.sbi
2014-01-15 Includes\Trojans-VM-007.sbi
2014-01-15 Includes\Trojans-VM-008.sbi
2014-01-15 Includes\Trojans-VM-009.sbi
2014-01-15 Includes\Trojans-VM-010.sbi
2014-01-15 Includes\Trojans-VM-011.sbi
2014-01-15 Includes\Trojans-VM-012.sbi
2014-01-15 Includes\Trojans-VM-013.sbi
2014-01-15 Includes\Trojans-VM-014.sbi
2014-01-15 Includes\Trojans-VM-015.sbi
2014-01-15 Includes\Trojans-VM-016.sbi
2014-01-15 Includes\Trojans-VM-017.sbi
2014-01-15 Includes\Trojans-VM-018.sbi
2014-01-15 Includes\Trojans-VM-019.sbi
2014-01-15 Includes\Trojans-VM-020.sbi
2014-01-15 Includes\Trojans-VM-021.sbi
2014-01-15 Includes\Trojans-VM-022.sbi
2014-01-15 Includes\Trojans-VM-023.sbi
2014-01-15 Includes\Trojans-VM-024.sbi
2014-01-15 Includes\Trojans-ZB-000.sbi
2016-02-03 Includes\Trojans-ZL-000.sbi
2014-01-09 Includes\Trojans.sbi
2014-01-16 Includes\TrojansC-01.sbi
2014-01-16 Includes\TrojansC-02.sbi
2014-01-16 Includes\TrojansC-03.sbi
2014-01-16 Includes\TrojansC-04.sbi
2014-01-16 Includes\TrojansC-05.sbi
2014-01-09 Includes\TrojansC.sbi

Alt 03.02.2017, 08:33   #8
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
durchgeführt von Odel (Administrator) auf ELLENFALCO (03-02-2017 05:32:20)
Gestartet von C:\Users\Odel\Downloads
Geladene Profile: Odel (Verfügbare Profile: Odel & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7173848 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\EISBR~1.SCR
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\BOSCHE~1.SCR [3561111 2010-04-08] ()
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\hpcustpartic.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\tomtomhome.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
IFEO\Winword.exe: [Debugger] "C:\Program Files\TuneUp 2014 v14.0.1000.89 Portable de_AZAD\App\TuneUp\TUAutoReactivator32.exe"
ShellExecuteHooks: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\System32\ieframe.dll [13653504 2016-11-12] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{02BA00A9-CCD4-4D88-87CA-FADCA0DEFDAF}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0B2544D7-FBDE-441F-99EF-9181F4585548}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKLM - (Kein Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  Keine Datei
URLSearchHook: HKU\S-1-5-21-155715800-1695505520-3910625203-1000 - (Kein Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  Keine Datei
SearchScopes: HKLM -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-155715800-1695505520-3910625203-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-155715800-1695505520-3910625203-1000 -> {4DB97B6A-71B3-4391-B3AF-2825F77BF0A8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab

FireFox:
========
FF DefaultProfile: gpxg2lel.default-1383325096658
FF ProfilePath: C:\Users\Odel\AppData\Roaming\TomTom\HOME\Profiles\ff9zt0b9.default [2015-08-09]
FF Extension: (Emulator) - C:\Users\Odel\AppData\Roaming\TomTom\HOME\Profiles\ff9zt0b9.default\Extensions\Navcore.7.903.9183@tomtom.com [2011-07-24] [ist nicht signiert]
FF Extension: (Emulator) - C:\Users\Odel\AppData\Roaming\TomTom\HOME\Profiles\ff9zt0b9.default\Extensions\Navcore.9.101.516023@tomtom.com [2011-10-06] [ist nicht signiert]
FF Extension: (RenaultTheme) - C:\Users\Odel\AppData\Roaming\TomTom\HOME\Profiles\ff9zt0b9.default\Extensions\RenaultTheme@tomtom.com [2012-11-09] [ist nicht signiert]
FF Extension: (Kein Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658 [2017-02-03]
FF user.js: detected! => C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\user.js [2015-06-26]
FF Homepage: Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658 -> hxxp://www.schnellstarten.de/index_google.php
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\Extensions\elemhidehelper@adblockplus.org.xpi [2015-06-26]
FF Extension: (DownloadHelper) - C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-06-26] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-26]
FF Extension: (Kein Name) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-01] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-01] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-10-23] (Apple Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default [2017-02-03]
CHR Extension: (Google Präsentationen) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Google Docs) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Google-Suche) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Tabellen) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-28]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S4 Realtek11nCU; C:\Program Files\EDUP\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [Datei ist nicht signiert]
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2016-06-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-06-22] (Avira Operations GmbH & Co. KG)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [629760 2010-08-10] (Realtek Semiconductor Corporation                           )
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [60156 2011-06-15] (PowerISO Computing, Inc.) [Datei ist nicht signiert]
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [797312 2010-02-08] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S3 SPR3322K; C:\Windows\System32\DRIVERS\SPR3322K.sys [67328 2012-08-13] (Identive                                                    )
S3 STCFUx32; C:\Windows\System32\DRIVERS\STCFUx32.SYS [7680 2011-05-19] (SCM Microsystems Inc.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1846448 2013-03-27] (VIA Technologies, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-03-10] (MBB)
S1 BdfNdisf; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [X]
S3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-03 05:32 - 2017-02-03 05:33 - 00021993 _____ C:\Users\Odel\Downloads\FRST.txt
2017-02-03 05:31 - 2017-02-03 05:31 - 00001400 _____ C:\Users\Odel\Desktop\FRST.exe - Verknüpfung.lnk
2017-02-03 05:27 - 2017-02-03 05:32 - 00000000 ____D C:\FRST
2017-02-03 05:15 - 2017-02-03 05:15 - 01762816 _____ (Farbar) C:\Users\Odel\Downloads\FRST.exe
2017-02-03 05:03 - 2017-02-03 05:03 - 00001054 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-02-02 11:22 - 2017-02-02 11:22 - 00000099 _____ C:\Windows\wininit.ini
2017-02-02 09:42 - 2017-02-02 09:42 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-02 09:42 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-02-02 09:26 - 2017-02-02 09:26 - 00002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-02-02 09:26 - 2017-02-02 09:26 - 00002079 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-02-02 09:26 - 2017-02-02 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-02-02 09:25 - 2017-02-02 11:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-02 09:25 - 2017-02-02 09:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-02-02 09:25 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2017-02-02 09:21 - 2017-02-02 09:21 - 01496584 _____ C:\Users\Odel\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2017-02-01 17:06 - 2017-02-01 17:06 - 00036964 _____ C:\Users\Odel\Documents\cc_20170201_170558.reg
2017-02-01 17:06 - 2017-02-01 17:06 - 00001930 _____ C:\Users\Odel\Documents\cc_20170201_170623.reg
2017-02-01 16:56 - 2017-02-01 16:56 - 00000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-01 16:54 - 2017-02-01 16:55 - 08813488 _____ (Piriform Ltd) C:\Users\Odel\Downloads\ccsetup526.exe
2017-02-01 12:15 - 2017-02-01 12:15 - 00000000 ____D C:\Users\Odel\Downloads\Assistant_Installer
2017-02-01 12:13 - 2017-02-01 12:15 - 106496416 _____ C:\Users\Odel\Downloads\MEDION_GoPal_Assistant_6.2.0.12196_full.exe
2017-01-30 10:01 - 2017-01-30 10:01 - 00031541 _____ C:\Users\Odel\Documents\malwarebytes.txt
2017-01-30 09:41 - 2017-01-30 09:41 - 01496584 _____ C:\Users\Odel\Downloads\Malwarebytes Anti Rootkit - CHIP-Installer.exe
2017-01-30 09:39 - 2017-01-30 09:39 - 01496584 _____ C:\Users\Odel\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
2017-01-11 11:55 - 2017-01-11 11:55 - 20358232 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-01-11 10:35 - 2017-01-05 18:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 10:35 - 2017-01-05 18:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 10:35 - 2017-01-05 18:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 10:35 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 10:35 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 10:35 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 10:35 - 2017-01-05 18:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 10:35 - 2017-01-05 18:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 10:35 - 2017-01-05 18:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 10:35 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 10:35 - 2017-01-05 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 10:35 - 2017-01-05 18:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-09 18:58 - 2017-01-09 18:58 - 00358561 _____ C:\Users\Odel\Downloads\Objektexpose__20170109_185817.pdf
2017-01-05 11:38 - 2017-01-05 11:38 - 00000530 _____ C:\Users\Odel\Documents\cc_20170105_113812.reg

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-03 05:20 - 2009-07-14 05:34 - 00020672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-03 05:20 - 2009-07-14 05:34 - 00020672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-03 05:04 - 2016-06-22 17:50 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-03 05:03 - 2016-06-22 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-03 04:55 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-02 18:55 - 2012-04-07 16:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-02 04:33 - 2014-09-06 17:44 - 00002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-01 17:16 - 2015-04-30 21:03 - 00016846 _____ C:\Users\Odel\Desktop\Rechnungen.ods
2017-02-01 17:01 - 2014-09-08 09:39 - 00158000 _____ C:\Users\Odel\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-01 16:59 - 2014-06-16 16:41 - 00519520 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-01 16:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-01 16:48 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-01 16:47 - 2010-10-10 16:27 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-02-01 16:47 - 2010-10-10 16:27 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-01 16:47 - 2009-07-14 09:56 - 00000000 ____D C:\Windows\ShellNew
2017-02-01 16:47 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-01 16:47 - 2009-07-14 03:04 - 00000648 _____ C:\Windows\win.ini
2017-02-01 16:45 - 2014-11-01 18:35 - 00000000 ____D C:\Users\Odel\AppData\LocalLow\Unity
2017-02-01 16:45 - 2014-11-01 18:35 - 00000000 ____D C:\Users\Odel\AppData\Local\Unity
2017-02-01 16:45 - 2010-10-12 18:20 - 00000000 ____D C:\Program Files\VideoLAN
2017-02-01 16:44 - 2016-10-24 11:54 - 00000000 ____D C:\ProgramData\RavensburgerTipToi3
2017-02-01 16:44 - 2011-11-07 14:27 - 00000000 ____D C:\Windows\WindowsMobile
2017-02-01 16:24 - 2010-10-10 16:48 - 00000000 ____D C:\ProgramData\Nero
2017-02-01 16:24 - 2010-10-10 16:48 - 00000000 ____D C:\Program Files\Nero
2017-02-01 16:17 - 2012-07-09 17:27 - 00000000 ____D C:\Program Files\Java
2017-02-01 15:54 - 2016-11-01 17:48 - 00000000 ____D C:\Users\Odel\Desktop\Essen
2017-02-01 05:37 - 2014-09-06 18:21 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2017-01-26 08:54 - 2010-10-09 16:11 - 00000000 ____D C:\Program Files\Google
2017-01-25 20:11 - 2016-11-27 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2017-01-25 20:07 - 2013-07-16 08:07 - 00000000 ____D C:\Windows\Minidump
2017-01-21 19:51 - 2015-11-24 11:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-16 18:18 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2017-01-11 11:55 - 2012-04-07 16:28 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-11 11:55 - 2011-05-13 17:16 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-11 11:55 - 2010-10-09 17:09 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-11 11:14 - 2013-07-16 19:18 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 11:09 - 2010-10-12 12:04 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-05 11:34 - 2016-02-25 09:04 - 00000000 ____D C:\Users\Odel\Desktop\Fotos
2017-01-05 11:33 - 2016-12-11 12:38 - 00000000 ____D C:\Users\Odel\Desktop\Musik Falko

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-11-07 19:47 - 2011-07-14 10:31 - 1456640 _____ () C:\Program Files\Common Files\Falk Navi-Manager.msi
2011-06-18 12:33 - 2011-09-02 19:10 - 0075776 _____ () C:\Users\Odel\AppData\Roaming\chrtmp
2011-08-17 19:16 - 2011-08-17 19:16 - 0000000 ____H () C:\Users\Odel\AppData\Roaming\hfjF8g8g2h0j.txbefeIE2I8sfe.txt
2011-07-03 15:40 - 2016-12-18 13:50 - 0014336 _____ () C:\Users\Odel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-13 16:53 - 2011-07-13 16:53 - 0007610 _____ () C:\Users\Odel\AppData\Local\Resmon.ResmonCfg
2012-12-20 19:21 - 2012-12-20 19:21 - 0916402 _____ () C:\ProgramData\1356025611.bdinstall.bin
2014-02-18 14:30 - 2014-02-18 14:30 - 0224345 _____ () C:\ProgramData\1392730094.bdinstall.bin
2014-02-18 14:53 - 2014-02-18 14:53 - 0849876 _____ () C:\ProgramData\1392730360.bdinstall.bin
2014-06-14 16:26 - 2014-06-14 16:26 - 0092010 _____ () C:\ProgramData\1402759582.bdinstall.bin
2014-06-14 16:45 - 2014-06-14 16:45 - 0700692 _____ () C:\ProgramData\1402759584.bdinstall.bin
2015-06-17 16:53 - 2015-06-17 16:53 - 0251643 _____ () C:\ProgramData\1434554833.bdinstall.bin
2014-05-02 11:04 - 2014-05-02 11:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-10-09 14:13 - 2012-12-20 18:43 - 0156479 _____ () C:\ProgramData\bdinstall.bin
2010-11-06 15:26 - 2014-05-10 09:50 - 0011285 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-02 12:02

==================== Ende vom FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 29-01-2017
durchgeführt von Odel (03-02-2017 05:34:17)
Gestartet von C:\Users\Odel\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2010-10-09 12:48:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-155715800-1695505520-3910625203-500 - Administrator - Disabled)
Gast (S-1-5-21-155715800-1695505520-3910625203-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-155715800-1695505520-3910625203-1002 - Limited - Enabled)
Odel (S-1-5-21-155715800-1695505520-3910625203-1000 - Administrator - Enabled) => C:\Users\Odel
UpdatusUser (S-1-5-21-155715800-1695505520-3910625203-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

32 Bit HP CIO Components Installer (Version: 21.1.1 - HP) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
ATI Catalyst Install Manager (HKLM\...\{B63B53EF-B1D5-C009-28D6-592F64707E17}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
CloneCD (HKLM\...\CloneCD) (Version:  - SlySoft)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
EDUP Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0150 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Media Add-ons für Acronis True Image Home 2011 (HKLM\...\{9A5509EE-5579-46C1-B566-5065545547F9}) (Version: 14.0.6597 - Acronis)
Micrografx Picture Publisher 7 (HKLM\...\Micrografx Picture Publisher 7) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Plus Pack für Acronis True Image Home 2011 (HKLM\...\{F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}) (Version: 14.0.6597 - Acronis)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RICOH_Media_Driver_v2.14.18.01 (HKLM\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SPR532 SmartCard Reader V1.88 (HKLM\...\{FB8EAB8D-9AA9-464F-8800-613B251C6C3C}) (Version: 1.88 - Identive)
SPRx32 CT-API und PC/SC Treiber Installation (HKLM\...\{3B6A3576-1844-4C99-AB0E-FD06D75DC1F0}) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.3010.9 - TuneUp Software) Hidden
USB2.0 Capture Device (HKLM\...\{E337B156-DF81-48D8-8977-B1574EE87BCF}) (Version: 1.0.3.0 - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32 -> C:\Windows\system32\Adobe\Director\SwDir_1213153.dll (Adobe Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-155715800-1695505520-3910625203-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0525F6C0-D02E-4A01-A758-ED083AFA09EB} - System32\Tasks\{FF3BED00-736A-44EC-A918-130567E075B1} => pcalua.exe -a C:\Users\Odel\TomTom\clear_flash.exe -d C:\Users\Odel\TomTom
Task: {08E066C9-0EC2-4AA1-87FB-8B16AC5F7D9B} - System32\Tasks\{60831997-228C-460B-8B78-B53CB82B0ACE} => pcalua.exe -a "C:\Users\Odel\Downloads\EA5_v0.57.21\Easy Activator.exe" -d C:\Users\Odel\Downloads\EA5_v0.57.21
Task: {0C61772B-3E61-46F8-A6F3-A50EE2718193} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {135299ED-DFEE-4765-8D9A-76C091E17BDD} - System32\Tasks\{24B46599-7DDE-4206-B8E6-7273527108F1} => C:\Program Files\Neoretix\TubeHunter Ultra\TubeHunter.exe
Task: {2050339A-CBD0-4840-8B33-FA320C5DEA9E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2507FE09-54AA-42FD-83E9-224A31A9EEC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {294ADBC9-E5F6-41EB-8786-3CE0EAB55471} - System32\Tasks\{DEA2BA21-90C9-4F0D-B963-805A9C69CB0D} => pcalua.exe -a "C:\Users\Odel\Desktop\NHD10\Nero 10.5 Multimedia Suite Platinum Fix (x86).exe" -d C:\Users\Odel\Desktop\NHD10
Task: {2E30A3D3-95B6-4B95-A1D0-150ECCB00392} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {322CF1BA-90A6-42DE-BC37-1DC42EFC8044} - System32\Tasks\{5B6C4916-A718-4B99-A3D2-DE38AB66995B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {32C173B0-A9E5-4930-A259-D95FC10A6E7E} - System32\Tasks\{A6D40A39-EDD3-42C4-B429-2D3BBE1CB937} => C:\Program Files\Neoretix\TubeHunter Ultra\TubeHunter.exe
Task: {3C0BFC6F-97A4-4F6C-860D-ABC3A474449A} - System32\Tasks\{34FA6CA0-4E3B-459E-B498-C26D7FD4D4E7} => C:\Program Files\Neoretix\TubeHunter Ultra\TubeHunter.exe
Task: {45163D09-EAD3-456C-8CFA-2C0058A18D4A} - System32\Tasks\{4A1434A4-CE8A-40F1-9C51-D78621B0FC98} => pcalua.exe -a "C:\Users\Odel\Desktop\NHD10\Nero 10.5 Multimedia Suite Platinum Fix (x64).exe" -d C:\Users\Odel\Desktop\NHD10
Task: {5AA1BABC-CD28-44D1-A1CB-E1442C3015D0} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
Task: {6A630397-1123-48EE-BEA9-4A7F75E4E825} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {73FD1DB8-A1E3-40E5-9538-4859D0253E74} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {7754D3DD-7C98-47D0-8030-D86930FB6C0C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-07-27] ()
Task: {82D4B241-C3F4-4ABB-A135-D2C95904D697} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A450FB6B-12BC-422A-99E7-49F40C745825} - System32\Tasks\ScanToPCActivationApp.exe_{55D3CBBE-A9A2-43C0-8F40-D8E7FB60F53B} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
Task: {A6BFA289-344C-4CE6-BF98-46FDB70A4527} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {C6B931A8-3055-4FC3-8316-8EF21D9AEB57} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {D58B022F-3506-4ADA-BAB0-CCD73DD84441} - System32\Tasks\{62C70441-DB5A-4239-B384-E167CDC6477B} => pcalua.exe -a G:\ESIgen_2011_1.exe -d G:\
Task: {DECE8DB3-8FA7-43EE-85FF-BE3CB2526353} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {EC559D4A-5C98-4C4E-A15B-72C02FFD6A16} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe
Task: {F83527AE-1AEE-4826-8A07-641C07C4F4AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Odel\Desktop\Google-Suche.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=coobgpohoikkiipiblmjeljniedjpjpf
ShortcutWithArgument: C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_coobgpohoikkiipiblmjeljniedjpjpf\Google-Suche.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=coobgpohoikkiipiblmjeljniedjpjpf
ShortcutWithArgument: C:\Users\Odel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google-Suche.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=coobgpohoikkiipiblmjeljniedjpjpf

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-10 11:35 - 2015-01-31 01:48 - 00078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-02 09:25 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-02-02 09:25 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2017-02-02 09:25 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-12-21 18:49 - 2016-12-21 18:49 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-02-02 04:33 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-02 04:33 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [193]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Odel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C6AB4928-B5F4-438D-B017-239CD2504DCC}] => C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{A5349ED4-FD61-42DB-BAA6-DD43EF0FF302}] => C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{43DA5F28-4C82-4D94-9111-6FD488B205BE}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{607314DE-E678-4A35-8D5A-11B07CC58D57}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{819E3769-82CB-4F4D-9DB0-9B5B6EB63DFF}] => C:\Program Files\EDUP\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{2CF3420E-EB33-4B8C-9278-797B82752ECA}] => C:\Program Files\EDUP\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{17C29DE0-2748-47B9-942D-6EDDA941AA03}] => LPort=1542
FirewallRules: [{DCBB10A3-2B97-4E70-94B8-4BE27A294E69}] => LPort=1542
FirewallRules: [{9B48AA37-23A9-497E-935C-BB86CA11A3BA}] => LPort=53
FirewallRules: [{DCD117A3-8FD0-4275-BD69-C6CAD4EE67B5}] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{97393ADD-1F65-4A4B-BF66-12E9EB237FAF}] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9BCE5071-5444-4715-AFE1-237F7D40733C}] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9568FCD9-D73F-45DE-BC0F-BE859B9E32F5}] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{15E8073B-71E0-40B9-86E0-DBAF24F32C35}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{58A6BBA8-B330-4E0B-BDEE-015486B7FC37}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{A62757A3-2C3C-4B89-8EC9-D3C393B9095E}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{A46DC9AF-15AF-40A3-A44F-FF576180725F}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E3CFD4B8-3C70-4705-9D4C-552AB8CA7021}] => LPort=2869
FirewallRules: [{DB4F4DE4-70DE-457C-89EE-2F26475732BD}] => LPort=1900
FirewallRules: [{5232924F-BCDC-4B14-9781-ABF78014CFBE}] => C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: BitDefender Firewall NDIS 6 Filter Driver
Description: BitDefender Firewall NDIS 6 Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BdfNdisf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/03/2017 05:35:16 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (02/03/2017 05:35:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (02/02/2017 12:10:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe Files\Spybot - Search & Destroy 2\SDCleaner.exe" ; Beschreibung = Säuberung (Spybot - Search & Destroy 2.6, Administratorrechte); Fehler = 0x80042302).

Error: (02/02/2017 12:10:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.

Error: (02/02/2017 12:10:01 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (02/02/2017 12:10:01 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (02/01/2017 05:23:24 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042302).

Error: (02/01/2017 05:23:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.

Error: (02/01/2017 05:23:24 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (02/01/2017 05:23:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


Systemfehler:
=============
Error: (02/03/2017 05:01:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (02/03/2017 05:01:01 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Anmeldung fehlgeschlagen: Das angegebene Kennwort des Kontos ist abgelaufen.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/03/2017 04:58:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/03/2017 04:58:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (02/03/2017 04:57:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BdfNdisf

Error: (02/03/2017 04:55:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/03/2017 04:55:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (02/03/2017 04:55:13 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (02/03/2017 04:55:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (02/03/2017 04:55:09 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 1791.24 MB
Verfügbarer physikalischer RAM: 462.59 MB
Summe virtueller Speicher: 3582.48 MB
Verfügbarer virtueller Speicher: 1713.31 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:173.45 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C281C93A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Alt 03.02.2017, 10:36   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Bitte Spybot und Avira deinstallieren. Spybot ist weitgehend wirkungslos und daher überflüssig; Avira empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.02.2017, 12:00   #10
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Bescheid
Hab ich deinstalliert.
Geändert von Schkudi (03.02.2017 um 12:11 Uhr)

Alt 03.02.2017, 13:27   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.02.2017, 14:17   #12
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.03.08
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18537
Odel :: ELLENFALCO [administrator]

03.02.2017 11:11:16
mbar-log-2017-02-03 (11-11-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 300104
Time elapsed: 24 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
11:37:38.0914 0x0d00  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:37:47.0424 0x0d00  ============================================================
11:37:47.0424 0x0d00  Current date / time: 2017/02/03 11:37:47.0424
11:37:47.0424 0x0d00  SystemInfo:
11:37:47.0424 0x0d00  
11:37:47.0424 0x0d00  OS Version: 6.1.7601 ServicePack: 1.0
11:37:47.0424 0x0d00  Product type: Workstation
11:37:47.0424 0x0d00  ComputerName: ELLENFALCO
11:37:47.0424 0x0d00  UserName: Odel
11:37:47.0424 0x0d00  Windows directory: C:\Windows
11:37:47.0424 0x0d00  System windows directory: C:\Windows
11:37:47.0424 0x0d00  Processor architecture: Intel x86
11:37:47.0424 0x0d00  Number of processors: 2
11:37:47.0424 0x0d00  Page size: 0x1000
11:37:47.0424 0x0d00  Boot type: Normal boot
11:37:47.0425 0x0d00  CodeIntegrityOptions = 0x00000000
11:37:47.0425 0x0d00  ============================================================
11:37:49.0638 0x0d00  KLMD registered as C:\Windows\system32\drivers\58386957.sys
11:37:49.0638 0x0d00  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x0
11:37:49.0844 0x0d00  System UUID: {E9A3E09E-F465-B5FB-D19D-1DD63309D364}
11:37:50.0387 0x0d00  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:37:50.0457 0x0d00  ============================================================
11:37:50.0457 0x0d00  \Device\Harddisk0\DR0:
11:37:50.0457 0x0d00  MBR partitions:
11:37:50.0457 0x0d00  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:37:50.0457 0x0d00  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
11:37:50.0457 0x0d00  ============================================================
11:37:50.0499 0x0d00  C: <-> \Device\Harddisk0\DR0\Partition2
11:37:50.0546 0x0d00  ============================================================
11:37:50.0546 0x0d00  Initialize success
11:37:50.0547 0x0d00  ============================================================
11:39:20.0458 0x0f74  ============================================================
11:39:20.0458 0x0f74  Scan started
11:39:20.0458 0x0f74  Mode: Manual; SigCheck; TDLFS; 
11:39:20.0458 0x0f74  ============================================================
11:39:20.0458 0x0f74  KSN ping started
11:39:31.0670 0x0f74  KSN ping finished: true
11:39:32.0740 0x0f74  ================ Scan system memory ========================
11:39:32.0740 0x0f74  System memory - ok
11:39:32.0740 0x0f74  ================ Scan services =============================
11:39:32.0889 0x0f74  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:39:32.0980 0x0f74  1394ohci - ok
11:39:33.0017 0x0f74  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:39:33.0044 0x0f74  ACPI - ok
11:39:33.0079 0x0f74  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:39:33.0105 0x0f74  AcpiPmi - ok
11:39:33.0228 0x0f74  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:39:33.0238 0x0f74  AdobeARMservice - ok
11:39:33.0330 0x0f74  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:39:33.0381 0x0f74  AdobeFlashPlayerUpdateSvc - ok
11:39:33.0429 0x0f74  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:39:33.0449 0x0f74  adp94xx - ok
11:39:33.0473 0x0f74  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:39:33.0489 0x0f74  adpahci - ok
11:39:33.0508 0x0f74  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:39:33.0522 0x0f74  adpu320 - ok
11:39:33.0559 0x0f74  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:39:33.0588 0x0f74  AeLookupSvc - ok
11:39:33.0652 0x0f74  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
11:39:33.0704 0x0f74  AFD - ok
11:39:33.0729 0x0f74  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:39:33.0740 0x0f74  agp440 - ok
11:39:33.0775 0x0f74  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:39:33.0786 0x0f74  aic78xx - ok
11:39:33.0830 0x0f74  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:39:33.0853 0x0f74  ALG - ok
11:39:33.0883 0x0f74  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:39:33.0892 0x0f74  aliide - ok
11:39:33.0911 0x0f74  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:39:33.0922 0x0f74  amdagp - ok
11:39:33.0933 0x0f74  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:39:33.0944 0x0f74  amdide - ok
11:39:33.0974 0x0f74  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:39:34.0014 0x0f74  AmdK8 - ok
11:39:34.0027 0x0f74  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:39:34.0056 0x0f74  AmdPPM - ok
11:39:34.0098 0x0f74  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:39:34.0110 0x0f74  amdsata - ok
11:39:34.0149 0x0f74  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:39:34.0161 0x0f74  amdsbs - ok
11:39:34.0180 0x0f74  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:39:34.0190 0x0f74  amdxata - ok
11:39:34.0218 0x0f74  [ 873F0162D10893E3DF34FA2AC604E6EA, 79655CDB125DBA14DDA01E45A2F8E185788081A3DF8D9E7A6A167C9F0D5C3F62 ] AppID           C:\Windows\system32\drivers\appid.sys
11:39:34.0266 0x0f74  AppID - ok
11:39:34.0281 0x0f74  [ E10F22695EAC1689DED6A9A45D6C352A, 15B10D2E4AB88DE729905E9E4DD24E812163AD45806713E3883E701723D44E3A ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:39:34.0306 0x0f74  AppIDSvc - ok
11:39:34.0335 0x0f74  [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo         C:\Windows\System32\appinfo.dll
11:39:34.0348 0x0f74  Appinfo - ok
11:39:34.0389 0x0f74  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:39:34.0432 0x0f74  AppMgmt - ok
11:39:34.0476 0x0f74  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:39:34.0488 0x0f74  arc - ok
11:39:34.0511 0x0f74  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:39:34.0523 0x0f74  arcsas - ok
11:39:34.0615 0x0f74  [ C5BBC8487D89FC1C5D819BB1344F2845, 2265560C9D1DD544C17808F4F2D625B926014EFD5DFE2770BFACF89AB26B54AF ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:39:34.0628 0x0f74  aspnet_state - ok
11:39:34.0648 0x0f74  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:39:34.0739 0x0f74  AsyncMac - ok
11:39:34.0771 0x0f74  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:39:34.0782 0x0f74  atapi - ok
11:39:34.0827 0x0f74  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:39:34.0872 0x0f74  AudioEndpointBuilder - ok
11:39:34.0901 0x0f74  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:39:34.0921 0x0f74  Audiosrv - ok
11:39:34.0968 0x0f74  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:39:34.0997 0x0f74  AxInstSV - ok
11:39:35.0045 0x0f74  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:39:35.0087 0x0f74  b06bdrv - ok
11:39:35.0131 0x0f74  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:39:35.0160 0x0f74  b57nd60x - ok
11:39:35.0209 0x0f74  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:39:35.0239 0x0f74  BDESVC - ok
11:39:35.0273 0x0f74  BdfNdisf - ok
11:39:35.0301 0x0f74  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:39:35.0339 0x0f74  Beep - ok
11:39:35.0390 0x0f74  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:39:35.0433 0x0f74  BFE - ok
11:39:35.0486 0x0f74  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
11:39:35.0554 0x0f74  BITS - ok
11:39:35.0574 0x0f74  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:39:35.0601 0x0f74  blbdrive - ok
11:39:35.0640 0x0f74  [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:39:35.0666 0x0f74  bowser - ok
11:39:35.0693 0x0f74  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:39:35.0705 0x0f74  BrFiltLo - ok
11:39:35.0716 0x0f74  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:39:35.0744 0x0f74  BrFiltUp - ok
11:39:35.0782 0x0f74  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:39:35.0806 0x0f74  Browser - ok
11:39:35.0848 0x0f74  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:39:35.0885 0x0f74  Brserid - ok
11:39:35.0912 0x0f74  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:39:35.0942 0x0f74  BrSerWdm - ok
11:39:35.0960 0x0f74  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:39:35.0987 0x0f74  BrUsbMdm - ok
11:39:35.0994 0x0f74  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:39:36.0011 0x0f74  BrUsbSer - ok
11:39:36.0033 0x0f74  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:39:36.0060 0x0f74  BTHMODEM - ok
11:39:36.0106 0x0f74  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:39:36.0144 0x0f74  bthserv - ok
11:39:36.0176 0x0f74  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:39:36.0214 0x0f74  cdfs - ok
11:39:36.0254 0x0f74  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:39:36.0279 0x0f74  cdrom - ok
11:39:36.0320 0x0f74  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:39:36.0358 0x0f74  CertPropSvc - ok
11:39:36.0392 0x0f74  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:39:36.0420 0x0f74  circlass - ok
11:39:36.0459 0x0f74  [ 1136E4A71849BCFCB057140AD03AAEE6, 9A9615F33E475039382E452052040C21EFA9C6669FB4E95D466C014FCAEF4D74 ] CLFS            C:\Windows\system32\CLFS.sys
11:39:36.0479 0x0f74  CLFS - ok
11:39:36.0550 0x0f74  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:39:36.0562 0x0f74  clr_optimization_v2.0.50727_32 - ok
11:39:36.0595 0x0f74  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:39:36.0611 0x0f74  clr_optimization_v4.0.30319_32 - ok
11:39:36.0636 0x0f74  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:39:36.0659 0x0f74  CmBatt - ok
11:39:36.0689 0x0f74  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:39:36.0699 0x0f74  cmdide - ok
11:39:36.0734 0x0f74  [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG             C:\Windows\system32\Drivers\cng.sys
11:39:36.0766 0x0f74  CNG - ok
11:39:36.0788 0x0f74  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:39:36.0798 0x0f74  Compbatt - ok
11:39:36.0819 0x0f74  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:39:36.0847 0x0f74  CompositeBus - ok
11:39:36.0867 0x0f74  COMSysApp - ok
11:39:36.0895 0x0f74  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:39:36.0906 0x0f74  crcdisk - ok
11:39:36.0943 0x0f74  [ 348B3A4DD922F590EB39DB231F7AEE4D, 62341BBB263E8E72436FE008E2645692712C2143964D67CE38D58F47F5DEA8B1 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:39:36.0974 0x0f74  CryptSvc - ok
11:39:37.0017 0x0f74  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
11:39:37.0074 0x0f74  CSC - ok
11:39:37.0123 0x0f74  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
11:39:37.0175 0x0f74  CscService - ok
11:39:37.0218 0x0f74  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:39:37.0250 0x0f74  DcomLaunch - ok
11:39:37.0286 0x0f74  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:39:37.0327 0x0f74  defragsvc - ok
11:39:37.0366 0x0f74  [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:39:37.0389 0x0f74  DfsC - ok
11:39:37.0441 0x0f74  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:39:37.0469 0x0f74  Dhcp - ok
11:39:37.0572 0x0f74  [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:39:37.0621 0x0f74  DiagTrack - ok
11:39:37.0653 0x0f74  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:39:37.0689 0x0f74  discache - ok
11:39:37.0725 0x0f74  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
11:39:37.0737 0x0f74  Disk - ok
11:39:37.0764 0x0f74  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:39:37.0793 0x0f74  Dnscache - ok
11:39:37.0827 0x0f74  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:39:37.0875 0x0f74  dot3svc - ok
11:39:37.0912 0x0f74  [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:39:37.0944 0x0f74  Dot4 - ok
11:39:37.0986 0x0f74  [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
11:39:38.0009 0x0f74  Dot4Print - ok
11:39:38.0031 0x0f74  [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:39:38.0073 0x0f74  dot4usb - ok
11:39:38.0117 0x0f74  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:39:38.0156 0x0f74  DPS - ok
11:39:38.0196 0x0f74  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:39:38.0219 0x0f74  drmkaud - ok
11:39:38.0285 0x0f74  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:39:38.0323 0x0f74  DXGKrnl - ok
11:39:38.0364 0x0f74  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:39:38.0407 0x0f74  EapHost - ok
11:39:38.0553 0x0f74  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:39:38.0695 0x0f74  ebdrv - ok
11:39:38.0742 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] EFS             C:\Windows\System32\lsass.exe
11:39:38.0768 0x0f74  EFS - ok
11:39:38.0836 0x0f74  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:39:38.0893 0x0f74  ehRecvr - ok
11:39:38.0928 0x0f74  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:39:38.0957 0x0f74  ehSched - ok
11:39:39.0020 0x0f74  [ CE37E3D51912E59C80C6D84337C0B4CD, CE15CFFCF1D099DC6B9423746DDADCAE6BAFFCF037DD9F3FF154A8E69022A861 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
11:39:39.0039 0x0f74  ElbyCDFL - ok
11:39:39.0096 0x0f74  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
11:39:39.0105 0x0f74  ElbyCDIO - ok
11:39:39.0154 0x0f74  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:39:39.0182 0x0f74  elxstor - ok
11:39:39.0212 0x0f74  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:39:39.0235 0x0f74  ErrDev - ok
11:39:39.0277 0x0f74  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:39:39.0332 0x0f74  EventSystem - ok
11:39:39.0368 0x0f74  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:39:39.0418 0x0f74  exfat - ok
11:39:39.0437 0x0f74  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:39:39.0489 0x0f74  fastfat - ok
11:39:39.0549 0x0f74  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:39:39.0606 0x0f74  Fax - ok
11:39:39.0637 0x0f74  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:39:39.0648 0x0f74  fdc - ok
11:39:39.0665 0x0f74  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:39:39.0702 0x0f74  fdPHost - ok
11:39:39.0721 0x0f74  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:39:39.0771 0x0f74  FDResPub - ok
11:39:39.0788 0x0f74  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:39:39.0799 0x0f74  FileInfo - ok
11:39:39.0808 0x0f74  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:39:39.0848 0x0f74  Filetrace - ok
11:39:39.0884 0x0f74  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:39:39.0908 0x0f74  flpydisk - ok
11:39:39.0934 0x0f74  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:39:39.0953 0x0f74  FltMgr - ok
11:39:40.0017 0x0f74  [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache       C:\Windows\system32\FntCache.dll
11:39:40.0078 0x0f74  FontCache - ok
11:39:40.0139 0x0f74  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:39:40.0149 0x0f74  FontCache3.0.0.0 - ok
11:39:40.0234 0x0f74  [ 7DFF82ACDAB23414ABC2A95FEF8982F8, 9B2ACC7AA63085B4A571D084406FE48FE184243A1AF80C2492038CFF3737FEE5 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
11:39:40.0260 0x0f74  ForceWare Intelligent Application Manager (IAM) - ok
11:39:40.0293 0x0f74  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:39:40.0304 0x0f74  FsDepends - ok
11:39:40.0337 0x0f74  FsUsbExDisk - ok
11:39:40.0363 0x0f74  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:39:40.0374 0x0f74  Fs_Rec - ok
11:39:40.0411 0x0f74  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:39:40.0428 0x0f74  fvevol - ok
11:39:40.0458 0x0f74  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:39:40.0469 0x0f74  gagp30kx - ok
11:39:40.0514 0x0f74  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:39:40.0564 0x0f74  gpsvc - ok
11:39:40.0653 0x0f74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:39:40.0669 0x0f74  gupdate - ok
11:39:40.0728 0x0f74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:39:40.0743 0x0f74  gupdatem - ok
11:39:40.0772 0x0f74  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:39:40.0794 0x0f74  hcw85cir - ok
11:39:40.0859 0x0f74  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:39:40.0895 0x0f74  HdAudAddService - ok
11:39:40.0915 0x0f74  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:39:40.0949 0x0f74  HDAudBus - ok
11:39:40.0979 0x0f74  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:39:41.0004 0x0f74  HidBatt - ok
11:39:41.0024 0x0f74  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:39:41.0038 0x0f74  HidBth - ok
11:39:41.0058 0x0f74  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:39:41.0084 0x0f74  HidIr - ok
11:39:41.0116 0x0f74  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
11:39:41.0155 0x0f74  hidserv - ok
11:39:41.0203 0x0f74  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:39:41.0249 0x0f74  HidUsb - ok
11:39:41.0270 0x0f74  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:39:41.0306 0x0f74  hkmsvc - ok
11:39:41.0340 0x0f74  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:39:41.0371 0x0f74  HomeGroupListener - ok
11:39:41.0402 0x0f74  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:39:41.0434 0x0f74  HomeGroupProvider - ok
11:39:41.0466 0x0f74  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:39:41.0478 0x0f74  HpSAMD - ok
11:39:41.0533 0x0f74  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:39:41.0588 0x0f74  HTTP - ok
11:39:41.0608 0x0f74  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:39:41.0618 0x0f74  hwpolicy - ok
11:39:41.0646 0x0f74  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:39:41.0669 0x0f74  i8042prt - ok
11:39:41.0708 0x0f74  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:39:41.0736 0x0f74  iaStorV - ok
11:39:41.0794 0x0f74  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:39:41.0851 0x0f74  idsvc - ok
11:39:41.0893 0x0f74  IEEtwCollectorService - ok
11:39:41.0921 0x0f74  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:39:41.0934 0x0f74  iirsp - ok
11:39:41.0985 0x0f74  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:39:42.0040 0x0f74  IKEEXT - ok
11:39:42.0066 0x0f74  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:39:42.0076 0x0f74  intelide - ok
11:39:42.0107 0x0f74  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:39:42.0132 0x0f74  intelppm - ok
11:39:42.0162 0x0f74  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:39:42.0207 0x0f74  IPBusEnum - ok
11:39:42.0230 0x0f74  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:39:42.0271 0x0f74  IpFilterDriver - ok
11:39:42.0321 0x0f74  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:39:42.0360 0x0f74  iphlpsvc - ok
11:39:42.0392 0x0f74  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:39:42.0415 0x0f74  IPMIDRV - ok
11:39:42.0441 0x0f74  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:39:42.0482 0x0f74  IPNAT - ok
11:39:42.0509 0x0f74  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:39:42.0535 0x0f74  IRENUM - ok
11:39:42.0561 0x0f74  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:39:42.0572 0x0f74  isapnp - ok
11:39:42.0601 0x0f74  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:39:42.0619 0x0f74  iScsiPrt - ok
11:39:42.0653 0x0f74  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:39:42.0664 0x0f74  kbdclass - ok
11:39:42.0697 0x0f74  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:39:42.0708 0x0f74  kbdhid - ok
11:39:42.0744 0x0f74  [ 3EB803312987FF44265C87CB960DF6AB, D6F44702F92089A0C847044A3933F7311D6A72C4647C3FECB35CDBF96A913A40 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
11:39:42.0752 0x0f74  kbfiltr - ok
11:39:42.0767 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] KeyIso          C:\Windows\system32\lsass.exe
11:39:42.0779 0x0f74  KeyIso - ok
11:39:42.0804 0x0f74  [ EF7A3616C7902A232FEDAAB886AA07C2, B739EA5840E09E32AEF23A414F1E74B33785189BC0F43E156F6321CC0FA5BC35 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:39:42.0815 0x0f74  KSecDD - ok
11:39:42.0828 0x0f74  [ 78EF4037997534DD08545416EF4438E2, ABB739F1BA59A1D88F94C0F6569E92DBCFA73109A4AD7678C2CAB14AEEDEDDCD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:39:42.0846 0x0f74  KSecPkg - ok
11:39:42.0879 0x0f74  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:39:42.0919 0x0f74  KtmRm - ok
11:39:42.0943 0x0f74  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:39:43.0004 0x0f74  LanmanServer - ok
11:39:43.0028 0x0f74  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:39:43.0063 0x0f74  LanmanWorkstation - ok
11:39:43.0108 0x0f74  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:39:43.0146 0x0f74  lltdio - ok
11:39:43.0175 0x0f74  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:39:43.0224 0x0f74  lltdsvc - ok
11:39:43.0243 0x0f74  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:39:43.0277 0x0f74  lmhosts - ok
11:39:43.0325 0x0f74  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:39:43.0337 0x0f74  LSI_FC - ok
11:39:43.0351 0x0f74  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:39:43.0363 0x0f74  LSI_SAS - ok
11:39:43.0378 0x0f74  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:39:43.0389 0x0f74  LSI_SAS2 - ok
11:39:43.0403 0x0f74  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:39:43.0415 0x0f74  LSI_SCSI - ok
11:39:43.0439 0x0f74  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:39:43.0477 0x0f74  luafv - ok
11:39:43.0504 0x0f74  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:39:43.0518 0x0f74  Mcx2Svc - ok
11:39:43.0529 0x0f74  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:39:43.0540 0x0f74  megasas - ok
11:39:43.0560 0x0f74  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:39:43.0578 0x0f74  MegaSR - ok
11:39:43.0643 0x0f74  Microsoft SharePoint Workspace Audit Service - ok
11:39:43.0664 0x0f74  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:39:43.0705 0x0f74  MMCSS - ok
11:39:43.0728 0x0f74  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:39:43.0762 0x0f74  Modem - ok
11:39:43.0802 0x0f74  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:39:43.0814 0x0f74  monitor - ok
11:39:43.0850 0x0f74  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:39:43.0876 0x0f74  mouclass - ok
11:39:43.0924 0x0f74  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:39:44.0006 0x0f74  mouhid - ok
11:39:44.0084 0x0f74  [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:39:44.0095 0x0f74  mountmgr - ok
11:39:44.0118 0x0f74  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:39:44.0131 0x0f74  mpio - ok
11:39:44.0163 0x0f74  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:39:44.0203 0x0f74  mpsdrv - ok
11:39:44.0248 0x0f74  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:39:44.0296 0x0f74  MpsSvc - ok
11:39:44.0326 0x0f74  [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:39:44.0352 0x0f74  MRxDAV - ok
11:39:44.0378 0x0f74  [ 6284D46BAA301BEDB9AB7FA7672B2410, F998D17FEE497491CC3CF4711FB37E507D1A5B2E9B2E4D6001152EDB968A2D98 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:39:44.0406 0x0f74  mrxsmb - ok
11:39:44.0439 0x0f74  [ 78AD95493F015FA9941869A009C00286, EC075C44FE78249CA58B338EBC3905A020762571A27DBEDF32A41B2A84FDEAFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:39:44.0475 0x0f74  mrxsmb10 - ok
11:39:44.0505 0x0f74  [ D7C3ED1FD46FAC7083473D9B1718255E, BC4BFFDB4B044205A4A658701B7F0E9680C139A6A0141E333BE6D590F99D9D65 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:39:44.0533 0x0f74  mrxsmb20 - ok
11:39:44.0574 0x0f74  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:39:44.0585 0x0f74  msahci - ok
11:39:44.0600 0x0f74  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:39:44.0613 0x0f74  msdsm - ok
11:39:44.0643 0x0f74  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:39:44.0675 0x0f74  MSDTC - ok
11:39:44.0723 0x0f74  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:39:44.0767 0x0f74  Msfs - ok
11:39:44.0784 0x0f74  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:39:44.0824 0x0f74  mshidkmdf - ok
11:39:44.0854 0x0f74  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:39:44.0864 0x0f74  msisadrv - ok
11:39:44.0887 0x0f74  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:39:44.0911 0x0f74  MSiSCSI - ok
11:39:44.0916 0x0f74  msiserver - ok
11:39:44.0944 0x0f74  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:39:44.0976 0x0f74  MSKSSRV - ok
11:39:45.0001 0x0f74  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:39:45.0035 0x0f74  MSPCLOCK - ok
11:39:45.0051 0x0f74  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:39:45.0086 0x0f74  MSPQM - ok
11:39:45.0111 0x0f74  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:39:45.0129 0x0f74  MsRPC - ok
11:39:45.0155 0x0f74  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:39:45.0165 0x0f74  mssmbios - ok
11:39:45.0185 0x0f74  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:39:45.0220 0x0f74  MSTEE - ok
11:39:45.0240 0x0f74  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:39:45.0262 0x0f74  MTConfig - ok
11:39:45.0282 0x0f74  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:39:45.0293 0x0f74  Mup - ok
11:39:45.0335 0x0f74  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:39:45.0387 0x0f74  napagent - ok
11:39:45.0438 0x0f74  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:39:45.0484 0x0f74  NativeWifiP - ok
11:39:45.0545 0x0f74  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:39:45.0570 0x0f74  NDIS - ok
11:39:45.0603 0x0f74  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:39:45.0627 0x0f74  NdisCap - ok
11:39:45.0668 0x0f74  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:39:45.0701 0x0f74  NdisTapi - ok
11:39:45.0758 0x0f74  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:39:45.0779 0x0f74  Ndisuio - ok
11:39:45.0814 0x0f74  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:39:45.0851 0x0f74  NdisWan - ok
11:39:45.0880 0x0f74  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:39:45.0914 0x0f74  NDProxy - ok
11:39:45.0966 0x0f74  [ 4BFD93796488C95122D4797E043275F6, 802B3F575F8CD20589567FC318984AFE2ECA218B5E55A7FC531A39BEA0659FAE ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:39:45.0989 0x0f74  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:39:46.0088 0x0f74  Detect skipped due to KSN trusted
11:39:46.0088 0x0f74  Net Driver HPZ12 - ok
11:39:46.0125 0x0f74  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:39:46.0165 0x0f74  NetBIOS - ok
11:39:46.0195 0x0f74  [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:39:46.0222 0x0f74  NetBT - ok
11:39:46.0242 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] Netlogon        C:\Windows\system32\lsass.exe
11:39:46.0253 0x0f74  Netlogon - ok
11:39:46.0291 0x0f74  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:39:46.0336 0x0f74  Netman - ok
11:39:46.0394 0x0f74  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:39:46.0413 0x0f74  NetMsmqActivator - ok
11:39:46.0432 0x0f74  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:39:46.0448 0x0f74  NetPipeActivator - ok
11:39:46.0480 0x0f74  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:39:46.0539 0x0f74  netprofm - ok
11:39:46.0577 0x0f74  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:39:46.0591 0x0f74  NetTcpActivator - ok
11:39:46.0602 0x0f74  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:39:46.0616 0x0f74  NetTcpPortSharing - ok
11:39:46.0651 0x0f74  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:39:46.0661 0x0f74  nfrd960 - ok
11:39:46.0697 0x0f74  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:39:46.0742 0x0f74  NlaSvc - ok
11:39:46.0758 0x0f74  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:39:46.0798 0x0f74  Npfs - ok
11:39:46.0825 0x0f74  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
11:39:46.0867 0x0f74  nsi - ok
11:39:46.0901 0x0f74  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:39:46.0934 0x0f74  nsiproxy - ok
11:39:46.0979 0x0f74  [ 198FF60A42802C319FBA58FDB13EEE49, 80F098727BE1452BD570F5A1A7F4883BB38B3B4F7F4797D6F276A6E9FFE3B7C1 ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
11:39:46.0995 0x0f74  nSvcIp - ok
11:39:47.0062 0x0f74  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:39:47.0126 0x0f74  Ntfs - ok
11:39:47.0147 0x0f74  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:39:47.0187 0x0f74  Null - ok
11:39:47.0226 0x0f74  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
11:39:47.0270 0x0f74  NVENETFD - ok
11:39:47.0678 0x0f74  [ BF62C1ED8591E5BD6361E9BD23E252CA, 378F4CDEC19F10BF4A10817DBD7D75833A396F11849A1A675B480628E2CD36AA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:39:48.0092 0x0f74  nvlddmkm - ok
11:39:48.0172 0x0f74  [ 0219B05730635FCAB3A9925D3374C464, FD5ED0FAFA1DB8229B3963C29D7AC98684C5F75772AAE05A79D4452237CF7C1D ] NVNET           C:\Windows\system32\DRIVERS\nvmf6232.sys
11:39:48.0196 0x0f74  NVNET - ok
11:39:48.0222 0x0f74  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:39:48.0234 0x0f74  nvraid - ok
11:39:48.0249 0x0f74  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:39:48.0267 0x0f74  nvstor - ok
11:39:48.0322 0x0f74  [ ABB859A74C9C2CB016830CDE069169C0, E6AF66DAB6C9EE12A185DC00AC1A48BA697410DE09766BFD3D04FE5D239A8D9D ] NVSvc           C:\Windows\system32\nvvsvc.exe
11:39:48.0351 0x0f74  NVSvc - ok
11:39:48.0450 0x0f74  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:39:48.0507 0x0f74  nvUpdatusService - ok
11:39:48.0541 0x0f74  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:39:48.0553 0x0f74  nv_agp - ok
11:39:48.0575 0x0f74  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:39:48.0601 0x0f74  ohci1394 - ok
11:39:48.0674 0x0f74  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:39:48.0691 0x0f74  ose - ok
11:39:48.0904 0x0f74  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:39:49.0087 0x0f74  osppsvc - ok
11:39:49.0130 0x0f74  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:39:49.0170 0x0f74  p2pimsvc - ok
11:39:49.0210 0x0f74  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:39:49.0238 0x0f74  p2psvc - ok
11:39:49.0266 0x0f74  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:39:49.0279 0x0f74  Parport - ok
11:39:49.0306 0x0f74  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:39:49.0317 0x0f74  partmgr - ok
11:39:49.0328 0x0f74  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:39:49.0353 0x0f74  Parvdm - ok
11:39:49.0379 0x0f74  [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:39:49.0429 0x0f74  PcaSvc - ok
11:39:49.0459 0x0f74  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:39:49.0478 0x0f74  pci - ok
11:39:49.0502 0x0f74  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:39:49.0512 0x0f74  pciide - ok
11:39:49.0537 0x0f74  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:39:49.0555 0x0f74  pcmcia - ok
11:39:49.0567 0x0f74  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:39:49.0578 0x0f74  pcw - ok
11:39:49.0624 0x0f74  [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:39:49.0675 0x0f74  PEAUTH - ok
11:39:49.0737 0x0f74  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:39:49.0794 0x0f74  PeerDistSvc - ok
11:39:49.0872 0x0f74  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
11:39:49.0952 0x0f74  pla - ok
11:39:49.0984 0x0f74  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:39:50.0027 0x0f74  PlugPlay - ok
11:39:50.0062 0x0f74  [ 3C30665CC5A60713B0C75F102E14AC6B, B30892BA85401CEDBC6FC2D58B7DE9B54DA9EA08A0339B19906D4278AFEB707A ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:39:50.0068 0x0f74  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:39:50.0158 0x0f74  Detect skipped due to KSN trusted
11:39:50.0158 0x0f74  Pml Driver HPZ12 - ok
11:39:50.0179 0x0f74  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:39:50.0222 0x0f74  PNRPAutoReg - ok
11:39:50.0247 0x0f74  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:39:50.0264 0x0f74  PNRPsvc - ok
11:39:50.0305 0x0f74  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:39:50.0345 0x0f74  PolicyAgent - ok
11:39:50.0373 0x0f74  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:39:50.0409 0x0f74  Power - ok
11:39:50.0448 0x0f74  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:39:50.0483 0x0f74  PptpMiniport - ok
11:39:50.0506 0x0f74  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:39:50.0531 0x0f74  Processor - ok
11:39:50.0566 0x0f74  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:39:50.0596 0x0f74  ProfSvc - ok
11:39:50.0617 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:39:50.0635 0x0f74  ProtectedStorage - ok
11:39:50.0661 0x0f74  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:39:50.0685 0x0f74  Psched - ok
11:39:50.0731 0x0f74  [ 3A6489DCB6F28970B6BBD9687777FA00, 23F8C7B8A4B95925AA53D7F0AA4C349EA38CBEDF31AC9EAC17189CBBEAEF7B5C ] pwdrvio         C:\Windows\system32\pwdrvio.sys
11:39:50.0742 0x0f74  pwdrvio - ok
11:39:50.0801 0x0f74  [ 9D00D015159B6ADF0980BAEEB5DCC5E4, C944564FD992084E86DD581B73E8DFDA54DBDA8A4396F6675BDA771ED50AF6C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
11:39:50.0811 0x0f74  pwdspio - ok
11:39:50.0879 0x0f74  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:39:50.0938 0x0f74  ql2300 - ok
11:39:50.0967 0x0f74  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:39:50.0979 0x0f74  ql40xx - ok
11:39:51.0011 0x0f74  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:39:51.0040 0x0f74  QWAVE - ok
11:39:51.0064 0x0f74  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:39:51.0089 0x0f74  QWAVEdrv - ok
11:39:51.0152 0x0f74  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
11:39:51.0165 0x0f74  RapiMgr - ok
11:39:51.0177 0x0f74  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:39:51.0210 0x0f74  RasAcd - ok
11:39:51.0243 0x0f74  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:39:51.0265 0x0f74  RasAgileVpn - ok
11:39:51.0293 0x0f74  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:39:51.0319 0x0f74  RasAuto - ok
11:39:51.0336 0x0f74  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:39:51.0360 0x0f74  Rasl2tp - ok
11:39:51.0393 0x0f74  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:39:51.0431 0x0f74  RasMan - ok
11:39:51.0456 0x0f74  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:39:51.0497 0x0f74  RasPppoe - ok
11:39:51.0525 0x0f74  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:39:51.0548 0x0f74  RasSstp - ok
11:39:51.0580 0x0f74  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:39:51.0629 0x0f74  rdbss - ok
11:39:51.0653 0x0f74  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:39:51.0681 0x0f74  rdpbus - ok
11:39:51.0702 0x0f74  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:39:51.0723 0x0f74  RDPCDD - ok
11:39:51.0754 0x0f74  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:39:51.0768 0x0f74  RDPDR - ok
11:39:51.0804 0x0f74  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:39:51.0824 0x0f74  RDPENCDD - ok
11:39:51.0837 0x0f74  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:39:51.0875 0x0f74  RDPREFMP - ok
11:39:51.0956 0x0f74  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:39:51.0978 0x0f74  RdpVideoMiniport - ok
11:39:52.0017 0x0f74  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:39:52.0036 0x0f74  RDPWD - ok
11:39:52.0080 0x0f74  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:39:52.0099 0x0f74  rdyboost - ok
11:39:52.0153 0x0f74  [ E1A6731867765FBC01B37150AEFC00F3, 4ADB0FE791ACF0BBCF314FB73AE6025D70BAFB8DF925B4A4CFB3B50EA191C94E ] Realtek11nCU    C:\Program Files\EDUP\11n USB Wireless LAN Utility\RtlService.exe
11:39:52.0185 0x0f74  Realtek11nCU - detected UnsignedFile.Multi.Generic ( 1 )
11:39:52.0277 0x0f74  Detect skipped due to KSN trusted
11:39:52.0277 0x0f74  Realtek11nCU - ok
11:39:52.0303 0x0f74  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:39:52.0342 0x0f74  RemoteAccess - ok
11:39:52.0369 0x0f74  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:39:52.0411 0x0f74  RemoteRegistry - ok
11:39:52.0444 0x0f74  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:39:52.0481 0x0f74  RpcEptMapper - ok
11:39:52.0507 0x0f74  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:39:52.0530 0x0f74  RpcLocator - ok
11:39:52.0567 0x0f74  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
11:39:52.0586 0x0f74  RpcSs - ok
11:39:52.0621 0x0f74  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:39:52.0663 0x0f74  rspndr - ok
11:39:52.0754 0x0f74  [ 247B0A8164069CD4FE6F3094C581B13B, D1B91FBBFCF51B60E8515F12C611EE86DB6D016F445E91A74DD25F3E1BBD5ADA ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:39:52.0770 0x0f74  RSUSBSTOR - ok
11:39:52.0818 0x0f74  [ 325590E7E9587459643BA24D2CF73BF2, 92699FF111C597D6DF0AA4CE059F199E3E67CD15E43C102968E3285995FF0079 ] RTL8187         C:\Windows\system32\DRIVERS\rtl8187.sys
11:39:52.0852 0x0f74  RTL8187 - ok
11:39:52.0916 0x0f74  [ 2D4705361D73E83BD55FC7D9CACBF7BA, BD520397AC41669AE936CFDFDEF2BFB88349CFEF0A586B53A2A44B8492948838 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
11:39:52.0980 0x0f74  RTL8192cu - ok
11:39:53.0008 0x0f74  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:39:53.0031 0x0f74  s3cap - ok
11:39:53.0050 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] SamSs           C:\Windows\system32\lsass.exe
11:39:53.0068 0x0f74  SamSs - ok
11:39:53.0098 0x0f74  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:39:53.0110 0x0f74  sbp2port - ok
11:39:53.0143 0x0f74  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:39:53.0172 0x0f74  SCardSvr - ok
11:39:53.0215 0x0f74  [ 9FEB2026A460916D1A1198B460632630, 1DA85ECAE71949AF20C48BC6155246EDD00C48516F30270AD937871EBFC19EF1 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
11:39:53.0229 0x0f74  SCDEmu - detected UnsignedFile.Multi.Generic ( 1 )
11:39:53.0349 0x0f74  Detect skipped due to KSN trusted
11:39:53.0349 0x0f74  SCDEmu - ok
11:39:53.0370 0x0f74  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:39:53.0402 0x0f74  scfilter - ok
11:39:53.0471 0x0f74  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
11:39:53.0529 0x0f74  Schedule - ok
11:39:53.0561 0x0f74  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:39:53.0583 0x0f74  SCPolicySvc - ok
11:39:53.0611 0x0f74  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:39:53.0645 0x0f74  SDRSVC - ok
11:39:53.0683 0x0f74  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:39:53.0711 0x0f74  secdrv - ok
11:39:53.0734 0x0f74  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
11:39:53.0759 0x0f74  seclogon - ok
11:39:53.0789 0x0f74  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:39:53.0814 0x0f74  SENS - ok
11:39:53.0823 0x0f74  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:39:53.0848 0x0f74  SensrSvc - ok
11:39:53.0864 0x0f74  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:39:53.0891 0x0f74  Serenum - ok
11:39:53.0920 0x0f74  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:39:53.0947 0x0f74  Serial - ok
11:39:53.0967 0x0f74  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:39:53.0978 0x0f74  sermouse - ok
11:39:54.0015 0x0f74  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:39:54.0052 0x0f74  SessionEnv - ok
11:39:54.0086 0x0f74  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:39:54.0106 0x0f74  sffdisk - ok
11:39:54.0112 0x0f74  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:39:54.0122 0x0f74  sffp_mmc - ok
11:39:54.0128 0x0f74  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:39:54.0143 0x0f74  sffp_sd - ok
11:39:54.0173 0x0f74  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:39:54.0184 0x0f74  sfloppy - ok
11:39:54.0218 0x0f74  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:39:54.0259 0x0f74  SharedAccess - ok
11:39:54.0282 0x0f74  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:39:54.0320 0x0f74  ShellHWDetection - ok
11:39:54.0337 0x0f74  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:39:54.0349 0x0f74  sisagp - ok
11:39:54.0386 0x0f74  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:39:54.0397 0x0f74  SiSRaid2 - ok
11:39:54.0411 0x0f74  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:39:54.0423 0x0f74  SiSRaid4 - ok
11:39:54.0445 0x0f74  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:39:54.0470 0x0f74  Smb - ok
11:39:54.0522 0x0f74  [ 26DAFCCC1A82BB553CE551C77B5A3187, D2308DA511278E66122714AEE7C788B540CB8B2D04926B8ACA727D64961EDCBF ] SMIGrabber3C    C:\Windows\system32\Drivers\SmiUsbGrabber3C.sys
11:39:54.0576 0x0f74  SMIGrabber3C - detected UnsignedFile.Multi.Generic ( 1 )
11:39:54.0746 0x0f74  SMIGrabber3C ( UnsignedFile.Multi.Generic ) - warning
11:39:54.0903 0x0f74  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:39:54.0929 0x0f74  SNMPTRAP - ok
11:39:54.0969 0x0f74  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:39:54.0980 0x0f74  spldr - ok
11:39:55.0013 0x0f74  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:39:55.0050 0x0f74  Spooler - ok
11:39:55.0185 0x0f74  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:39:55.0321 0x0f74  sppsvc - ok
11:39:55.0355 0x0f74  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:39:55.0389 0x0f74  sppuinotify - ok
11:39:55.0432 0x0f74  [ F007019235738AC55D78466D8A9A1F9C, 51480A6AA28FEB02A77CA8CF0C889C60EF40E5D73F1F0E0D167369C46C97BFBD ] SPR3322K        C:\Windows\system32\DRIVERS\SPR3322K.sys
11:39:55.0477 0x0f74  SPR3322K - ok
11:39:55.0507 0x0f74  [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:39:55.0567 0x0f74  srv - ok
11:39:55.0592 0x0f74  [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:39:55.0654 0x0f74  srv2 - ok
11:39:55.0706 0x0f74  [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:39:55.0736 0x0f74  srvnet - ok
11:39:55.0764 0x0f74  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:39:55.0810 0x0f74  SSDPSRV - ok
11:39:55.0840 0x0f74  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:39:55.0865 0x0f74  SstpSvc - ok
11:39:55.0892 0x0f74  [ 68C00EE8C35E4EA63DCA5CA7D572E25E, F71165BEDCB7518B7AC16B31588F0A969A22F0694F6EB1CD919776DCB8CBDE3B ] STCFUx32        C:\Windows\system32\DRIVERS\STCFUx32.SYS
11:39:55.0917 0x0f74  STCFUx32 - ok
11:39:55.0945 0x0f74  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:39:55.0956 0x0f74  stexstor - ok
11:39:55.0977 0x0f74  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
11:39:56.0015 0x0f74  StillCam - ok
11:39:56.0056 0x0f74  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:39:56.0097 0x0f74  StiSvc - ok
11:39:56.0112 0x0f74  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:39:56.0123 0x0f74  storflt - ok
11:39:56.0151 0x0f74  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:39:56.0162 0x0f74  storvsc - ok
11:39:56.0180 0x0f74  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:39:56.0191 0x0f74  swenum - ok
11:39:56.0227 0x0f74  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:39:56.0283 0x0f74  swprv - ok
11:39:56.0328 0x0f74  Synth3dVsc - ok
11:39:56.0384 0x0f74  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
11:39:56.0454 0x0f74  SysMain - ok
11:39:56.0482 0x0f74  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:39:56.0515 0x0f74  TabletInputService - ok
11:39:56.0552 0x0f74  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:39:56.0590 0x0f74  TapiSrv - ok
11:39:56.0661 0x0f74  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:39:56.0720 0x0f74  Tcpip - ok
11:39:56.0785 0x0f74  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:39:56.0840 0x0f74  TCPIP6 - ok
11:39:56.0880 0x0f74  [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:39:56.0904 0x0f74  tcpipreg - ok
11:39:56.0930 0x0f74  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:39:56.0968 0x0f74  TDPIPE - ok
11:39:56.0995 0x0f74  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:39:57.0006 0x0f74  TDTCP - ok
11:39:57.0035 0x0f74  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:39:57.0059 0x0f74  tdx - ok
11:39:57.0079 0x0f74  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:39:57.0092 0x0f74  TermDD - ok
11:39:57.0137 0x0f74  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
11:39:57.0178 0x0f74  TermService - ok
11:39:57.0207 0x0f74  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:39:57.0223 0x0f74  Themes - ok
11:39:57.0239 0x0f74  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:39:57.0265 0x0f74  THREADORDER - ok
11:39:57.0288 0x0f74  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:39:57.0328 0x0f74  TrkWks - ok
11:39:57.0367 0x0f74  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:39:57.0398 0x0f74  TrustedInstaller - ok
11:39:57.0429 0x0f74  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:39:57.0455 0x0f74  tssecsrv - ok
11:39:57.0499 0x0f74  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:39:57.0542 0x0f74  TsUsbFlt - ok
11:39:57.0550 0x0f74  tsusbhub - ok
11:39:57.0596 0x0f74  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:39:57.0641 0x0f74  tunnel - ok
11:39:57.0671 0x0f74  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:39:57.0686 0x0f74  uagp35 - ok
11:39:57.0706 0x0f74  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:39:57.0747 0x0f74  udfs - ok
11:39:57.0777 0x0f74  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:39:57.0802 0x0f74  UI0Detect - ok
11:39:57.0836 0x0f74  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:39:57.0848 0x0f74  uliagpkx - ok
11:39:57.0886 0x0f74  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:39:57.0908 0x0f74  umbus - ok
11:39:57.0929 0x0f74  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:39:57.0955 0x0f74  UmPass - ok
11:39:57.0985 0x0f74  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:39:58.0013 0x0f74  UmRdpService - ok
11:39:58.0048 0x0f74  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:39:58.0105 0x0f74  upnphost - ok
11:39:58.0136 0x0f74  [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
11:39:58.0148 0x0f74  usbccgp - ok
11:39:58.0179 0x0f74  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:39:58.0200 0x0f74  usbcir - ok
11:39:58.0234 0x0f74  [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:39:58.0258 0x0f74  usbehci - ok
11:39:58.0296 0x0f74  [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:39:58.0338 0x0f74  usbhub - ok
11:39:58.0360 0x0f74  [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:39:58.0383 0x0f74  usbohci - ok
11:39:58.0417 0x0f74  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:39:58.0442 0x0f74  usbprint - ok
11:39:58.0487 0x0f74  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:39:58.0532 0x0f74  usbscan - ok
11:39:58.0559 0x0f74  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:39:58.0588 0x0f74  USBSTOR - ok
11:39:58.0613 0x0f74  [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:39:58.0624 0x0f74  usbuhci - ok
11:39:58.0649 0x0f74  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:39:58.0674 0x0f74  UxSms - ok
11:39:58.0714 0x0f74  [ 407DC2EA05352E8DB34B11D4902478D8, 387EBABAA3F46CD70A282CBB8C0251C68D5F8562A750D898C73A542DAD221409 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
11:39:58.0725 0x0f74  UxTuneUp - ok
11:39:58.0733 0x0f74  [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] VaultSvc        C:\Windows\system32\lsass.exe
11:39:58.0752 0x0f74  VaultSvc - ok
11:39:58.0787 0x0f74  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:39:58.0798 0x0f74  vdrvroot - ok
11:39:58.0835 0x0f74  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:39:58.0897 0x0f74  vds - ok
11:39:58.0934 0x0f74  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:39:58.0958 0x0f74  vga - ok
11:39:58.0979 0x0f74  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:39:59.0003 0x0f74  VgaSave - ok
11:39:59.0021 0x0f74  VGPU - ok
11:39:59.0049 0x0f74  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:39:59.0068 0x0f74  vhdmp - ok
11:39:59.0097 0x0f74  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:39:59.0108 0x0f74  viaagp - ok
11:39:59.0134 0x0f74  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:39:59.0163 0x0f74  ViaC7 - ok
11:39:59.0252 0x0f74  [ B88832639F4728F8185771214348D236, DF0D0A2EEE4C551A53414C30FF4CAB5C772A117AFB011EC2D3167BA96780FB9C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:39:59.0353 0x0f74  VIAHdAudAddService - ok
11:39:59.0382 0x0f74  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:39:59.0394 0x0f74  viaide - ok
11:39:59.0422 0x0f74  [ C75B7515F49B8C01F7B2B147B13D3811, 076983638FE289D843FD1F5771389D03352D2F95CAB83B33F0C7CF4E77EB570A ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:39:59.0432 0x0f74  VIAKaraokeService - ok
11:39:59.0467 0x0f74  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:39:59.0485 0x0f74  vmbus - ok
11:39:59.0499 0x0f74  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:39:59.0517 0x0f74  VMBusHID - ok
11:39:59.0524 0x0f74  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:39:59.0536 0x0f74  volmgr - ok
11:39:59.0564 0x0f74  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:39:59.0592 0x0f74  volmgrx - ok
11:39:59.0606 0x0f74  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:39:59.0623 0x0f74  volsnap - ok
11:39:59.0659 0x0f74  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:39:59.0677 0x0f74  vsmraid - ok
11:39:59.0727 0x0f74  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:39:59.0802 0x0f74  VSS - ok
11:39:59.0826 0x0f74  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:39:59.0850 0x0f74  vwifibus - ok
11:39:59.0888 0x0f74  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:39:59.0908 0x0f74  vwififlt - ok
11:39:59.0952 0x0f74  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:39:59.0983 0x0f74  vwifimp - ok
11:40:00.0015 0x0f74  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:40:00.0071 0x0f74  W32Time - ok
11:40:00.0091 0x0f74  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:40:00.0114 0x0f74  WacomPen - ok
11:40:00.0155 0x0f74  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:40:00.0179 0x0f74  WANARP - ok
11:40:00.0183 0x0f74  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:40:00.0205 0x0f74  Wanarpv6 - ok
11:40:00.0258 0x0f74  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:40:00.0330 0x0f74  wbengine - ok
11:40:00.0368 0x0f74  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:40:00.0389 0x0f74  WbioSrvc - ok
11:40:00.0431 0x0f74  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
11:40:00.0459 0x0f74  WcesComm - ok
11:40:00.0495 0x0f74  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:40:00.0535 0x0f74  wcncsvc - ok
11:40:00.0568 0x0f74  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:40:00.0582 0x0f74  WcsPlugInService - ok
11:40:00.0610 0x0f74  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:40:00.0621 0x0f74  Wd - ok
11:40:00.0661 0x0f74  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:40:00.0692 0x0f74  Wdf01000 - ok
11:40:00.0723 0x0f74  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:40:00.0752 0x0f74  WdiServiceHost - ok
11:40:00.0757 0x0f74  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:40:00.0770 0x0f74  WdiSystemHost - ok
11:40:00.0818 0x0f74  [ 6976DF1DA8E17C1E85EFC991C46983BB, E1FA595AAF37FDBE5CE3FCF5CD5F2A26A87C6181705721E53EBCCEB8534A178C ] wdm_usb         C:\Windows\system32\DRIVERS\usb2ser.sys
11:40:00.0848 0x0f74  wdm_usb - ok
11:40:00.0879 0x0f74  [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient       C:\Windows\System32\webclnt.dll
11:40:00.0912 0x0f74  WebClient - ok
11:40:00.0939 0x0f74  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:40:00.0980 0x0f74  Wecsvc - ok
11:40:01.0000 0x0f74  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:40:01.0039 0x0f74  wercplsupport - ok
11:40:01.0071 0x0f74  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:40:01.0110 0x0f74  WerSvc - ok
11:40:01.0156 0x0f74  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:40:01.0189 0x0f74  WfpLwf - ok
11:40:01.0206 0x0f74  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:40:01.0217 0x0f74  WIMMount - ok
11:40:01.0282 0x0f74  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:40:01.0321 0x0f74  WinDefend - ok
11:40:01.0346 0x0f74  WinHttpAutoProxySvc - ok
11:40:01.0400 0x0f74  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:40:01.0431 0x0f74  Winmgmt - ok
11:40:01.0498 0x0f74  [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:40:01.0569 0x0f74  WinRM - ok
11:40:01.0607 0x0f74  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:40:01.0621 0x0f74  WinUsb - ok
11:40:01.0665 0x0f74  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:40:01.0727 0x0f74  Wlansvc - ok
11:40:01.0846 0x0f74  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:40:01.0893 0x0f74  wlidsvc - ok
11:40:01.0926 0x0f74  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:40:01.0937 0x0f74  WmiAcpi - ok
11:40:01.0964 0x0f74  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:40:01.0996 0x0f74  wmiApSrv - ok
11:40:02.0077 0x0f74  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:40:02.0146 0x0f74  WMPNetworkSvc - ok
11:40:02.0174 0x0f74  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:40:02.0197 0x0f74  WPCSvc - ok
11:40:02.0233 0x0f74  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:40:02.0264 0x0f74  WPDBusEnum - ok
11:40:02.0296 0x0f74  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:40:02.0320 0x0f74  ws2ifsl - ok
11:40:02.0347 0x0f74  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:40:02.0376 0x0f74  wscsvc - ok
11:40:02.0381 0x0f74  WSearch - ok
11:40:02.0473 0x0f74  [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:40:02.0578 0x0f74  wuauserv - ok
11:40:02.0620 0x0f74  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:40:02.0632 0x0f74  WudfPf - ok
11:40:02.0664 0x0f74  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:40:02.0698 0x0f74  WUDFRd - ok
11:40:02.0733 0x0f74  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:40:02.0762 0x0f74  wudfsvc - ok
11:40:02.0803 0x0f74  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:40:02.0846 0x0f74  WwanSvc - ok
11:40:02.0881 0x0f74  ================ Scan global ===============================
11:40:02.0906 0x0f74  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
11:40:02.0934 0x0f74  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
11:40:02.0958 0x0f74  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
11:40:02.0986 0x0f74  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:40:03.0021 0x0f74  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
11:40:03.0037 0x0f74  [ Global ] - ok
11:40:03.0038 0x0f74  ================ Scan MBR ==================================
11:40:03.0050 0x0f74  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:40:03.0291 0x0f74  \Device\Harddisk0\DR0 - ok
11:40:03.0292 0x0f74  ================ Scan VBR ==================================
11:40:03.0304 0x0f74  [ 59B9FD85C4FB965053D0AFBA90769498 ] \Device\Harddisk0\DR0\Partition1
11:40:03.0305 0x0f74  \Device\Harddisk0\DR0\Partition1 - ok
11:40:03.0316 0x0f74  [ F1F2A87BC9D194C0FBD9D56882C8BFD1 ] \Device\Harddisk0\DR0\Partition2
11:40:03.0318 0x0f74  \Device\Harddisk0\DR0\Partition2 - ok
11:40:03.0319 0x0f74  ================ Scan generic autorun ======================
11:40:03.0357 0x0f74  [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdcBase.exe
11:40:03.0379 0x0f74  Windows Mobile-based device management - ok
11:40:03.0454 0x0f74  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:40:03.0530 0x0f74  Sidebar - ok
11:40:03.0558 0x0f74  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:40:03.0575 0x0f74  mctadmin - ok
11:40:03.0630 0x0f74  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:40:03.0665 0x0f74  Sidebar - ok
11:40:03.0678 0x0f74  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:40:03.0695 0x0f74  mctadmin - ok
11:40:03.0969 0x0f74  [ 1A709A8B23B584115F2CCEEDAD64DE97, A8732AC52EAD0FCE81DECFE72BABB9C114C796127B55F592A3F420F3BB840445 ] C:\Program Files\CCleaner\CCleaner.exe
11:40:04.0135 0x0f74  CCleaner Monitoring - ok
11:40:04.0209 0x0f74  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
11:40:04.0253 0x0f74  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
11:40:04.0348 0x0f74  Detect skipped due to KSN trusted
11:40:04.0348 0x0f74  SpybotPostWindows10UpgradeReInstall - ok
11:40:04.0405 0x0f74  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:40:04.0440 0x0f74  Sidebar - ok
11:40:04.0467 0x0f74  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:40:04.0482 0x0f74  mctadmin - ok
11:40:04.0483 0x0f74  Waiting for KSN requests completion. In queue: 88
11:40:05.0700 0x0f74  Win FW state via NFP2: enabled ( trusted )
11:40:05.0794 0x0f74  ============================================================
11:40:05.0794 0x0f74  Scan finished
11:40:05.0794 0x0f74  ============================================================
11:40:05.0805 0x0418  Detected object count: 1
11:40:05.0805 0x0418  Actual detected object count: 1
11:40:59.0084 0x0418  SMIGrabber3C ( UnsignedFile.Multi.Generic ) - skipped by user
11:40:59.0084 0x0418  SMIGrabber3C ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 03.02.2017, 14:50   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.02.2017, 15:34   #14
Schkudi
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 03/02/2017 um 12:36:50
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X86)
# Benutzername : Odel - ELLENFALCO
# Gestartet von : C:\Users\Odel\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Odel\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\ProgramData\Ask
[-] Ordner gelöscht: C:\ProgramData\DriverBoost
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Ask
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\DriverBoost
[-] Ordner gelöscht: C:\Windows\system32\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

[-] Datei gelöscht: C:\appverifier.txt


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\AppDataLow\Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\AppDataLow\Software\MyAshampoo\toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\DriverTuner
[-] Schlüssel gelöscht: HKLM\SOFTWARE\DriverTuner_Init
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MyAshampoo\toolbar
[-] Wert gelöscht: HKU\S-1-5-21-155715800-1695505520-3910625203-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Browser ] *****

[-] [C:\Users\Odel\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3011 Bytes] - [03/02/2017 12:36:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [3063 Bytes] - [03/02/2017 12:35:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3157 Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Ultimate x86 
Ran by Odel (Administrator) on 03.02.2017 at 12:51:20,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 29 

Successfully deleted: C:\ProgramData\1356025611.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1392730094.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1392730360.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1402759582.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1402759584.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1434554833.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\drivergenius (Folder) 
Successfully deleted: C:\Users\Odel\Appdata\LocalLow\myashampoo (Folder) 
Successfully deleted: C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\extensions\staged (Folder) 
Successfully deleted: C:\Users\Odel\AppData\Roaming\Mozilla\Firefox\Profiles\gpxg2lel.default-1383325096658\user.js (File) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I0EHXLX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2FCK9C23 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3T9UH5HK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTC1NRDR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D84EQL9C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW02QVG9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OA0D2DEQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WKWOLF8X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Odel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZX2VHLEC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I0EHXLX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2FCK9C23 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3T9UH5HK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTC1NRDR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D84EQL9C (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW02QVG9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OA0D2DEQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WKWOLF8X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZX2VHLEC (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2017 at 12:53:00,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ich hab beim adwCleaner vergessen die Chrome Richtlinien mit anzuklicken,
hab ihn nochmal durchlaufen lassen mit den Chrome Richtlinien aber er hat keinen Fund angezeigt.
Geändert von Schkudi (03.02.2017 um 15:46 Uhr)

Alt 04.02.2017, 17:25   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Standard

Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 1 von 3 1 23

Themen zu Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira
ahnung, antivir, ausgelastet, beheben, eingefangen, einträge, euren, fahren, gefangen, gucken, hoffe, konnte, liebe, lieben, meldung, programm, rum, schonmal, server, spinn, spinnt, spybot, super, säubern, tagen, verstellt


« Verschlüsselungsplagegeist: Tipps zum Vorgehen gesucht | jquery-migrate-min-g4[1].js kann damit jemand etwas anfangen »


Ähnliche Themen: Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira


  1. Server ist ausgelastet
    Log-Analyse und Auswertung - 11.06.2014 (19)
  2. Fehlermeldung: Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (15)
  3. "Server ist ausgelastet" - "Dieser Vorgang kann nicht ausgeführt werden,da die andere Anwendung aktiv ist.
    Log-Analyse und Auswertung - 29.11.2013 (23)
  4. Server ist ausgelastet?
    Plagegeister aller Art und deren Bekämpfung - 12.11.2013 (13)
  5. Server ist ausgelastet - Wechseln zu
    Log-Analyse und Auswertung - 10.11.2013 (15)
  6. Meldung bei Start: Der Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (23)
  7. Fehlermeldung nach Start: Der Server ist ausgelastet!
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (19)
  8. Server ist ausgelastet und meine Netzwerke funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 02.08.2013 (16)
  9. "Server ist ausgelastet" - "Dieser Vorgang kann nicht ausgeführt werden,da die andere Anwendung aktiv ist.
    Diskussionsforum - 30.07.2013 (7)
  10. Fehlermeldung - Server ist ausgelastet
    Log-Analyse und Auswertung - 08.07.2013 (42)
  11. server ist ausgelastet. virus?
    Plagegeister aller Art und deren Bekämpfung - 07.07.2013 (16)
  12. No Ip Meldung Server ist ausgelastet
    Überwachung, Datenschutz und Spam - 23.05.2013 (3)
  13. Was tun mit W3i.IQ5.fraud? Spybot kann dieses Problem nicht lösen, Antivira findet es erst gar nicht!
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (2)
  14. Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (70)
  15. Spybot findet mehr als 30 Einträge :(
    Log-Analyse und Auswertung - 17.05.2009 (2)
  16. CPU 100% ausgelastet bei Spybot oder Virenscan
    Log-Analyse und Auswertung - 07.02.2006 (2)
  17. Spybot findet dauerdn gleiche Einträge
    Antiviren-, Firewall- und andere Schutzprogramme - 27.10.2005 (25)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira - Hallo Ihr Lieben, Ihr konntet mir schonmal super helfen und ich hoffe dieses Mal auch. Seit einigen Tagen spinnt mein Pc rum die Uhr ist ständig verstellt, beim hoch fahren - Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira...
Archiv
Du betrachtest: Spybot konnte Einträge nicht säubern / Server ausgelastet Antivira auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131