Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Unbekannter Schädling

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.08.2013, 22:32   #1
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hallo!
Ich habe seit einiger Zeit ein Problem mit meiner Windows Firewall.
Wenn ich versuche Windows-Firewall mit erweiterter Sicherheit zu starten, bekomme ich
eine Meldung die mir sagt, dass "Beim Öffnen des Snap-Ins -Windows-Firewall mit erweiterter Sicherheit- ein Fehler aufgetreten ist."

Fehlercode: 0x6D9

Kann also NICHTS an meiner Firewall ändern. Weder ein noch aus schalten oder Regeln setzen.

Außerdem kann ich oft Internetnutzung feststellen, obwohl ich nur meinen PC an habe ohne irgendwelche Programme die Internet benötigen.

Ein weiteres Problem ist Windows Updates.
Wenn ich ein Update installieren möchte, schlägt es meistens fehl, vorallem wenn es sich um Security handelt.

Sehr verdächtig.

--------------------------

Windows 7 SP1
12 GB Ram
Intel Core I5 CPU 750 @ 2.67
GTX 660 Graka

Wenn mehr Daten benötigt werden bitte sagen.
Ich hab mich bis jetzt nicht getraut großartig was zu Scannen oder zu löschen.

Bitte dringend um Hilfe!
Grüße und Danke im Vorraus.

Alt 07.08.2013, 22:36   #2
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hi, gleich wird eine Anweisung für FRST folgen, bitte beachte folgene Zusatzaufgabe für die Additions.txt

Empfehlungen fürs Deinstallieren
Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte
hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.08.2013, 22:56   #3
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Danke für die schnelle Antwort.
Ich markiere grade alle installierten Programme in der additions.txt.
Habe einen Haufen Games auf meinem Rechner. Bin mir da nicht sicher ob ich für die unnötig oder nötig dranschreiben soll

Hier aber schonmal meine FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 06
Ran by Max (administrator) on 07-08-2013 23:52:23
Running from C:\Users\Max\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
() C:\Users\Max\Local Settings\Apps\F.lux\flux.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKCU\...\Run: [fsm] -  [x]
HKCU\...\Run: [RDReminder] -  [x]
HKCU\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe [338296 2011-10-20] (Uniblue Systems Limited)
HKCU\...\Run: [mapdisk] - C:\Users\Max\Documents\ArmAWork\mapdisk.bat [46 2013-01-14] ()
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKCU\...\Run: [QtraxNotification] - C:\Users\Max\Qtrax\Player\Notification.exe [116008 2013-08-06] ()
HKCU\...\Run: [F.lux] - C:\Users\Max\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
MountPoints2: G - G:\autorun.exe
MountPoints2: I - I:\Password.exe
MountPoints2: {8d7a7f10-990f-11e1-b964-4061867d9184} - K:\pushinst.exe
MountPoints2: {a951fa5b-f14e-11e2-b8aa-4061867d9184} - I:\autorun.exe
MountPoints2: {ea0aa7b3-dd4a-11e0-a4e0-4061867d9184} - I:\setup.exe
MountPoints2: {ff8cbcda-96bb-11e2-9829-4061867d9184} - G:\autorun.exe
MountPoints2: {ff8cbcde-96bb-11e2-9829-4061867d9184} - H:\autorun.exe
HKLM-x32\...\Run: [TaskTray] -  [x]
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\UpdatusUser\...\Run: [fsm] -  [x]
HKU\UpdatusUser\...\Run: [RDReminder] -  [x]
HKU\UpdatusUser\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe [338296 2011-10-20] (Uniblue Systems Limited)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.privitize.com/?aff=7&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.privitize.com/?aff=7&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18826
SearchScopes: HKCU - {55861E1C-A576-45C7-B1A5-8E2C14D40F8F} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} -  No File
BHO-x32: ICQ Sparberater - {5A0D6E4B-B0DF-4148-8B1E-F7A430FF5E24} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -  No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTo0.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: LyricsContainer - {DA3D98A6-868D-4E1B-BB78-0887230DA405} - C:\Program Files (x86)\LyricsContainer\125.dll (RYD Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -  No File
Toolbar: HKLM-x32 - Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTo0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: [NameServer]192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\user.js
FF SelectedSearchEngine: uTorrentBar_DE Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2851647&ctid=CT2851647&SearchSource=2&CUI=UN00719041435812883&UM=false&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - D:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @coreonline.com/run3d,version=1.0 - C:\Users\Max\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Startpins.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Babylon - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ffxtlbr@babylon.com
FF Extension: Yahoo! Toolbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: DownloadHelper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: uTorrentBar_DE  - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF Extension: ciuvo-extension - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: plugin - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\plugin@yontoo.com.xpi
FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] C:\Program Files (x86)\LyricsContainer\125.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsContainer\125.xpi

Chrome: 
=======
CHR DefaultSearchURL: (Conduit) - hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2851647
CHR DefaultSuggestURL: (Conduit) - hxxp://search.conduit.com/
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Virtual Keyboard) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (uTorrentBar_DE) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.15.10_0
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM-x32\...\Chrome\Extension: [abfmigjiaapipflmopkaaooigcjjdojh] - C:\Program Files (x86)\LyricsContainer\125.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Max\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Max\AppData\Local\Temp\YontooLayers.crx
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Max\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-30] ()
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-02] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-08-02] ()
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]
S4 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-06-05] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-03-27] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fsRamDsk; C:\Windows\System32\DRIVERS\fsRamDsk.sys [53656 2007-04-01] ()
R0 FVXSCSI; C:\Windows\System32\DRIVERS\fvxscsi.sys [118360 2009-12-23] (FarStone Inc.)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-06-05] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-23] (Duplex Secure Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va007; \??\C:\Users\Max\AppData\Local\Temp\0079E18.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:18 - 2013-08-07 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 14:15 - 2013-08-07 14:16 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 03:16 - 2013-08-07 04:26 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 02:55 - 2013-08-07 03:14 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:53 - 2013-08-07 02:54 - 00018397 _____ C:\Windows\DirectX.log
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:57 - 2013-08-06 20:58 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:12 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:22 - 2013-08-06 18:35 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:21 - 2013-03-23 22:31 - 61788395 _____ (Introversion Software Ltd                                   ) C:\Users\Max\Desktop\defcon-win32-v1.6.exe
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 00:42 - 2013-08-06 01:02 - 259091339 _____ (Media Contact LLC                                           ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-05 22:15 - 2013-08-04 17:41 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:32 - 2013-08-04 01:37 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-07-31 16:01 - 2013-07-31 16:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 14:20 - 2013-07-26 19:43 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 14:20 - 2013-07-26 17:14 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 08:54 - 2013-07-25 09:17 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-23 14:21 - 2013-08-07 14:02 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:11 - 2013-08-07 14:03 - 00022864 _____ C:\Windows\PFRO.log
2013-07-20 13:04 - 2013-07-20 13:06 - 00000000 ____D C:\Users\Max\AppData\Roaming\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:04 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 12:07 - 2013-07-19 12:11 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-15 14:32 - 2013-07-15 14:32 - 00002383 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Users\Max\Qtrax
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Program Files (x86)\FLV Media Player
2013-07-15 14:31 - 2013-08-07 23:11 - 00000404 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-07-15 14:31 - 2013-07-15 14:31 - 00003048 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-07-11 23:46 - 2013-07-12 01:24 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-11 20:39 - 2013-07-19 16:33 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-11 16:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 16:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 16:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 16:06 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 20:57 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 20:57 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 20:57 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 20:57 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 20:56 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 20:55 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 20:55 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 15:51 - 2013-08-07 23:09 - 00001817 _____ C:\Windows\setupact.log
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
120

==================== One Month Modified Files and Folders =======

2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:18 - 2013-08-07 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 23:16 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 23:16 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 23:13 - 2011-05-21 13:35 - 01697213 _____ C:\Windows\WindowsUpdate.log
2013-08-07 23:11 - 2013-07-15 14:31 - 00000404 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-08-07 23:11 - 2012-12-02 21:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2013-08-07 23:11 - 2012-10-08 17:02 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 23:11 - 2012-06-26 21:24 - 00000000 ____D C:\Users\Max\AppData\Local\LogMeIn Hamachi
2013-08-07 23:11 - 2011-12-30 21:19 - 00000336 _____ C:\Windows\Tasks\DriverScanner.job
2013-08-07 23:09 - 2013-07-10 15:51 - 00001817 _____ C:\Windows\setupact.log
2013-08-07 23:09 - 2011-12-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-07 23:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-07 23:07 - 2012-10-08 17:02 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 23:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-07 23:01 - 2012-01-05 19:29 - 00000252 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-08-07 22:56 - 2012-03-29 18:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-07 22:56 - 2012-01-11 17:20 - 00000000 __SHD C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
2013-08-07 19:00 - 2011-12-30 20:26 - 00000262 _____ C:\Windows\Tasks\RMSchedule.job
2013-08-07 16:26 - 2012-12-02 21:29 - 00000000 ___RD C:\Users\Max\Dropbox
2013-08-07 14:16 - 2013-08-07 14:15 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 14:03 - 2013-07-20 17:11 - 00022864 _____ C:\Windows\PFRO.log
2013-08-07 14:02 - 2013-07-23 14:21 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-07 13:53 - 2012-11-02 13:08 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2013-08-07 10:51 - 2011-10-21 15:58 - 00000288 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
2013-08-07 04:26 - 2013-08-07 03:16 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 03:14 - 2013-08-07 02:55 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:54 - 2013-08-07 02:53 - 00018397 _____ C:\Windows\DirectX.log
2013-08-07 02:20 - 2012-02-08 22:34 - 00000000 ___RD C:\Users\Max\Desktop\Games
2013-08-06 21:57 - 2011-05-21 17:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:58 - 2013-08-06 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:44 - 2011-11-02 00:19 - 00000000 ____D C:\Users\Max\AppData\Local\Akamai
2013-08-06 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 20:12 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:12 - 2013-01-14 02:13 - 00000000 ____D C:\Users\Max\Documents\ArmAWork
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 20:10 - 2012-12-25 11:16 - 00000840 _____ C:\Windows\system32\config\afw_hm.conf
2013-08-06 20:10 - 2012-12-25 11:16 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:35 - 2013-08-06 18:22 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:22 - 2011-06-18 11:23 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-06 14:52 - 2012-04-28 09:30 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2 OA
2013-08-06 14:15 - 2009-07-14 19:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-06 14:15 - 2009-07-14 19:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-06 14:15 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 01:02 - 2013-08-06 00:42 - 259091339 _____ (Media Contact LLC                                           ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-04 17:41 - 2013-08-05 22:15 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:37 - 2013-08-04 01:32 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 15:00 - 2011-05-21 15:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2013-08-02 14:49 - 2013-06-30 13:33 - 00000000 ____D C:\Users\Max\Documents\ProjectReality
2013-08-02 14:34 - 2013-03-27 13:35 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-08-02 14:33 - 2013-03-27 13:35 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-02 14:17 - 2013-03-27 13:35 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-02 14:17 - 2011-08-14 15:15 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-02 14:14 - 2012-10-10 22:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\uTorrent
2013-08-02 14:11 - 2013-06-29 21:53 - 00001188 _____ C:\Users\Max\Desktop\Project Reality BF2.lnk
2013-08-01 23:28 - 2011-09-06 17:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Mumble
2013-07-31 16:05 - 2013-07-31 16:01 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 21:28 - 2013-06-16 18:00 - 00000000 ____D C:\Users\Max\Desktop\@JSRS
2013-07-27 09:31 - 2011-12-27 18:58 - 00000402 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-07-26 19:43 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 17:14 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 14:18 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2
2013-07-25 09:17 - 2013-07-25 08:54 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-25 03:06 - 2011-07-30 23:00 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-24 11:11 - 2012-06-25 18:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2013-07-23 16:38 - 2011-08-29 13:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:13 - 2011-05-21 14:31 - 00000000 ____D C:\Windows\Panther
2013-07-20 17:12 - 2009-07-14 06:45 - 04946728 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-20 17:10 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-20 14:29 - 2013-07-07 12:35 - 00000000 ____D C:\Users\Max\Desktop\Cube
2013-07-20 13:06 - 2013-07-20 13:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:01 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:03 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 16:33 - 2013-07-11 20:39 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-19 12:11 - 2013-07-19 12:07 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 23:41 - 2011-05-21 13:41 - 00000000 ____D C:\Users\Max
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-17 19:27 - 2012-10-27 13:21 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-07-17 19:17 - 2011-05-21 14:11 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-15 14:33 - 2012-10-10 22:57 - 00000000 ____D C:\Program Files (x86)\uTorrentBar_DE
2013-07-15 14:32 - 2013-07-15 14:32 - 00002383 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Users\Max\Qtrax
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Program Files (x86)\FLV Media Player
2013-07-15 14:31 - 2013-07-15 14:31 - 00003048 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-07-12 01:24 - 2013-07-11 23:46 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log

ZeroAccess:
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}\L\00000004.@
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}\L\201d3dde

ZeroAccess:
C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}

Files to move or delete:
====================
C:\Users\Max\jagex_cl_runescape_LIVE.dat
C:\Users\Max\random.dat
C:\Windows\Tasks\At1.job

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-02 01:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Hier noch die additions.txt
Ich hänge an keinem Programm, bin mir aber auch nicht sicher welche Essenziell sind.

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-07 23:53:23
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==========================================================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-07 23:53:23
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================
           unbekannt
           nötig
           unnötig
   
"Sudden Strike - Release 1.0" (x32)           unnötig
"Wings of Prey" (Unistall) (x32 Version: 1.0.3.2)           unnötig
µTorrent (x32 Version: 3.2.1.28086)            unnötig
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)           nötig
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Download Assistant (x32 Version: 1.0.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.3.300.257)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
Akamai NetSession Interface (HKCU)           unbekannt
Akamai NetSession Interface Service (x32)           unbekannt
Alan Wake (x32)           unnötig
Allied Intent Xtended 2.0 (x32 Version: 2.0)           unbekannt
Altitude (x32)           unnötig
Anno 1404 (x32 Version: 1.00.0000)           unnötig
ANNO 1404 (x32 Version: 1.03.0000)           unnötig
ANNO 2070 (x32 Version: 1.0.0.0)           unnötig
APB Reloaded (x32)           unnötig
Apple Application Support (x32 Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (x32 Version: 2.1.3.127)
applicationupdater (HKCU)           unbekannt
ARMA 2 (x32)           unnötig
ARMA 2: British Armed Forces - Data cache removal (x32)           unnötig
ARMA 2: British Armed Forces (x32)           unnötig
ARMA 2: Operation Arrowhead (x32)           unnötig
ARMA 2: Private Military Company - Data cache removal (x32)           unnötig
Arma 2: Private Military Company (x32)           unnötig
Arma 3 Alpha (x32)           unnötig
ArmA II Launcher (x32 Version: 1.4.1.0)           unnötig
Audacity 2.0 (x32)           unnötig
Bamboo Dock (x32 Version: 3.9)           unnötig
Bamboo Dock (x32 Version: 3.9.0)           unnötig
Battlefield 1942™ (x32 Version: 1.6.20.0)           unnötig
Battlefield 2 (x32)           unnötig
Battlefield 3™ (x32 Version: 1.4.0.0)           unnötig
Battlefield Play4Free (x32)           unnötig
Battlefield: Bad Company 2 (x32)           unnötig
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32)           unnötig
be Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)           unbekannt
BF2 Editor (x32 Version: 1.00.0000)           unnötig
Bing Bar (x32 Version: 7.1.391.0)           unnötig
BinMake Uninstall (x32)           unbekannt
BinPBO Personal Edition Uninstall (x32)           unbekannt
BI's Tools drive Uninstall (x32)           unbekannt
Camtasia Studio 7 (x32 Version: 7.0.1)
CCleaner (Version: 3.14)
Command & Conquer™ 3 Kane's Wrath (x32 Version: 1.0.0.0)           unnötig
Company of Heroes 2 (x32)           unnötig
Counter-Strike: Source (x32)           unnötig
Counter-Strike: Source Beta (x32)           unnötig
DAEMON Tools Ultra (x32 Version: 1.0.0.0068)           unnötig
DayZ Commander (x32 Version: 0.92.69)           unnötig
Dead Space™ 2 (x32 Version: 1.0.941.0)           unnötig
Defcon v1.6 (x32)           unnötig
Die Gilde Gold-Edition (x32 Version: 2.06)           unnötig
Die*Sims™*3 (x32 Version: 1.0.631)           unnötig
DivX-Setup (x32 Version: 2.6.1.22)
Dota 2 (x32)           unnötig
Driver Sweeper Version 3.0.0 (x32 Version: 3.0.0)           unbekannt
Driver Whiz (x32 Version: 8.0.1)           unbekannt
DriverEasy 3.11.2 (Version: 3.11.2.0)           unbekannt
Dropbox (HKCU Version: 2.0.22)           unnötig
Dxtory version 2.0.116 (x32 Version: 2.0.116)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
F.lux (HKCU)
Fallout 3 (HKCU Version: 1.00.0000)           unnötig
Fallout: New Vegas (x32)           unnötig
FileZilla Client 3.5.0 (x32 Version: 3.5.0)
FLV Media Player version 1.3 (x32 Version: 1.3)
Forgoten Hope 2 (2 of 2) (dummy) (x32)           unnötig
Fraps (remove only) (x32)           unnötig
Free YouTube Uploader version 3.3.25.1228 (x32)
FSM Editor Personal Edition Uninstall (x32)           unbekannt
gamelauncher-code4344-beta (HKCU)
GameRanger (HKCU)           unnötig
GameSpy Arcade (x32)           unnötig
GameSpy Comrade (x32 Version: 3.2.17.236)           unnötig
GameXN GO (HKCU)           unnötig
Garry's Mod (x32)           unnötig
GIMP 2.6.8           unnötig
Google Earth (x32 Version: 5.2.1.1588)           unnötig
Google Update Helper (x32 Version: 1.3.21.123)           unbekannt
Grand Theft Auto IV (x32)           unnötig
Grand Theft Auto: San Andreas (x32)           unnötig
Guild Wars 2 (x32)           unnötig
Heroes & Generals (x32 Version: 1.0.4.6)           unnötig
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (Version: 23.0.504.0)
HP Deskjet 3070 B611 series Hilfe (x32 Version: 140.0.2.2)
HP Photo Creations (x32 Version: 1.0.0.5192)
HP Update (x32 Version: 5.002.007.004)
ICQ Sparberater (x32 Version: 1.0.601)           unnötig
ICQ7.5 (x32 Version: 7.5)           unnötig
IL-2 Sturmovik: Cliffs of Dover (x32)           unnötig
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004)           unnötig!
iTunes (Version: 11.0.1.12)           unnötig
Java 7 Update 9 (x32 Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Java(TM) 6 Update 25 (x32 Version: 6.0.250)
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
L&H TTS3000 British English (x32)           unbekannt
L&H TTS3000 Deutsch (x32)           unbekannt
L&H TTS3000 Español (x32)           unbekannt
L&H TTS3000 Français (x32)           unbekannt
L&H TTS3000 Italiano (x32)           unbekannt
L&H TTS3000 Nederlands (x32           unbekannt)
L&H TTS3000 Português (Brasil) (x32)           unbekannt
L&H TTS3000 Russian (x32)           unbekannt
League of Legends (x32 Version: 1.02.0000)           unnötig
Left 4 Dead 2 (x32)           unnötig
Lernout & Hauspie TruVoice American English TTS Engine (x32)           unbekannt
Logitech G35 (Version: 1.1.178)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
MAGIX Web Designer 7 Premium Download-Version (x32 Version: 7.0.4.16490)
MechWarrior Online (HKCU Version: 1.2.0.0)           unnötig
MechWarrior Online (x32 Version: 1.2.0.0)           unnötig
Medal of Honor™ Warfighter (x32 Version: 1.0.0.2)           unnötig
MediaGet2 version 2.1.780.0 (x32 Version: 2.1.780.0)           unbekannt
MediaGet2 version 2.1.890.0 (HKCU Version: 2.1.890.0)           unbekannt
Metro 2033 (x32)           unnötig
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MiniTool Partition Wizard Home Edition 6.0 (x32)           unbekannt
MISERY for S.T.A.L.K.E.R - Call of Pripyat (x32)
MorphVOX Junior (x32 Version: 2.7.8)
Mozilla Firefox 5.0.1 (x86 de) (x32 Version: 5.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mumble 1.2.3 (x32 Version: 1.2.3)
NetObjects Fusion Essentials (x32)           unbekannt
Nokia Connectivity Cable Driver (Version: 7.1.32.64)
Notepad++ (x32 Version: 5.9)
NVIDIA 3D Vision Controller-Treiber 285.62 (Version: 285.62)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5715)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Opera 12.16 (x32 Version: 12.16.1860)
Origin (x32 Version: 9.0.15.65)           unnötig
Oxygen 2 Personal Edition Uninstall (x32)           unnötig
Pando Media Booster (x32 Version: 2.6.0.1)           unnötig
PDF Settings CS5 (x32 Version: 10.0)
PlanetSide 2 Beta (HKCU)           unnötig
Play withSIX (x32 Version: 1.20.0318)           unnötig
Portal 2 (x32)           unnötig
PR Mumble 1.0.0 (x32 Version: 1.0.0)           unnötig
PrivitizeVPN (x32 Version: 1.0.0)
Project Normandy (x32)           unnötig
Project Reality Christmas Map Pack (x32 Version: 0957)           unnötig
Project Reality: ARMA2 (x32 Version: v0.15 BETA)           unnötig
Project Reality: BF2 (pr_beta) (Version: v1.0)           unnötig
Project Reality: BF2 (Version: v1.0)           unnötig
Project Reality: BF2 (x32 Version: v0.981)           unnötig
Project Reality: BF2 (x32 Version: v1.0)           unnötig
PunkBuster Services (x32 Version: 0.993)           unnötig
PVSonyDll (Version: 1.00.0001)           unbekannt
Qtrax (HKCU Version: 20.13.06.24)           unbekannt
Qtrax Player (HKCU)           unbekannt
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)           unbekannt
RealPlayer (x32)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Red Orchestra 2 SDK (x32)           unnötig
Red Orchestra 2: Heroes of Stalingrad (x32)           unnötig
S.T.A.L.K.E.R.: Call of Pripyat (x32)           unnötig
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
SecondLifeViewer (remove only) (x32)
ShiftWindow 1.02 (x32)           unbekannt
Six Updater (x32 Version: 2.09.7034)           unnötig
Skype Click to Call (x32 Version: 5.6.8442)           unnötig
Skype™ 5.10 (x32 Version: 5.10.116)           unnötig
Software Informer 1.1 (x32)           unbekannt
Sound Tools Uninstall (x32)           unbekannt
Source SDK (x32)           unnötig
Source SDK Base 2007 (x32)           unnötig
SpeedFan (remove only) (x32)           unnötig
Square Enix Secure Launcher (HKCU Version: 1.0.0.108)           unbekannt
StarCraft II (x32 Version: 1.4.2.20141)           unnötig
Steam (x32 Version: 1.0.0.0)           unnötig
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (Version: 23.0.504.0)
Sudden Strike 2 (x32 Version: 1.0)           unnötig
Sudden Strike 3 (x32)           unnötig
Sven 004 XS (x32)           unbekannt
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007)           unbekannt
SweetPacks bundle uninstaller (x32 Version: 1.0.0000)           unbekannt
Team Fortress 2 (x32)           unnötig
TeamSpeak 3 Client (Version: 3.0.10)           unnötig
Terraria (x32)           unnötig
TexView 2 Uninstall (x32)           unbekannt
The Elder Scrolls V: Skyrim (x32)           unnötig
The War Z (x32)           unnötig
The War Z version alpha (x32 Version: alpha)           unnötig
TNG 2.0 Installer Part 1 (HKCU)           unbekannt
TNG 2.0 Installer Part 2 (HKCU)           unbekannt
Total Commander (Remove or Repair) (x32 Version: 7.56a)           unbekannt
Ubisoft Game Launcher (x32 Version: 1.0.0.0)           unnötig
Uniblue DriverScanner (x32 Version: 4.0.3.4)           unbekannt
Unity Web Player (HKCU Version: )           unbekannt
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
Uplay (x32 Version: 2.0)           unnötig
uTorrentBar_DE Toolbar (x32 Version: 6.13.3.505)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)           unbekannt
VirtualCloneDrive (x32)
Visitor 3 Uninstall (x32)           unbekannt
War Rock (x32)           unnötig
War Thunder Launcher 1.0.1.148 (x32)           unnötig
Webcam Spy v2.1 (x32 Version: 2.1)           unbekannt
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
World in Conflict: Soviet Assault (x32)           unnötig
World of Tanks (x32)           unnötig
World of Warcraft (x32 Version: 4.3.0.15050)           unnötig
Worms 4 Mayhem (x32 Version: 1.00.0000)           unnötig
Worms Ultimate Mayhem (x32)           unnötig
Yahoo! Messenger (x32)           unnötig
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)           unnötig
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)           unbekannt
yuPlay client 0.7.32 (x32)

==================== Restore Points  =========================

02-08-2013 12:33:16 DirectX wurde installiert
06-08-2013 18:11:54 Removed Bonjour
07-08-2013 00:52:29 DirectX wurde installiert
07-08-2013 12:14:16 Windows Update
07-08-2013 20:59:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00E0768F-5B04-402A-AB6E-CFE604C2C527} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19] (Adobe Systems Incorporated)
Task: {38CDD424-5770-4D39-B02C-9FC2071C7CBC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {41469CE4-657F-4FAC-987E-214DDE5E979E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe No File
Task: {446ABDB1-1EED-447C-93D3-E9AACB4E6A6E} - System32\Tasks\RMSchedule => C:\Program Files (x86)\Registry Mechanic\RegMech.exe No File
Task: {4AF26527-E3C1-4809-AA6A-FADE114CF707} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {4EAF8025-96E7-4F85-B92F-37262272AF55} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2015333589-2609546115-2474780110-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {72D655FB-1CFD-4966-AF55-953E582FBE6F} - System32\Tasks\AdobeAAMUpdater-1.0-MaxPc-Max => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {739C48F9-599F-4388-9A62-76352240804B} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2011-11-22] (Easeware)
Task: {783B5AB7-4BD9-442A-B4C7-F3B2A3875E1E} - System32\Tasks\DLL-files.com Fixer_UPDATES => C:\Program Files (x86)\Dll-Files.com No File
Task: {813A69B0-A7C0-4772-902B-42F3F32B6F5F} - System32\Tasks\At1 => C:\Windows\SysWOW64\cmd.exe [2010-11-20] (Microsoft Corporation)
Task: {9F88452D-415E-4CD3-AEA6-9D607EA319A3} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {B2ADE055-5138-4903-AB1C-E1E1CC41A038} - System32\Tasks\LyricsContainer Update => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe No File
Task: {BE2FD9C2-40AE-4A0A-9A14-461DAD8B8C1B} - System32\Tasks\{C7915BC9-1BA2-411C-B3EF-4C3B0A356141} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {C93BE47F-A8D2-42A4-AFF9-22CAE4EFF8FC} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\Registry Mechanic\update.exe No File
Task: {D4B82667-B894-40CE-8753-444BAE22CC7C} - System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-20] (Uniblue Systems Limited)
Task: {D6A5DB1E-B7DA-4C47-83C6-441A9C7F5607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe No File
Task: {EB759432-30F5-4CF1-87E7-817DDF082D8B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {EF855525-975B-4A0D-A219-3F01EDCA63E2} - System32\Tasks\DLL-files.com Fixer => C:\Program Files (x86)\Dll-Files.com No File
Task: {F2F2EB16-CF39-4EC2-9470-77E991ECC975} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F495F25A-D55D-49E3-AEB4-E93AA2AEC659} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2015333589-2609546115-2474780110-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {FAC3E7DD-2578-4504-8EA5-89205C7A9CEA} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
Task: {FAF2C78E-293D-45D3-8BE0-9FF8F492F39A} - System32\Tasks\{45F5085A-E32C-45F6-921D-E984AB3C9311} => c:\program files (x86)\opera\opera.exe [2013-07-17] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Users\Max\Desktop\driver whiz serial key download txt.exe
Task: C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\Registry Mechanic\RegMech.exe

==================== Faulty Device Manager Devices =============

Name: TeamViewer VPN Adapter
Description: TeamViewer VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TeamViewer GmbH
Service: teamviewervpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2013 11:18:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2013 11:18:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2013 11:17:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2013 07:51:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 3.3.9556.500, Zeitstempel: 0x4d061efd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3

Error: (08/07/2013 02:16:02 PM) (Source: Microsoft Security Client Setup) (User: MaxPc)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (08/07/2013 11:02:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (08/07/2013 03:07:45 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.1, Zeitstempel: 0x3db54418
Name des fehlerhaften Moduls: WINMM.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba42
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011e4b
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0xgame.exe0
Pfad der fehlerhaften Anwendung: game.exe1
Pfad des fehlerhaften Moduls: game.exe2
Berichtskennung: game.exe3

Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldFilterDriver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/07/2013 02:49:37 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (08/07/2013 11:12:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2592687)

Error: (08/07/2013 11:12:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0826 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2709981)

Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/07/2013 11:11:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (08/07/2013 11:11:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (08/07/2013 11:09:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (08/07/2013 11:09:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.

Error: (08/07/2013 11:06:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (08/07/2013 11:18:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe

Error: (08/07/2013 11:18:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe

Error: (08/07/2013 11:17:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe

Error: (08/07/2013 07:51:49 PM) (Source: Application Error)(User: )
Description: soffice.bin3.3.9556.5004d061efdntdll.dll6.1.7601.177254ec49b8fc00000050002e3be56001ce9395c39a59b9C:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Windows\SysWOW64\ntdll.dll0884370f-ff8a-11e2-9e33-4061867d9184

Error: (08/07/2013 02:16:02 PM) (Source: Microsoft Security Client Setup)(User: MaxPc)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (08/07/2013 11:02:19 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (08/07/2013 03:07:45 AM) (Source: Application Error)(User: )
Description: game.exe1.0.0.13db54418WINMM.dll6.1.7601.175144ce7ba42c000000500011e4b10f001ce9309c795c70eD:\SS2\game.exeC:\Windows\system32\WINMM.dllc45ba2ea-fefd-11e2-8420-4061867d9184

Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldFilterDriver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/07/2013 02:49:37 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity Errors:
===================================
  Date: 2011-12-30 18:05:53.566
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Max\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-12-30 18:05:53.541
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Max\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-12-30 18:05:53.209
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-12-30 18:05:53.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 19%
Total physical RAM: 12279.11 MB
Available physical RAM: 9843.57 MB
Total Pagefile: 25277.3 MB
Available Pagefile: 22770.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:122.65 GB) (Free:11.31 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:1273.51 GB) (Free:101.69 GB) NTFS (Disk=0 Partition=2)
Drive e: (COH2) (CDROM) (Total:5.15 GB) (Free:0 GB) UDF
Drive g: (PRBF2) (CDROM) (Total:6.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 2BAB359D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-831603785728) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=123 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
__________________

Geändert von Quobble (07.08.2013 um 23:09 Uhr)

Alt 08.08.2013, 00:09   #4
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hi,
es sind 3 Logs zu erstellen, poste diese gleichzeitig.
1.
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
C:\Windows\Tasks\At1.job
         
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut
    und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.
2. deinstaliere:
Wings of
µTorrent
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Alan
Allied Intent Xtended
Altitude
ANNO : alle
APB
applicationupdater
Arma : alle
ArmA
Audacity
Bamboo Dock : beide
Battlefield : alle
Battlelog
BattlEye
BF2
Bing
Command
Company
Counter-Strike: alle
DAEMON
DayZ
Dead
Defcon
Die Gilde
Die*
Dota
Driver Sweeper
Driver Whiz
DriverEasy : instaliere driver nur vom hersteller!
Dropbox
ESET
ESN
Fallout : beide
Forgoten
Fraps
GameRanger
GameSpy : alle
GameXN
Garry's
GIMP
Google Earth
Grand Theft : beide
Guild
Heroes
ICQ : beide
IL
Internet Explorer Toolbar
iTunes
Java 7
Java(TM) : alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
League
Left 4
Lernout
MechWarrior : alle
Medal
Metro

Mozilla Firefox
Webbrowser Mozilla Firefox ? Kostenloser Download ? mozilla.org
Version 23 instalieren.

Deinstaliere:
Origin
Oxygen
Pando
PlanetSide
Play withSIX
Portal
PR
Project : alle unnötigen
PunkBuster
Qtrax : falls von dir nicht verwendet, beide
RealPlayer
Red Orchestra : beide
S.T.A.L
ShiftWindow
Six Updater
Skype : beide
Software Informer
SpeedFan
StarCraft
Steam
Sudden : beide

Sven
SweetIM
SweetPacks
TeamSpeak
Team Fortress
Terraria
The Elder
The War : beide
Total Commander
Ubisoft
Uniblue
Unity
Update Manager
Uplay
uTorrentBar_DE : bitte weg
War Rock
War Thunder
Webcam Spy
World : alle
Worms : beide

Yahoo: alle
Yontoo

Starte neu.
3.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


4.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.08.2013, 00:46   #5
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Okay. Arbeite dran.
Hier schonmal die Fixlog.txt

Steht sehr wenig drin.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-08 01:42:11 Run:1
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==============================================

C:\Windows\Tasks\At1.job => Moved successfully.

==== End of Fixlog ====
         
Nur wieso soll ich ALLES von meinem PC runterhauen?


/Edit
Kann keins der SweetIM Programme Deinstallieren. Wirft mir nen Error aus.

Hier die Combofix Logs:
Code:
ATTFilter
ComboFix 13-08-07.01 - Max 08.08.2013   2:17.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.12279.9318 [GMT 2:00]
ausgeführt von:: c:\users\Max\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsContainer\125.dll
c:\users\Max\AppData\Roaming\technic-launcher.jar
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\frapsvid.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-08 bis 2013-08-08  ))))))))))))))))))))))))))))))
.
.
2013-08-08 00:24 . 2013-08-08 00:24	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-08-08 00:24 . 2013-08-08 00:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-07 23:57 . 2013-08-07 23:57	0	----a-w-	c:\windows\SysWow64\REN3B6D.tmp
2013-08-07 21:52 . 2013-08-07 21:52	--------	d-----w-	C:\FRST
2013-08-07 12:26 . 2013-08-07 12:26	941720	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{286C14BD-7101-4E5F-AB9C-2CFD86EDC7EA}\gapaengine.dll
2013-08-07 12:26 . 2013-07-01 23:34	9460976	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E44A8976-04B9-422C-9162-A1A807FF485C}\mpengine.dll
2013-08-07 12:15 . 2013-08-07 12:15	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2013-08-07 12:15 . 2013-08-07 12:15	--------	d-----w-	c:\program files\Microsoft Security Client
2013-08-06 18:59 . 2013-08-06 18:59	--------	d-----w-	c:\users\Max\AppData\Roaming\Malwarebytes
2013-08-06 18:59 . 2013-08-06 18:59	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-06 18:12 . 2013-08-07 23:55	--------	d-----w-	c:\windows\system32\appmgmt
2013-08-06 16:38 . 2013-08-06 16:38	--------	d-----w-	c:\program files (x86)\JoWooD
2013-08-06 16:22 . 2013-08-06 16:35	--------	d-----w-	c:\program files (x86)\Defcon
2013-07-31 14:01 . 2013-07-31 14:05	--------	d-----w-	c:\windows\system32\MRT
2013-07-26 12:20 . 2013-07-26 17:43	--------	d-----w-	c:\users\Max\AppData\Local\Arma 3
2013-07-26 12:20 . 2013-07-26 12:20	--------	d-----w-	c:\programdata\Bohemia Interactive
2013-07-23 12:21 . 2013-08-08 00:23	--------	d-----w-	c:\program files (x86)\LyricsContainer
2013-07-20 11:04 . 2013-08-08 00:12	--------	d-----w-	c:\programdata\Yahoo!
2013-07-20 11:01 . 2013-08-08 00:25	--------	d-----w-	c:\program files (x86)\Yahoo!
2013-07-16 20:31 . 2013-07-16 20:31	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-07-10 18:57 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-10 18:57 . 2013-06-04 04:53	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-07-10 18:57 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-10 18:57 . 2013-05-27 05:50	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-10 18:57 . 2013-05-27 05:50	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2013-07-10 18:57 . 2013-05-27 04:57	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 18:57 . 2013-05-27 04:57	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 18:57 . 2013-05-27 04:57	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 18:57 . 2013-05-27 03:15	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 18:57 . 2013-05-06 06:03	1887744	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-10 18:57 . 2013-05-06 04:56	1620480	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 18:56 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-10 18:56 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 18:56 . 2013-04-10 05:46	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:56 . 2013-04-10 05:46	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 18:56 . 2013-04-10 05:46	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 18:56 . 2013-04-10 05:03	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:55 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-10 18:55 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 12:34 . 2013-03-27 11:35	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-08-02 12:33 . 2013-03-27 11:35	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-08-02 12:17 . 2013-03-27 11:35	281152	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-08-02 12:17 . 2011-08-14 13:15	281152	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-07-25 01:06 . 2011-07-30 21:00	840264	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-07-03 00:53 . 2012-02-09 20:44	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-03 00:52 . 2012-02-09 20:43	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-06-23 22:57 . 2011-08-25 06:55	78277128	----a-w-	c:\windows\system32\MRT.exe
2013-06-18 19:50 . 2013-06-18 19:50	247216	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2013-06-18 19:50	139616	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-17 06:38 . 2012-02-22 08:52	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-17 06:37 . 2012-02-22 08:52	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-17 06:37 . 2012-02-22 08:52	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-06-14 06:01 . 2012-02-09 20:43	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-21 14:06 . 2013-05-21 14:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-05-21 14:06 . 2013-05-21 14:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-05-21 14:06 . 2013-05-21 14:06	81408	----a-w-	c:\windows\system32\icardie.dll
2013-05-21 14:06 . 2013-05-21 14:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-05-21 14:06 . 2013-05-21 14:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-21 14:06 . 2013-05-21 14:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-05-21 14:06 . 2013-05-21 14:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-05-21 14:06 . 2013-05-21 14:06	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-05-21 14:06 . 2013-05-21 14:06	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-05-21 14:06 . 2013-05-21 14:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-05-21 14:06 . 2013-05-21 14:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-05-21 14:06 . 2013-05-21 14:06	441856	----a-w-	c:\windows\system32\html.iec
2013-05-21 14:06 . 2013-05-21 14:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-05-21 14:06 . 2013-05-21 14:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-05-21 14:06 . 2013-05-21 14:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-05-21 14:06 . 2013-05-21 14:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-05-21 14:06 . 2013-05-21 14:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-05-21 14:06 . 2013-05-21 14:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-05-21 14:06 . 2013-05-21 14:06	235008	----a-w-	c:\windows\system32\url.dll
2013-05-21 14:06 . 2013-05-21 14:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-05-21 14:06 . 2013-05-21 14:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-05-21 14:06 . 2013-05-21 14:06	216064	----a-w-	c:\windows\system32\msls31.dll
2013-05-21 14:06 . 2013-05-21 14:06	197120	----a-w-	c:\windows\system32\msrating.dll
2013-05-21 14:06 . 2013-05-21 14:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-05-21 14:06 . 2013-05-21 14:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-05-21 14:06 . 2013-05-21 14:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-05-21 14:06 . 2013-05-21 14:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-05-21 14:06 . 2013-05-21 14:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-05-21 14:06 . 2013-05-21 14:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-05-21 14:06 . 2013-05-21 14:06	144896	----a-w-	c:\windows\system32\wextract.exe
2013-05-21 14:06 . 2013-05-21 14:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-05-21 14:06 . 2013-05-21 14:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-05-21 14:06 . 2013-05-21 14:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-05-21 14:06 . 2013-05-21 14:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-05-21 14:06 . 2013-05-21 14:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-05-21 14:06 . 2013-05-21 14:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-05-21 14:06 . 2013-05-21 14:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-21 14:06 . 2013-05-21 14:06	102912	----a-w-	c:\windows\system32\inseng.dll
2013-05-21 14:06 . 2013-05-21 14:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-05-21 14:06 . 2013-05-21 14:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-05-21 14:06 . 2013-05-21 14:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-05-21 14:06 . 2013-05-21 14:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-05-21 14:06 . 2013-05-21 14:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-05-21 14:06 . 2013-05-21 14:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-05-21 14:06 . 2013-05-21 14:06	149504	----a-w-	c:\windows\system32\occache.dll
2013-05-21 14:06 . 2013-05-21 14:06	13824	----a-w-	c:\windows\system32\mshta.exe
2013-05-21 14:06 . 2013-05-21 14:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-05-21 14:06 . 2013-05-21 14:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-05-21 14:06 . 2013-05-21 14:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-05-13 05:51 . 2013-06-12 16:05	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 16:05	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 16:05	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 16:05	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 16:05	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 16:05	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 16:05	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 16:05	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:05	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:05	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 16:05	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 16:05	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
"DAEMON Tools Ultra Agent"="c:\program files (x86)\DAEMON Tools Ultra\DTAgent.exe" [2013-03-06 3088448]
"F.lux"="c:\users\Max\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
R3 X6va007;X6va007;c:\users\Max\AppData\Local\Temp\0079E18.tmp;c:\users\Max\AppData\Local\Temp\0079E18.tmp [x]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
R4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe;c:\program files\Tablet\Pen\Pen_Tablet.exe [x]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe;c:\program files\Tablet\Pen\Pen_TouchService.exe [x]
S3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtscsibus.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-08 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: NameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
BHO-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
BHO-{DA3D98A6-868D-4E1B-BB78-0887230DA405} - c:\program files (x86)\LyricsContainer\125.dll
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Wow6432Node-HKCU-Run-RDReminder - (no file)
Wow6432Node-HKCU-Run-Messenger (Yahoo!) - ~c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe
Wow6432Node-HKLM-Run-TaskTray - (no file)
SafeBoot-BsScanner
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
AddRemove-Forgotten Hope 2 - d:\steam\steamapps\common\Battlefield 2\uninstall.exe
AddRemove-NetObjects Fusion Essentials - c:\windows\IsUn0407.exe
AddRemove-Project Reality: BF2 Sandbox_is1 - d:\steam\steamapps\common\Battlefield 2\mods\pr\uninst\unins001.exe
AddRemove-{3F673FAB-262C-429F-AC28-674AD43DE6EE}_is1 - d:\steam\steamapps\common\battlefield 2\mods\pr\unins000.exe
AddRemove-TNG 2.0 Installer Part 1 - d:\steam\SteamApps\common\battlefield 2\mods\AIX2\TNG 2.0 Part 1 Uninstallexe
AddRemove-TNG 2.0 Installer Part 2 - d:\steam\SteamApps\common\battlefield 2\mods\AIX2\TNG 2.0 Part 2 Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\Max\AppData\Local\Temp\0079E18.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2015333589-2609546115-2474780110-1001\Software\SecuROM\License information*]
"datasecu"=hex:b0,76,7f,82,ab,76,ae,d4,ea,b5,49,ff,77,86,c1,81,ed,63,49,f0,bb,
   f9,e1,e3,c5,48,05,57,a9,9a,8a,1f,dd,07,aa,d7,21,26,23,9c,37,31,ce,8b,e4,55,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-08  02:30:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-08-08 00:30
.
Vor Suchlauf: 12 Verzeichnis(se), 14.158.352.384 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 13.897.601.024 Bytes frei
.
- - End Of File - - CE80A74C2E985D2AF8A34C4ABACF2ADC
A36C5E4F47E84449FF07ED3517B43A31
         
Und hier haben wir die TDSSKiller Logs:

Code:
ATTFilter
02:39:04.0911 2036  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
02:39:05.0109 2036  ============================================================
02:39:05.0110 2036  Current date / time: 2013/08/08 02:39:05.0109
02:39:05.0110 2036  SystemInfo:
02:39:05.0110 2036  
02:39:05.0110 2036  OS Version: 6.1.7601 ServicePack: 1.0
02:39:05.0110 2036  Product type: Workstation
02:39:05.0110 2036  ComputerName: MAXPC
02:39:05.0110 2036  UserName: Max
02:39:05.0110 2036  Windows directory: C:\Windows
02:39:05.0110 2036  System windows directory: C:\Windows
02:39:05.0110 2036  Running under WOW64
02:39:05.0110 2036  Processor architecture: Intel x64
02:39:05.0110 2036  Number of processors: 4
02:39:05.0110 2036  Page size: 0x1000
02:39:05.0110 2036  Boot type: Normal boot
02:39:05.0110 2036  ============================================================
02:39:07.0762 2036  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2F509, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
02:39:07.0769 2036  ============================================================
02:39:07.0769 2036  \Device\Harddisk0\DR0:
02:39:07.0769 2036  MBR partitions:
02:39:07.0769 2036  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:39:07.0769 2036  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9F3046A0
02:39:07.0769 2036  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9F336EA0, BlocksNum 0xF54F160
02:39:07.0769 2036  ============================================================
02:39:07.0796 2036  D: <-> \Device\Harddisk0\DR0\Partition2
02:39:07.0833 2036  C: <-> \Device\Harddisk0\DR0\Partition3
02:39:07.0833 2036  ============================================================
02:39:07.0833 2036  Initialize success
02:39:07.0833 2036  ============================================================
02:40:59.0279 2792  ============================================================
02:40:59.0279 2792  Scan started
02:40:59.0279 2792  Mode: Manual; SigCheck; TDLFS; 
02:40:59.0279 2792  ============================================================
02:41:00.0083 2792  ================ Scan system memory ========================
02:41:00.0083 2792  System memory - ok
02:41:00.0084 2792  ================ Scan services =============================
02:41:00.0259 2792  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
02:41:00.0339 2792  1394ohci - ok
02:41:00.0373 2792  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
02:41:00.0408 2792  ACPI - ok
02:41:00.0437 2792  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
02:41:00.0527 2792  AcpiPmi - ok
02:41:00.0572 2792  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
02:41:00.0600 2792  adp94xx - ok
02:41:00.0625 2792  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
02:41:00.0638 2792  adpahci - ok
02:41:00.0650 2792  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
02:41:00.0661 2792  adpu320 - ok
02:41:00.0686 2792  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
02:41:00.0836 2792  AeLookupSvc - ok
02:41:00.0892 2792  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
02:41:00.0959 2792  AFD - ok
02:41:00.0986 2792  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
02:41:00.0998 2792  agp440 - ok
02:41:01.0260 2792  [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
02:41:01.0260 2792  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
02:41:01.0266 2792  Akamai ( HiddenFile.Multi.Generic ) - warning
02:41:01.0266 2792  Akamai - detected HiddenFile.Multi.Generic (1)
02:41:01.0284 2792  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
02:41:01.0351 2792  ALG - ok
02:41:01.0370 2792  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
02:41:01.0389 2792  aliide - ok
02:41:01.0420 2792  [ B3E801135E0C81733542C14D9AA8120A ] Alpham1         C:\Windows\system32\DRIVERS\Alpham164.sys
02:41:01.0479 2792  Alpham1 - ok
02:41:01.0515 2792  [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2         C:\Windows\system32\DRIVERS\Alpham264.sys
02:41:01.0554 2792  Alpham2 - ok
02:41:01.0579 2792  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
02:41:01.0598 2792  amdide - ok
02:41:01.0627 2792  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
02:41:01.0698 2792  AmdK8 - ok
02:41:01.0716 2792  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
02:41:01.0751 2792  AmdPPM - ok
02:41:01.0782 2792  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
02:41:01.0792 2792  amdsata - ok
02:41:01.0816 2792  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
02:41:01.0827 2792  amdsbs - ok
02:41:01.0845 2792  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
02:41:01.0853 2792  amdxata - ok
02:41:01.0884 2792  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
02:41:01.0965 2792  AppID - ok
02:41:02.0002 2792  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
02:41:02.0058 2792  AppIDSvc - ok
02:41:02.0141 2792  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
02:41:02.0186 2792  Appinfo - ok
02:41:02.0250 2792  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:41:02.0269 2792  Apple Mobile Device - ok
02:41:02.0305 2792  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
02:41:02.0357 2792  AppMgmt - ok
02:41:02.0371 2792  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
02:41:02.0392 2792  arc - ok
02:41:02.0409 2792  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
02:41:02.0430 2792  arcsas - ok
02:41:02.0533 2792  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:41:02.0551 2792  aspnet_state - ok
02:41:02.0581 2792  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
02:41:02.0652 2792  AsyncMac - ok
02:41:02.0674 2792  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
02:41:02.0682 2792  atapi - ok
02:41:02.0715 2792  [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
02:41:02.0751 2792  atksgt - ok
02:41:02.0794 2792  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:41:02.0870 2792  AudioEndpointBuilder - ok
02:41:02.0878 2792  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
02:41:02.0906 2792  AudioSrv - ok
02:41:02.0983 2792  [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
02:41:02.0999 2792  AxAutoMntSrv - ok
02:41:03.0025 2792  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
02:41:03.0101 2792  AxInstSV - ok
02:41:03.0151 2792  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
02:41:03.0196 2792  b06bdrv - ok
02:41:03.0228 2792  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
02:41:03.0260 2792  b57nd60a - ok
02:41:03.0290 2792  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
02:41:03.0339 2792  BDESVC - ok
02:41:03.0357 2792  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
02:41:03.0430 2792  Beep - ok
02:41:03.0492 2792  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
02:41:03.0553 2792  BEService ( UnsignedFile.Multi.Generic ) - warning
02:41:03.0553 2792  BEService - detected UnsignedFile.Multi.Generic (1)
02:41:03.0604 2792  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
02:41:03.0652 2792  BFE - ok
02:41:03.0701 2792  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
02:41:03.0765 2792  BITS - ok
02:41:03.0788 2792  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
02:41:03.0807 2792  blbdrive - ok
02:41:03.0846 2792  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
02:41:03.0877 2792  bowser - ok
02:41:03.0888 2792  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:41:03.0978 2792  BrFiltLo - ok
02:41:03.0989 2792  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:41:04.0009 2792  BrFiltUp - ok
02:41:04.0047 2792  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
02:41:04.0100 2792  BridgeMP - ok
02:41:04.0137 2792  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
02:41:04.0165 2792  Browser - ok
02:41:04.0185 2792  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
02:41:04.0237 2792  Brserid - ok
02:41:04.0257 2792  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
02:41:04.0287 2792  BrSerWdm - ok
02:41:04.0303 2792  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
02:41:04.0343 2792  BrUsbMdm - ok
02:41:04.0357 2792  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
02:41:04.0386 2792  BrUsbSer - ok
02:41:04.0417 2792  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
02:41:04.0438 2792  BTHMODEM - ok
02:41:04.0488 2792  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
02:41:04.0543 2792  bthserv - ok
02:41:04.0583 2792  catchme - ok
02:41:04.0615 2792  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
02:41:04.0678 2792  cdfs - ok
02:41:04.0730 2792  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
02:41:04.0768 2792  cdrom - ok
02:41:04.0819 2792  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
02:41:04.0881 2792  CertPropSvc - ok
02:41:04.0894 2792  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
02:41:04.0924 2792  circlass - ok
02:41:04.0948 2792  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
02:41:04.0965 2792  CLFS - ok
02:41:05.0018 2792  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:41:05.0030 2792  clr_optimization_v2.0.50727_32 - ok
02:41:05.0076 2792  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:41:05.0087 2792  clr_optimization_v2.0.50727_64 - ok
02:41:05.0160 2792  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:41:05.0177 2792  clr_optimization_v4.0.30319_32 - ok
02:41:05.0195 2792  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:41:05.0210 2792  clr_optimization_v4.0.30319_64 - ok
02:41:05.0234 2792  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
02:41:05.0268 2792  CmBatt - ok
02:41:05.0300 2792  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
02:41:05.0313 2792  cmdide - ok
02:41:05.0359 2792  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
02:41:05.0395 2792  CNG - ok
02:41:05.0411 2792  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
02:41:05.0424 2792  Compbatt - ok
02:41:05.0449 2792  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
02:41:05.0491 2792  CompositeBus - ok
02:41:05.0497 2792  COMSysApp - ok
02:41:05.0517 2792  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
02:41:05.0527 2792  crcdisk - ok
02:41:05.0576 2792  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
02:41:05.0620 2792  CryptSvc - ok
02:41:05.0655 2792  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
02:41:05.0730 2792  CSC - ok
02:41:05.0781 2792  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
02:41:05.0815 2792  CscService - ok
02:41:05.0839 2792  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
02:41:05.0927 2792  DcomLaunch - ok
02:41:05.0987 2792  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
02:41:06.0046 2792  defragsvc - ok
02:41:06.0079 2792  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
02:41:06.0140 2792  DfsC - ok
02:41:06.0213 2792  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
02:41:06.0234 2792  dg_ssudbus - ok
02:41:06.0276 2792  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
02:41:06.0341 2792  Dhcp - ok
02:41:06.0410 2792  [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
02:41:06.0435 2792  Disc Soft Bus Service - ok
02:41:06.0456 2792  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
02:41:06.0491 2792  discache - ok
02:41:06.0520 2792  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
02:41:06.0533 2792  Disk - ok
02:41:06.0561 2792  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
02:41:06.0612 2792  Dnscache - ok
02:41:06.0634 2792  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
02:41:06.0691 2792  dot3svc - ok
02:41:06.0724 2792  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
02:41:06.0791 2792  DPS - ok
02:41:06.0821 2792  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
02:41:06.0839 2792  drmkaud - ok
02:41:06.0858 2792  [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
02:41:06.0873 2792  dtscsibus - ok
02:41:06.0919 2792  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
02:41:06.0947 2792  DXGKrnl - ok
02:41:06.0960 2792  EagleX64 - ok
02:41:06.0989 2792  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
02:41:07.0042 2792  EapHost - ok
02:41:07.0145 2792  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
02:41:07.0263 2792  ebdrv - ok
02:41:07.0277 2792  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
02:41:07.0297 2792  EFS - ok
02:41:07.0344 2792  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
02:41:07.0416 2792  ehRecvr - ok
02:41:07.0460 2792  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
02:41:07.0491 2792  ehSched - ok
02:41:07.0530 2792  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
02:41:07.0563 2792  elxstor - ok
02:41:07.0588 2792  [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv        C:\Windows\system32\epmntdrv.sys
02:41:07.0606 2792  epmntdrv ( UnsignedFile.Multi.Generic ) - warning
02:41:07.0606 2792  epmntdrv - detected UnsignedFile.Multi.Generic (1)
02:41:07.0639 2792  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
02:41:07.0674 2792  ErrDev - ok
02:41:07.0708 2792  [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
02:41:07.0741 2792  EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
02:41:07.0741 2792  EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
02:41:07.0773 2792  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
02:41:07.0812 2792  EventSystem - ok
02:41:07.0857 2792  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
02:41:07.0885 2792  exfat - ok
02:41:07.0901 2792  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
02:41:07.0946 2792  fastfat - ok
02:41:08.0002 2792  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
02:41:08.0068 2792  Fax - ok
02:41:08.0109 2792  [ 240FF3619817B039198CDCD1E8DAE921 ] fcdabus         C:\Windows\system32\DRIVERS\fcdabus.sys
02:41:08.0140 2792  fcdabus - ok
02:41:08.0148 2792  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
02:41:08.0168 2792  fdc - ok
02:41:08.0184 2792  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
02:41:08.0247 2792  fdPHost - ok
02:41:08.0261 2792  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
02:41:08.0296 2792  FDResPub - ok
02:41:08.0319 2792  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
02:41:08.0328 2792  FileInfo - ok
02:41:08.0338 2792  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
02:41:08.0384 2792  Filetrace - ok
02:41:08.0401 2792  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
02:41:08.0412 2792  flpydisk - ok
02:41:08.0435 2792  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
02:41:08.0447 2792  FltMgr - ok
02:41:08.0506 2792  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
02:41:08.0557 2792  FontCache - ok
02:41:08.0605 2792  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:41:08.0621 2792  FontCache3.0.0.0 - ok
02:41:08.0631 2792  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
02:41:08.0650 2792  FsDepends - ok
02:41:08.0680 2792  [ 7B64CBC4FDDAD2CB4F774E6B81052E98 ] fsRamDsk        C:\Windows\system32\DRIVERS\fsRamDsk.sys
02:41:08.0699 2792  fsRamDsk - ok
02:41:08.0728 2792  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
02:41:08.0742 2792  Fs_Rec - ok
02:41:08.0781 2792  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
02:41:08.0805 2792  fvevol - ok
02:41:08.0821 2792  [ C4AE69B476A40C165B6E99D10E814D0F ] FVXSCSI         C:\Windows\system32\DRIVERS\fvxscsi.sys
02:41:08.0855 2792  FVXSCSI - ok
02:41:08.0885 2792  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
02:41:08.0906 2792  gagp30kx - ok
02:41:08.0934 2792  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:41:08.0942 2792  GEARAspiWDM - ok
02:41:08.0979 2792  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
02:41:09.0042 2792  gpsvc - ok
02:41:09.0057 2792  gupdate - ok
02:41:09.0072 2792  gupdatem - ok
02:41:09.0094 2792  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
02:41:09.0103 2792  hamachi - ok
02:41:09.0233 2792  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
02:41:09.0347 2792  Hamachi2Svc - ok
02:41:09.0366 2792  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
02:41:09.0414 2792  hcw85cir - ok
02:41:09.0447 2792  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:41:09.0477 2792  HdAudAddService - ok
02:41:09.0500 2792  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
02:41:09.0533 2792  HDAudBus - ok
02:41:09.0551 2792  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
02:41:09.0583 2792  HidBatt - ok
02:41:09.0600 2792  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
02:41:09.0626 2792  HidBth - ok
02:41:09.0647 2792  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
02:41:09.0690 2792  HidIr - ok
02:41:09.0715 2792  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
02:41:09.0788 2792  hidserv - ok
02:41:09.0826 2792  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
02:41:09.0847 2792  HidUsb - ok
02:41:09.0859 2792  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
02:41:09.0909 2792  hkmsvc - ok
02:41:09.0952 2792  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:41:10.0007 2792  HomeGroupListener - ok
02:41:10.0032 2792  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:41:10.0065 2792  HomeGroupProvider - ok
02:41:10.0096 2792  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
02:41:10.0117 2792  HpSAMD - ok
02:41:10.0167 2792  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
02:41:10.0243 2792  HTTP - ok
02:41:10.0267 2792  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
02:41:10.0276 2792  hwpolicy - ok
02:41:10.0306 2792  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
02:41:10.0317 2792  i8042prt - ok
02:41:10.0357 2792  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
02:41:10.0387 2792  iaStorV - ok
02:41:10.0411 2792  ICQ Service - ok
02:41:10.0463 2792  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:41:10.0497 2792  idsvc - ok
02:41:10.0525 2792  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
02:41:10.0535 2792  iirsp - ok
02:41:10.0590 2792  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
02:41:10.0639 2792  IKEEXT - ok
02:41:10.0649 2792  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
02:41:10.0658 2792  intelide - ok
02:41:10.0678 2792  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
02:41:10.0708 2792  intelppm - ok
02:41:10.0732 2792  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
02:41:10.0786 2792  IPBusEnum - ok
02:41:10.0811 2792  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:41:10.0873 2792  IpFilterDriver - ok
02:41:10.0933 2792  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
02:41:11.0003 2792  iphlpsvc - ok
02:41:11.0031 2792  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
02:41:11.0053 2792  IPMIDRV - ok
02:41:11.0063 2792  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
02:41:11.0115 2792  IPNAT - ok
02:41:11.0182 2792  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
02:41:11.0216 2792  iPod Service - ok
02:41:11.0246 2792  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
02:41:11.0317 2792  IRENUM - ok
02:41:11.0329 2792  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
02:41:11.0340 2792  isapnp - ok
02:41:11.0365 2792  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
02:41:11.0381 2792  iScsiPrt - ok
02:41:11.0408 2792  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
02:41:11.0420 2792  kbdclass - ok
02:41:11.0436 2792  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
02:41:11.0466 2792  kbdhid - ok
02:41:11.0477 2792  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
02:41:11.0491 2792  KeyIso - ok
02:41:11.0516 2792  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
02:41:11.0530 2792  KSecDD - ok
02:41:11.0559 2792  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
02:41:11.0575 2792  KSecPkg - ok
02:41:11.0589 2792  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
02:41:11.0644 2792  ksthunk - ok
02:41:11.0689 2792  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
02:41:11.0738 2792  KtmRm - ok
02:41:11.0787 2792  [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2       C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
02:41:11.0794 2792  LADF_DHP2 - ok
02:41:11.0818 2792  [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM       C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
02:41:11.0828 2792  LADF_SBVM - ok
02:41:11.0854 2792  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
02:41:11.0920 2792  LanmanServer - ok
02:41:11.0947 2792  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:41:11.0997 2792  LanmanWorkstation - ok
02:41:12.0042 2792  [ 955982BF4421B77722196552B62E8DC2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
02:41:12.0061 2792  lirsgt - ok
02:41:12.0072 2792  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
02:41:12.0133 2792  lltdio - ok
02:41:12.0163 2792  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
02:41:12.0207 2792  lltdsvc - ok
02:41:12.0217 2792  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
02:41:12.0242 2792  lmhosts - ok
02:41:12.0294 2792  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
02:41:12.0315 2792  LSI_FC - ok
02:41:12.0327 2792  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
02:41:12.0344 2792  LSI_SAS - ok
02:41:12.0354 2792  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:41:12.0366 2792  LSI_SAS2 - ok
02:41:12.0380 2792  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:41:12.0390 2792  LSI_SCSI - ok
02:41:12.0418 2792  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
02:41:12.0474 2792  luafv - ok
02:41:12.0522 2792  [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
02:41:12.0573 2792  ManyCam - ok
02:41:12.0597 2792  [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
02:41:12.0633 2792  mcaudrv_simple - ok
02:41:12.0659 2792  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
02:41:12.0689 2792  Mcx2Svc - ok
02:41:12.0710 2792  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
02:41:12.0724 2792  megasas - ok
02:41:12.0740 2792  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
02:41:12.0759 2792  MegaSR - ok
02:41:12.0809 2792  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
02:41:12.0856 2792  MMCSS - ok
02:41:12.0878 2792  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
02:41:12.0919 2792  Modem - ok
02:41:12.0950 2792  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
02:41:12.0971 2792  monitor - ok
02:41:13.0016 2792  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
02:41:13.0025 2792  mouclass - ok
02:41:13.0054 2792  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
02:41:13.0086 2792  mouhid - ok
02:41:13.0142 2792  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
02:41:13.0160 2792  mountmgr - ok
02:41:13.0215 2792  [ FC1D590039EF06A381768710E6C07E75 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
02:41:13.0242 2792  MpFilter - ok
02:41:13.0262 2792  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
02:41:13.0275 2792  mpio - ok
02:41:13.0291 2792  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
02:41:13.0345 2792  mpsdrv - ok
02:41:13.0404 2792  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
02:41:13.0476 2792  MpsSvc - ok
02:41:13.0510 2792  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
02:41:13.0552 2792  MRxDAV - ok
02:41:13.0579 2792  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
02:41:13.0624 2792  mrxsmb - ok
02:41:13.0649 2792  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:41:13.0686 2792  mrxsmb10 - ok
02:41:13.0709 2792  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:41:13.0737 2792  mrxsmb20 - ok
02:41:13.0759 2792  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
02:41:13.0775 2792  msahci - ok
02:41:13.0809 2792  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
02:41:13.0828 2792  msdsm - ok
02:41:13.0851 2792  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
02:41:13.0881 2792  MSDTC - ok
02:41:13.0904 2792  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
02:41:13.0934 2792  Msfs - ok
02:41:13.0946 2792  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
02:41:13.0990 2792  mshidkmdf - ok
02:41:14.0005 2792  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
02:41:14.0013 2792  msisadrv - ok
02:41:14.0045 2792  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
02:41:14.0114 2792  MSiSCSI - ok
02:41:14.0116 2792  msiserver - ok
02:41:14.0141 2792  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
02:41:14.0166 2792  MSKSSRV - ok
02:41:14.0267 2792  [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
02:41:14.0290 2792  MsMpSvc - ok
02:41:14.0304 2792  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
02:41:14.0345 2792  MSPCLOCK - ok
02:41:14.0363 2792  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
02:41:14.0416 2792  MSPQM - ok
02:41:14.0450 2792  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
02:41:14.0463 2792  MsRPC - ok
02:41:14.0476 2792  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
02:41:14.0484 2792  mssmbios - ok
02:41:14.0487 2792  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
02:41:14.0522 2792  MSTEE - ok
02:41:14.0532 2792  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
02:41:14.0543 2792  MTConfig - ok
02:41:14.0558 2792  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
02:41:14.0567 2792  Mup - ok
02:41:14.0591 2792  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
02:41:14.0654 2792  napagent - ok
02:41:14.0686 2792  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
02:41:14.0732 2792  NativeWifiP - ok
02:41:14.0815 2792  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
02:41:14.0850 2792  NDIS - ok
02:41:14.0867 2792  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
02:41:14.0893 2792  NdisCap - ok
02:41:14.0915 2792  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
02:41:14.0953 2792  NdisTapi - ok
02:41:14.0976 2792  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
02:41:15.0001 2792  Ndisuio - ok
02:41:15.0020 2792  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
02:41:15.0056 2792  NdisWan - ok
02:41:15.0096 2792  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
02:41:15.0145 2792  NDProxy - ok
02:41:15.0155 2792  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
02:41:15.0198 2792  NetBIOS - ok
02:41:15.0219 2792  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
02:41:15.0253 2792  NetBT - ok
02:41:15.0270 2792  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
02:41:15.0280 2792  Netlogon - ok
02:41:15.0311 2792  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
02:41:15.0355 2792  Netman - ok
02:41:15.0399 2792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0409 2792  NetMsmqActivator - ok
02:41:15.0413 2792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0422 2792  NetPipeActivator - ok
02:41:15.0440 2792  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
02:41:15.0487 2792  netprofm - ok
02:41:15.0490 2792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0498 2792  NetTcpActivator - ok
02:41:15.0501 2792  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0509 2792  NetTcpPortSharing - ok
02:41:15.0530 2792  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
02:41:15.0540 2792  nfrd960 - ok
02:41:15.0583 2792  [ 8FB3C853E886E1E4D57271672486111C ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:41:15.0609 2792  NisDrv - ok
02:41:15.0668 2792  [ 869A808253726EA11939EC4FE76346A4 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
02:41:15.0700 2792  NisSrv - ok
02:41:15.0719 2792  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
02:41:15.0741 2792  NlaSvc - ok
02:41:15.0779 2792  [ 903681BAB213D5F84717C0FC42AFB28A ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
02:41:15.0849 2792  nmwcd - ok
02:41:15.0861 2792  [ EC4C5EBD003E0395BF4EA5A2EFD13CE6 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
02:41:15.0886 2792  nmwcdc - ok
02:41:15.0904 2792  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
02:41:15.0929 2792  Npfs - ok
02:41:15.0941 2792  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
02:41:15.0980 2792  nsi - ok
02:41:15.0996 2792  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
02:41:16.0034 2792  nsiproxy - ok
02:41:16.0090 2792  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
02:41:16.0131 2792  Ntfs - ok
02:41:16.0146 2792  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
02:41:16.0199 2792  Null - ok
02:41:16.0249 2792  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
02:41:16.0271 2792  NVHDA - ok
02:41:16.0557 2792  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:41:16.0670 2792  nvlddmkm - ok
02:41:16.0796 2792  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
02:41:16.0818 2792  nvraid - ok
02:41:16.0840 2792  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
02:41:16.0861 2792  nvstor - ok
02:41:16.0907 2792  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
02:41:16.0940 2792  nvsvc - ok
02:41:17.0030 2792  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
02:41:17.0078 2792  nvUpdatusService - ok
02:41:17.0117 2792  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
02:41:17.0139 2792  nv_agp - ok
02:41:17.0161 2792  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
02:41:17.0181 2792  ohci1394 - ok
02:41:17.0214 2792  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
02:41:17.0256 2792  p2pimsvc - ok
02:41:17.0283 2792  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
02:41:17.0297 2792  p2psvc - ok
02:41:17.0320 2792  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
02:41:17.0330 2792  Parport - ok
02:41:17.0377 2792  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
02:41:17.0386 2792  partmgr - ok
02:41:17.0405 2792  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
02:41:17.0421 2792  PcaSvc - ok
02:41:17.0445 2792  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
02:41:17.0457 2792  pci - ok
02:41:17.0475 2792  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
02:41:17.0485 2792  pciide - ok
02:41:17.0497 2792  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
02:41:17.0509 2792  pcmcia - ok
02:41:17.0606 2792  [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
02:41:17.0638 2792  PCToolsSSDMonitorSvc - ok
02:41:17.0652 2792  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
02:41:17.0674 2792  pcw - ok
02:41:17.0698 2792  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
02:41:17.0745 2792  PEAUTH - ok
02:41:17.0797 2792  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
02:41:17.0847 2792  PeerDistSvc - ok
02:41:17.0911 2792  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
02:41:17.0929 2792  PerfHost - ok
02:41:17.0982 2792  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
02:41:18.0033 2792  pla - ok
02:41:18.0079 2792  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
02:41:18.0117 2792  PlugPlay - ok
02:41:18.0142 2792  PnkBstrA - ok
02:41:18.0155 2792  PnkBstrB - ok
02:41:18.0165 2792  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
02:41:18.0183 2792  PNRPAutoReg - ok
02:41:18.0210 2792  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
02:41:18.0222 2792  PNRPsvc - ok
02:41:18.0251 2792  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
02:41:18.0294 2792  PolicyAgent - ok
02:41:18.0341 2792  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
02:41:18.0402 2792  Power - ok
02:41:18.0426 2792  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
02:41:18.0468 2792  PptpMiniport - ok
02:41:18.0480 2792  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
02:41:18.0498 2792  Processor - ok
02:41:18.0533 2792  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
02:41:18.0548 2792  ProfSvc - ok
02:41:18.0558 2792  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:41:18.0567 2792  ProtectedStorage - ok
02:41:18.0598 2792  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
02:41:18.0623 2792  Psched - ok
02:41:18.0634 2792  [ DA3964D8FB8798DC741ABACA9ED1B99D ] pwdrvio         C:\Windows\system32\pwdrvio.sys
02:41:18.0653 2792  pwdrvio - ok
02:41:18.0689 2792  [ A55ED5A63D0178A41EA05AC50A60F89A ] pwdspio         C:\Windows\system32\pwdspio.sys
02:41:18.0705 2792  pwdspio - ok
02:41:18.0764 2792  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
02:41:18.0794 2792  ql2300 - ok
02:41:18.0808 2792  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
02:41:18.0818 2792  ql40xx - ok
02:41:18.0851 2792  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
02:41:18.0891 2792  QWAVE - ok
02:41:18.0906 2792  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
02:41:18.0939 2792  QWAVEdrv - ok
02:41:18.0958 2792  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
02:41:18.0994 2792  RasAcd - ok
02:41:19.0033 2792  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
02:41:19.0059 2792  RasAgileVpn - ok
02:41:19.0077 2792  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
02:41:19.0104 2792  RasAuto - ok
02:41:19.0121 2792  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
02:41:19.0165 2792  Rasl2tp - ok
02:41:19.0200 2792  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
02:41:19.0244 2792  RasMan - ok
02:41:19.0271 2792  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
02:41:19.0309 2792  RasPppoe - ok
02:41:19.0340 2792  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
02:41:19.0381 2792  RasSstp - ok
02:41:19.0399 2792  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
02:41:19.0440 2792  rdbss - ok
02:41:19.0459 2792  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
02:41:19.0472 2792  rdpbus - ok
02:41:19.0499 2792  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
02:41:19.0553 2792  RDPCDD - ok
02:41:19.0580 2792  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
02:41:19.0622 2792  RDPDR - ok
02:41:19.0638 2792  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
02:41:19.0683 2792  RDPENCDD - ok
02:41:19.0702 2792  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
02:41:19.0727 2792  RDPREFMP - ok
02:41:19.0745 2792  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
02:41:19.0791 2792  RDPWD - ok
02:41:19.0814 2792  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
02:41:19.0826 2792  rdyboost - ok
02:41:19.0858 2792  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
02:41:19.0899 2792  RemoteAccess - ok
02:41:19.0931 2792  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
02:41:19.0968 2792  RemoteRegistry - ok
02:41:19.0981 2792  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
02:41:20.0022 2792  RpcEptMapper - ok
02:41:20.0048 2792  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
02:41:20.0064 2792  RpcLocator - ok
02:41:20.0096 2792  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
02:41:20.0126 2792  RpcSs - ok
02:41:20.0139 2792  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
02:41:20.0164 2792  rspndr - ok
02:41:20.0214 2792  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
02:41:20.0226 2792  RTL8167 - ok
02:41:20.0247 2792  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
02:41:20.0268 2792  s3cap - ok
02:41:20.0274 2792  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
02:41:20.0284 2792  SamSs - ok
02:41:20.0304 2792  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
02:41:20.0313 2792  sbp2port - ok
02:41:20.0330 2792  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
02:41:20.0371 2792  SCardSvr - ok
02:41:20.0430 2792  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
02:41:20.0467 2792  scfilter - ok
02:41:20.0512 2792  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
02:41:20.0566 2792  Schedule - ok
02:41:20.0599 2792  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
02:41:20.0624 2792  SCPolicySvc - ok
02:41:20.0679 2792  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
02:41:20.0687 2792  ScreamBAudioSvc - ok
02:41:20.0698 2792  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
02:41:20.0734 2792  SDRSVC - ok
02:41:20.0759 2792  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
02:41:20.0784 2792  secdrv - ok
02:41:20.0799 2792  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
02:41:20.0836 2792  seclogon - ok
02:41:20.0849 2792  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
02:41:20.0876 2792  SENS - ok
02:41:20.0890 2792  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
02:41:20.0927 2792  SensrSvc - ok
02:41:20.0935 2792  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
02:41:20.0944 2792  Serenum - ok
02:41:20.0983 2792  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
02:41:21.0007 2792  Serial - ok
02:41:21.0039 2792  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
02:41:21.0079 2792  sermouse - ok
02:41:21.0119 2792  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
02:41:21.0177 2792  SessionEnv - ok
02:41:21.0235 2792  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
02:41:21.0268 2792  sffdisk - ok
02:41:21.0282 2792  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
02:41:21.0301 2792  sffp_mmc - ok
02:41:21.0318 2792  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
02:41:21.0344 2792  sffp_sd - ok
02:41:21.0357 2792  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
02:41:21.0367 2792  sfloppy - ok
02:41:21.0435 2792  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
02:41:21.0473 2792  SharedAccess - ok
02:41:21.0505 2792  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:41:21.0534 2792  ShellHWDetection - ok
02:41:21.0552 2792  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:41:21.0561 2792  SiSRaid2 - ok
02:41:21.0576 2792  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
02:41:21.0586 2792  SiSRaid4 - ok
02:41:21.0650 2792  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
02:41:21.0668 2792  SkypeUpdate - ok
02:41:21.0680 2792  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
02:41:21.0719 2792  Smb - ok
02:41:21.0748 2792  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
02:41:21.0779 2792  SNMPTRAP - ok
02:41:21.0808 2792  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
02:41:21.0816 2792  spldr - ok
02:41:21.0856 2792  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
02:41:21.0922 2792  Spooler - ok
02:41:22.0039 2792  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
02:41:22.0192 2792  sppsvc - ok
02:41:22.0208 2792  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
02:41:22.0250 2792  sppuinotify - ok
02:41:22.0317 2792  [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd            C:\Windows\System32\Drivers\sptd.sys
02:41:22.0332 2792  sptd - ok
02:41:22.0366 2792  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
02:41:22.0417 2792  srv - ok
02:41:22.0459 2792  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
02:41:22.0499 2792  srv2 - ok
02:41:22.0519 2792  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
02:41:22.0552 2792  srvnet - ok
02:41:22.0575 2792  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
02:41:22.0637 2792  SSDPSRV - ok
02:41:22.0654 2792  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
02:41:22.0680 2792  SstpSvc - ok
02:41:22.0720 2792  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
02:41:22.0741 2792  ssudmdm - ok
02:41:22.0810 2792  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
02:41:22.0838 2792  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
02:41:22.0839 2792  StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
02:41:22.0896 2792  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:41:22.0927 2792  Steam Client Service - ok
02:41:23.0008 2792  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
02:41:23.0035 2792  Stereo Service - ok
02:41:23.0060 2792  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
02:41:23.0073 2792  stexstor - ok
02:41:23.0123 2792  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
02:41:23.0162 2792  stisvc - ok
02:41:23.0185 2792  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
02:41:23.0195 2792  storflt - ok
02:41:23.0210 2792  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
02:41:23.0252 2792  StorSvc - ok
02:41:23.0272 2792  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
02:41:23.0287 2792  storvsc - ok
02:41:23.0307 2792  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
02:41:23.0315 2792  swenum - ok
02:41:23.0406 2792  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
02:41:23.0420 2792  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
02:41:23.0420 2792  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
02:41:23.0446 2792  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
02:41:23.0490 2792  swprv - ok
02:41:23.0556 2792  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
02:41:23.0607 2792  SysMain - ok
02:41:23.0633 2792  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:41:23.0657 2792  TabletInputService - ok
02:41:23.0842 2792  [ 45C9720E43ADF60E31A018FBC3321608 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
02:41:24.0121 2792  TabletServicePen - ok
02:41:24.0155 2792  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
02:41:24.0209 2792  TapiSrv - ok
02:41:24.0235 2792  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
02:41:24.0262 2792  TBS - ok
02:41:24.0325 2792  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
02:41:24.0359 2792  Tcpip - ok
02:41:24.0381 2792  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
02:41:24.0407 2792  TCPIP6 - ok
02:41:24.0435 2792  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
02:41:24.0448 2792  tcpipreg - ok
02:41:24.0471 2792  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
02:41:24.0490 2792  TDPIPE - ok
02:41:24.0514 2792  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
02:41:24.0525 2792  TDTCP - ok
02:41:24.0550 2792  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
02:41:24.0588 2792  tdx - ok
02:41:24.0694 2792  [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6     C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
02:41:24.0785 2792  TeamViewer6 - ok
02:41:24.0818 2792  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
02:41:24.0825 2792  teamviewervpn - ok
02:41:24.0864 2792  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
02:41:24.0872 2792  TermDD - ok
02:41:24.0894 2792  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
02:41:24.0941 2792  TermService - ok
02:41:24.0952 2792  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
02:41:24.0975 2792  Themes - ok
02:41:25.0001 2792  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
02:41:25.0026 2792  THREADORDER - ok
02:41:25.0056 2792  [ B623380AA85A84C836C395B873D6D20C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
02:41:25.0079 2792  TouchServicePen - ok
02:41:25.0090 2792  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
02:41:25.0127 2792  TrkWks - ok
02:41:25.0176 2792  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:41:25.0212 2792  TrustedInstaller - ok
02:41:25.0238 2792  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
02:41:25.0266 2792  tssecsrv - ok
02:41:25.0297 2792  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
02:41:25.0337 2792  TsUsbFlt - ok
02:41:25.0364 2792  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
02:41:25.0388 2792  tunnel - ok
02:41:25.0416 2792  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
02:41:25.0425 2792  uagp35 - ok
02:41:25.0446 2792  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
02:41:25.0485 2792  udfs - ok
02:41:25.0508 2792  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
02:41:25.0530 2792  UI0Detect - ok
02:41:25.0576 2792  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
02:41:25.0585 2792  uliagpkx - ok
02:41:25.0618 2792  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
02:41:25.0641 2792  umbus - ok
02:41:25.0653 2792  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
02:41:25.0662 2792  UmPass - ok
02:41:25.0692 2792  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
02:41:25.0716 2792  UmRdpService - ok
02:41:25.0737 2792  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
02:41:25.0782 2792  upnphost - ok
02:41:25.0832 2792  [ 7168819F30FE9622284EA19BDE7F8AB4 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
02:41:25.0857 2792  upperdev - ok
02:41:25.0915 2792  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
02:41:25.0958 2792  usbaudio - ok
02:41:25.0990 2792  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
02:41:26.0014 2792  usbccgp - ok
02:41:26.0027 2792  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
02:41:26.0039 2792  usbcir - ok
02:41:26.0056 2792  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
02:41:26.0084 2792  usbehci - ok
02:41:26.0116 2792  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
02:41:26.0129 2792  usbhub - ok
02:41:26.0142 2792  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
02:41:26.0151 2792  usbohci - ok
02:41:26.0182 2792  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
02:41:26.0206 2792  usbprint - ok
02:41:26.0228 2792  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
02:41:26.0240 2792  usbscan - ok
02:41:26.0259 2792  [ 66C25CB20B2974E0C0CFDAB49FB72A02 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
02:41:26.0299 2792  UsbserFilt - ok
02:41:26.0321 2792  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:41:26.0362 2792  USBSTOR - ok
02:41:26.0375 2792  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
02:41:26.0406 2792  usbuhci - ok
02:41:26.0450 2792  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
02:41:26.0496 2792  usbvideo - ok
02:41:26.0524 2792  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
02:41:26.0568 2792  UxSms - ok
02:41:26.0574 2792  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
02:41:26.0584 2792  VaultSvc - ok
02:41:26.0601 2792  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
02:41:26.0610 2792  vdrvroot - ok
02:41:26.0638 2792  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
02:41:26.0681 2792  vds - ok
02:41:26.0708 2792  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
02:41:26.0729 2792  vga - ok
02:41:26.0759 2792  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
02:41:26.0819 2792  VgaSave - ok
02:41:26.0862 2792  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
02:41:26.0887 2792  vhdmp - ok
02:41:26.0917 2792  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
02:41:26.0937 2792  viaide - ok
02:41:26.0962 2792  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
02:41:26.0977 2792  vmbus - ok
02:41:26.0999 2792  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
02:41:27.0012 2792  VMBusHID - ok
02:41:27.0022 2792  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
02:41:27.0034 2792  volmgr - ok
02:41:27.0061 2792  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
02:41:27.0074 2792  volmgrx - ok
02:41:27.0091 2792  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
02:41:27.0104 2792  volsnap - ok
02:41:27.0121 2792  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
02:41:27.0132 2792  vsmraid - ok
02:41:27.0184 2792  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
02:41:27.0235 2792  VSS - ok
02:41:27.0255 2792  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
02:41:27.0303 2792  vwifibus - ok
02:41:27.0338 2792  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
02:41:27.0396 2792  W32Time - ok
02:41:27.0416 2792  [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
02:41:27.0422 2792  wacmoumonitor - ok
02:41:27.0453 2792  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
02:41:27.0459 2792  wacommousefilter - ok
02:41:27.0467 2792  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
02:41:27.0495 2792  WacomPen - ok
02:41:27.0508 2792  [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
02:41:27.0515 2792  wacomvhid - ok
02:41:27.0541 2792  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
02:41:27.0576 2792  WANARP - ok
02:41:27.0579 2792  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
02:41:27.0603 2792  Wanarpv6 - ok
02:41:27.0662 2792  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
02:41:27.0709 2792  wbengine - ok
02:41:27.0723 2792  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
02:41:27.0740 2792  WbioSrvc - ok
02:41:27.0763 2792  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
02:41:27.0782 2792  wcncsvc - ok
02:41:27.0793 2792  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:41:27.0804 2792  WcsPlugInService - ok
02:41:27.0817 2792  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
02:41:27.0826 2792  Wd - ok
02:41:27.0869 2792  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
02:41:27.0889 2792  Wdf01000 - ok
02:41:27.0905 2792  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
02:41:27.0982 2792  WdiServiceHost - ok
02:41:27.0986 2792  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
02:41:28.0004 2792  WdiSystemHost - ok
02:41:28.0019 2792  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
02:41:28.0055 2792  WebClient - ok
02:41:28.0072 2792  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
02:41:28.0129 2792  Wecsvc - ok
02:41:28.0153 2792  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
02:41:28.0179 2792  wercplsupport - ok
02:41:28.0201 2792  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
02:41:28.0231 2792  WerSvc - ok
02:41:28.0246 2792  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
02:41:28.0272 2792  WfpLwf - ok
02:41:28.0282 2792  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
02:41:28.0291 2792  WIMMount - ok
02:41:28.0351 2792  WinDefend - ok
02:41:28.0360 2792  WinHttpAutoProxySvc - ok
02:41:28.0398 2792  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
02:41:28.0441 2792  Winmgmt - ok
02:41:28.0514 2792  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
02:41:28.0597 2792  WinRM - ok
02:41:28.0645 2792  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
02:41:28.0678 2792  WinUsb - ok
02:41:28.0725 2792  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
02:41:28.0782 2792  Wlansvc - ok
02:41:28.0911 2792  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:41:29.0007 2792  wlidsvc - ok
02:41:29.0032 2792  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
02:41:29.0042 2792  WmiAcpi - ok
02:41:29.0060 2792  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
02:41:29.0082 2792  wmiApSrv - ok
02:41:29.0110 2792  WMPNetworkSvc - ok
02:41:29.0132 2792  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
02:41:29.0152 2792  WPCSvc - ok
02:41:29.0169 2792  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
02:41:29.0181 2792  WPDBusEnum - ok
02:41:29.0202 2792  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
02:41:29.0235 2792  ws2ifsl - ok
02:41:29.0271 2792  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
02:41:29.0292 2792  wscsvc - ok
02:41:29.0294 2792  WSearch - ok
02:41:29.0379 2792  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
02:41:29.0485 2792  wuauserv - ok
02:41:29.0536 2792  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
02:41:29.0588 2792  WudfPf - ok
02:41:29.0635 2792  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
02:41:29.0656 2792  WUDFRd - ok
02:41:29.0685 2792  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
02:41:29.0716 2792  wudfsvc - ok
02:41:29.0746 2792  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
02:41:29.0775 2792  WwanSvc - ok
02:41:29.0892 2792  X6va007 - ok
02:41:29.0919 2792  ================ Scan global ===============================
02:41:29.0951 2792  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:41:29.0991 2792  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:41:30.0002 2792  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:41:30.0024 2792  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:41:30.0050 2792  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:41:30.0057 2792  [Global] - ok
02:41:30.0057 2792  ================ Scan MBR ==================================
02:41:30.0089 2792  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:41:30.0354 2792  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
02:41:30.0354 2792  \Device\Harddisk0\DR0 - detected TDSS File System (1)
02:41:30.0355 2792  ================ Scan VBR ==================================
02:41:30.0358 2792  [ C34501B25193EF201FE2B17CF5429E1C ] \Device\Harddisk0\DR0\Partition1
02:41:30.0360 2792  \Device\Harddisk0\DR0\Partition1 - ok
02:41:30.0381 2792  [ 7BCB2AED936BC684E8CD576C3D39F4B6 ] \Device\Harddisk0\DR0\Partition2
02:41:30.0384 2792  \Device\Harddisk0\DR0\Partition2 - ok
02:41:30.0387 2792  [ 12EB1AAAAEF24910D29081E0D88C22AD ] \Device\Harddisk0\DR0\Partition3
02:41:30.0390 2792  \Device\Harddisk0\DR0\Partition3 - ok
02:41:30.0390 2792  ============================================================
02:41:30.0390 2792  Scan finished
02:41:30.0390 2792  ============================================================
02:41:30.0406 0664  Detected object count: 7
02:41:30.0406 0664  Actual detected object count: 7
02:41:37.0986 0664  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
02:41:37.0986 0664  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
02:41:37.0987 0664  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0987 0664  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:41:37.0988 0664  epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0988 0664  epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:41:37.0990 0664  EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0990 0664  EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:41:37.0991 0664  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0991 0664  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:41:37.0992 0664  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0992 0664  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:41:37.0993 0664  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
02:41:37.0993 0664  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
02:41:49.0086 2148  Deinitialize success
         


Geändert von Quobble (08.08.2013 um 01:42 Uhr)

Alt 08.08.2013, 01:42   #6
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hi,
1. natürlich weil du es als unnötig gekennzeichnet hast...
2. ich hatte darum gebeten, alles auf einmal zu posten, wo ist das TDSS Killer Log?
__________________
--> Unbekannter Schädling

Alt 08.08.2013, 01:46   #7
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Tut mir leid. Hat halt etwas gedauert bis ich alle unnötigen Sachen weggehauen hatte und die Tools durchlaufen gelassen hab.

Alt 08.08.2013, 01:53   #8
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Und deswgen, beim nächsten Mal, alles fertig machen und dann erst alles auf einmal reinkopieren.

Ok, weiter gehts.
Konfiguriere den TDSS killer wie eben.
Suche:
Harddisk0\DR0 ( TDSS
Wähle dort cure, falls nicht möglich, delete.
Starte jetzt neu, konfiguriere den TDSS Killer noch mal wie eben, scanne poste neues Log.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.08.2013, 02:04   #9
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Cure gabs nicht, deshalb hab ich Delete gewählt.
Hier die Logs:

Code:
ATTFilter
03:01:52.0936 5032  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
03:01:53.0181 5032  ============================================================
03:01:53.0181 5032  Current date / time: 2013/08/08 03:01:53.0181
03:01:53.0181 5032  SystemInfo:
03:01:53.0181 5032  
03:01:53.0181 5032  OS Version: 6.1.7601 ServicePack: 1.0
03:01:53.0181 5032  Product type: Workstation
03:01:53.0181 5032  ComputerName: MAXPC
03:01:53.0181 5032  UserName: Max
03:01:53.0181 5032  Windows directory: C:\Windows
03:01:53.0182 5032  System windows directory: C:\Windows
03:01:53.0182 5032  Running under WOW64
03:01:53.0182 5032  Processor architecture: Intel x64
03:01:53.0182 5032  Number of processors: 4
03:01:53.0182 5032  Page size: 0x1000
03:01:53.0182 5032  Boot type: Normal boot
03:01:53.0182 5032  ============================================================
03:01:55.0821 5032  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2F509, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
03:01:55.0828 5032  ============================================================
03:01:55.0828 5032  \Device\Harddisk0\DR0:
03:01:55.0829 5032  MBR partitions:
03:01:55.0829 5032  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:01:55.0829 5032  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9F3046A0
03:01:55.0829 5032  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9F336EA0, BlocksNum 0xF54F160
03:01:55.0829 5032  ============================================================
03:01:55.0868 5032  D: <-> \Device\Harddisk0\DR0\Partition2
03:01:55.0904 5032  C: <-> \Device\Harddisk0\DR0\Partition3
03:01:55.0904 5032  ============================================================
03:01:55.0904 5032  Initialize success
03:01:55.0904 5032  ============================================================
03:02:02.0256 4048  ============================================================
03:02:02.0256 4048  Scan started
03:02:02.0256 4048  Mode: Manual; SigCheck; TDLFS; 
03:02:02.0256 4048  ============================================================
03:02:02.0886 4048  ================ Scan system memory ========================
03:02:02.0886 4048  System memory - ok
03:02:02.0887 4048  ================ Scan services =============================
03:02:03.0035 4048  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
03:02:03.0274 4048  1394ohci - ok
03:02:03.0318 4048  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
03:02:03.0353 4048  ACPI - ok
03:02:03.0382 4048  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
03:02:03.0474 4048  AcpiPmi - ok
03:02:03.0506 4048  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
03:02:03.0539 4048  adp94xx - ok
03:02:03.0559 4048  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
03:02:03.0577 4048  adpahci - ok
03:02:03.0595 4048  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
03:02:03.0610 4048  adpu320 - ok
03:02:03.0631 4048  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:02:03.0787 4048  AeLookupSvc - ok
03:02:03.0848 4048  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
03:02:03.0915 4048  AFD - ok
03:02:03.0943 4048  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
03:02:03.0963 4048  agp440 - ok
03:02:04.0231 4048  [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
03:02:04.0232 4048  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
03:02:04.0237 4048  Akamai ( HiddenFile.Multi.Generic ) - warning
03:02:04.0238 4048  Akamai - detected HiddenFile.Multi.Generic (1)
03:02:04.0253 4048  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
03:02:04.0320 4048  ALG - ok
03:02:04.0351 4048  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
03:02:04.0370 4048  aliide - ok
03:02:04.0401 4048  [ B3E801135E0C81733542C14D9AA8120A ] Alpham1         C:\Windows\system32\DRIVERS\Alpham164.sys
03:02:04.0460 4048  Alpham1 - ok
03:02:04.0495 4048  [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2         C:\Windows\system32\DRIVERS\Alpham264.sys
03:02:04.0534 4048  Alpham2 - ok
03:02:04.0559 4048  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
03:02:04.0579 4048  amdide - ok
03:02:04.0608 4048  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
03:02:04.0700 4048  AmdK8 - ok
03:02:04.0721 4048  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
03:02:04.0764 4048  AmdPPM - ok
03:02:04.0799 4048  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
03:02:04.0821 4048  amdsata - ok
03:02:04.0858 4048  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
03:02:04.0883 4048  amdsbs - ok
03:02:04.0898 4048  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
03:02:04.0917 4048  amdxata - ok
03:02:04.0961 4048  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
03:02:05.0047 4048  AppID - ok
03:02:05.0067 4048  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
03:02:05.0111 4048  AppIDSvc - ok
03:02:05.0146 4048  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
03:02:05.0192 4048  Appinfo - ok
03:02:05.0255 4048  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:02:05.0274 4048  Apple Mobile Device - ok
03:02:05.0309 4048  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
03:02:05.0362 4048  AppMgmt - ok
03:02:05.0376 4048  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
03:02:05.0398 4048  arc - ok
03:02:05.0413 4048  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
03:02:05.0426 4048  arcsas - ok
03:02:05.0550 4048  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:02:05.0622 4048  aspnet_state - ok
03:02:05.0658 4048  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:02:05.0726 4048  AsyncMac - ok
03:02:05.0751 4048  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
03:02:05.0762 4048  atapi - ok
03:02:05.0792 4048  [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
03:02:05.0861 4048  atksgt - ok
03:02:05.0908 4048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:02:05.0985 4048  AudioEndpointBuilder - ok
03:02:05.0993 4048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
03:02:06.0021 4048  AudioSrv - ok
03:02:06.0095 4048  [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
03:02:06.0112 4048  AxAutoMntSrv - ok
03:02:06.0137 4048  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
03:02:06.0215 4048  AxInstSV - ok
03:02:06.0264 4048  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
03:02:06.0311 4048  b06bdrv - ok
03:02:06.0341 4048  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
03:02:06.0374 4048  b57nd60a - ok
03:02:06.0415 4048  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
03:02:06.0464 4048  BDESVC - ok
03:02:06.0483 4048  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:02:06.0557 4048  Beep - ok
03:02:06.0629 4048  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
03:02:06.0691 4048  BEService ( UnsignedFile.Multi.Generic ) - warning
03:02:06.0691 4048  BEService - detected UnsignedFile.Multi.Generic (1)
03:02:06.0739 4048  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
03:02:06.0772 4048  BFE - ok
03:02:06.0837 4048  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
03:02:06.0885 4048  BITS - ok
03:02:06.0913 4048  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
03:02:06.0932 4048  blbdrive - ok
03:02:06.0972 4048  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:02:07.0015 4048  bowser - ok
03:02:07.0038 4048  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:02:07.0129 4048  BrFiltLo - ok
03:02:07.0139 4048  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:02:07.0165 4048  BrFiltUp - ok
03:02:07.0209 4048  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
03:02:07.0273 4048  BridgeMP - ok
03:02:07.0311 4048  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
03:02:07.0331 4048  Browser - ok
03:02:07.0346 4048  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
03:02:07.0426 4048  Brserid - ok
03:02:07.0443 4048  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
03:02:07.0476 4048  BrSerWdm - ok
03:02:07.0488 4048  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
03:02:07.0528 4048  BrUsbMdm - ok
03:02:07.0543 4048  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
03:02:07.0572 4048  BrUsbSer - ok
03:02:07.0591 4048  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
03:02:07.0614 4048  BTHMODEM - ok
03:02:07.0650 4048  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
03:02:07.0700 4048  bthserv - ok
03:02:07.0744 4048  catchme - ok
03:02:07.0777 4048  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:02:07.0843 4048  cdfs - ok
03:02:07.0891 4048  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:02:07.0929 4048  cdrom - ok
03:02:07.0980 4048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
03:02:08.0052 4048  CertPropSvc - ok
03:02:08.0079 4048  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
03:02:08.0116 4048  circlass - ok
03:02:08.0147 4048  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
03:02:08.0169 4048  CLFS - ok
03:02:08.0276 4048  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:02:08.0297 4048  clr_optimization_v2.0.50727_32 - ok
03:02:08.0334 4048  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:02:08.0353 4048  clr_optimization_v2.0.50727_64 - ok
03:02:08.0417 4048  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:02:08.0547 4048  clr_optimization_v4.0.30319_32 - ok
03:02:08.0561 4048  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:02:08.0630 4048  clr_optimization_v4.0.30319_64 - ok
03:02:08.0659 4048  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
03:02:08.0695 4048  CmBatt - ok
03:02:08.0726 4048  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:02:08.0746 4048  cmdide - ok
03:02:08.0808 4048  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
03:02:08.0867 4048  CNG - ok
03:02:08.0884 4048  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
03:02:08.0898 4048  Compbatt - ok
03:02:08.0923 4048  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
03:02:08.0959 4048  CompositeBus - ok
03:02:08.0975 4048  COMSysApp - ok
03:02:08.0991 4048  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
03:02:09.0005 4048  crcdisk - ok
03:02:09.0038 4048  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:02:09.0081 4048  CryptSvc - ok
03:02:09.0118 4048  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
03:02:09.0188 4048  CSC - ok
03:02:09.0234 4048  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
03:02:09.0285 4048  CscService - ok
03:02:09.0315 4048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:02:09.0400 4048  DcomLaunch - ok
03:02:09.0424 4048  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
03:02:09.0478 4048  defragsvc - ok
03:02:09.0505 4048  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:02:09.0566 4048  DfsC - ok
03:02:09.0627 4048  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
03:02:09.0647 4048  dg_ssudbus - ok
03:02:09.0677 4048  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
03:02:09.0743 4048  Dhcp - ok
03:02:09.0824 4048  [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
03:02:09.0852 4048  Disc Soft Bus Service - ok
03:02:09.0869 4048  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
03:02:09.0904 4048  discache - ok
03:02:09.0934 4048  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
03:02:09.0951 4048  Disk - ok
03:02:09.0975 4048  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:02:10.0026 4048  Dnscache - ok
03:02:10.0048 4048  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
03:02:10.0102 4048  dot3svc - ok
03:02:10.0138 4048  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
03:02:10.0192 4048  DPS - ok
03:02:10.0234 4048  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:02:10.0276 4048  drmkaud - ok
03:02:10.0308 4048  [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
03:02:10.0336 4048  dtscsibus - ok
03:02:10.0392 4048  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:02:10.0425 4048  DXGKrnl - ok
03:02:10.0445 4048  EagleX64 - ok
03:02:10.0499 4048  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
03:02:10.0553 4048  EapHost - ok
03:02:10.0896 4048  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
03:02:10.0953 4048  ebdrv - ok
03:02:10.0967 4048  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
03:02:11.0008 4048  EFS - ok
03:02:11.0177 4048  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:02:11.0244 4048  ehRecvr - ok
03:02:11.0270 4048  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
03:02:11.0295 4048  ehSched - ok
03:02:11.0351 4048  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
03:02:11.0381 4048  elxstor - ok
03:02:11.0410 4048  [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv        C:\Windows\system32\epmntdrv.sys
03:02:11.0458 4048  epmntdrv ( UnsignedFile.Multi.Generic ) - warning
03:02:11.0458 4048  epmntdrv - detected UnsignedFile.Multi.Generic (1)
03:02:11.0485 4048  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:02:11.0520 4048  ErrDev - ok
03:02:11.0554 4048  [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
03:02:11.0598 4048  EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
03:02:11.0599 4048  EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
03:02:11.0656 4048  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
03:02:11.0786 4048  EventSystem - ok
03:02:11.0824 4048  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
03:02:11.0870 4048  exfat - ok
03:02:11.0903 4048  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:02:11.0963 4048  fastfat - ok
03:02:12.0015 4048  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
03:02:12.0093 4048  Fax - ok
03:02:12.0135 4048  [ 240FF3619817B039198CDCD1E8DAE921 ] fcdabus         C:\Windows\system32\DRIVERS\fcdabus.sys
03:02:12.0164 4048  fcdabus - ok
03:02:12.0173 4048  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
03:02:12.0190 4048  fdc - ok
03:02:12.0197 4048  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
03:02:12.0238 4048  fdPHost - ok
03:02:12.0251 4048  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:02:12.0286 4048  FDResPub - ok
03:02:12.0296 4048  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:02:12.0305 4048  FileInfo - ok
03:02:12.0316 4048  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:02:12.0365 4048  Filetrace - ok
03:02:12.0379 4048  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
03:02:12.0390 4048  flpydisk - ok
03:02:12.0413 4048  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:02:12.0426 4048  FltMgr - ok
03:02:12.0495 4048  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
03:02:12.0546 4048  FontCache - ok
03:02:12.0595 4048  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:02:12.0611 4048  FontCache3.0.0.0 - ok
03:02:12.0621 4048  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
03:02:12.0639 4048  FsDepends - ok
03:02:12.0670 4048  [ 7B64CBC4FDDAD2CB4F774E6B81052E98 ] fsRamDsk        C:\Windows\system32\DRIVERS\fsRamDsk.sys
03:02:12.0689 4048  fsRamDsk - ok
03:02:12.0718 4048  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:02:12.0731 4048  Fs_Rec - ok
03:02:12.0796 4048  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
03:02:12.0823 4048  fvevol - ok
03:02:12.0847 4048  [ C4AE69B476A40C165B6E99D10E814D0F ] FVXSCSI         C:\Windows\system32\DRIVERS\fvxscsi.sys
03:02:12.0873 4048  FVXSCSI - ok
03:02:12.0911 4048  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
03:02:12.0933 4048  gagp30kx - ok
03:02:12.0960 4048  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:02:12.0968 4048  GEARAspiWDM - ok
03:02:13.0018 4048  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
03:02:13.0092 4048  gpsvc - ok
03:02:13.0107 4048  gupdate - ok
03:02:13.0122 4048  gupdatem - ok
03:02:13.0144 4048  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
03:02:13.0156 4048  hamachi - ok
03:02:13.0583 4048  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
03:02:13.0634 4048  Hamachi2Svc - ok
03:02:13.0667 4048  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
03:02:13.0716 4048  hcw85cir - ok
03:02:13.0749 4048  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:02:13.0780 4048  HdAudAddService - ok
03:02:13.0802 4048  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
03:02:13.0828 4048  HDAudBus - ok
03:02:13.0840 4048  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
03:02:13.0866 4048  HidBatt - ok
03:02:13.0877 4048  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
03:02:13.0893 4048  HidBth - ok
03:02:13.0913 4048  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
03:02:13.0944 4048  HidIr - ok
03:02:13.0969 4048  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
03:02:14.0003 4048  hidserv - ok
03:02:14.0043 4048  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:02:14.0053 4048  HidUsb - ok
03:02:14.0077 4048  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:02:14.0115 4048  hkmsvc - ok
03:02:14.0145 4048  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:02:14.0200 4048  HomeGroupListener - ok
03:02:14.0238 4048  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:02:14.0282 4048  HomeGroupProvider - ok
03:02:14.0314 4048  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
03:02:14.0328 4048  HpSAMD - ok
03:02:14.0371 4048  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:02:14.0440 4048  HTTP - ok
03:02:14.0473 4048  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
03:02:14.0492 4048  hwpolicy - ok
03:02:14.0524 4048  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
03:02:14.0545 4048  i8042prt - ok
03:02:14.0588 4048  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
03:02:14.0615 4048  iaStorV - ok
03:02:14.0640 4048  ICQ Service - ok
03:02:14.0693 4048  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:02:14.0732 4048  idsvc - ok
03:02:14.0755 4048  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
03:02:14.0768 4048  iirsp - ok
03:02:14.0820 4048  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
03:02:14.0888 4048  IKEEXT - ok
03:02:14.0902 4048  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
03:02:14.0912 4048  intelide - ok
03:02:14.0932 4048  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:02:14.0969 4048  intelppm - ok
03:02:14.0997 4048  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:02:15.0049 4048  IPBusEnum - ok
03:02:15.0076 4048  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:02:15.0137 4048  IpFilterDriver - ok
03:02:15.0199 4048  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:02:15.0257 4048  iphlpsvc - ok
03:02:15.0284 4048  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
03:02:15.0308 4048  IPMIDRV - ok
03:02:15.0329 4048  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
03:02:15.0379 4048  IPNAT - ok
03:02:15.0448 4048  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
03:02:15.0474 4048  iPod Service - ok
03:02:15.0499 4048  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:02:15.0571 4048  IRENUM - ok
03:02:15.0583 4048  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:02:15.0595 4048  isapnp - ok
03:02:15.0619 4048  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
03:02:15.0637 4048  iScsiPrt - ok
03:02:15.0650 4048  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
03:02:15.0662 4048  kbdclass - ok
03:02:15.0690 4048  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
03:02:15.0720 4048  kbdhid - ok
03:02:15.0743 4048  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
03:02:15.0757 4048  KeyIso - ok
03:02:15.0794 4048  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:02:15.0816 4048  KSecDD - ok
03:02:15.0861 4048  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
03:02:15.0882 4048  KSecPkg - ok
03:02:15.0902 4048  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
03:02:15.0945 4048  ksthunk - ok
03:02:16.0049 4048  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:02:16.0087 4048  KtmRm - ok
03:02:16.0136 4048  [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2       C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
03:02:16.0142 4048  LADF_DHP2 - ok
03:02:16.0167 4048  [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM       C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
03:02:16.0177 4048  LADF_SBVM - ok
03:02:16.0227 4048  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
03:02:16.0273 4048  LanmanServer - ok
03:02:16.0296 4048  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:02:16.0334 4048  LanmanWorkstation - ok
03:02:16.0379 4048  [ 955982BF4421B77722196552B62E8DC2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
03:02:16.0390 4048  lirsgt - ok
03:02:16.0429 4048  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:02:16.0488 4048  lltdio - ok
03:02:16.0524 4048  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:02:16.0572 4048  lltdsvc - ok
03:02:16.0586 4048  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:02:16.0612 4048  lmhosts - ok
03:02:16.0642 4048  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
03:02:16.0653 4048  LSI_FC - ok
03:02:16.0664 4048  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
03:02:16.0675 4048  LSI_SAS - ok
03:02:16.0691 4048  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:02:16.0702 4048  LSI_SAS2 - ok
03:02:16.0717 4048  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:02:16.0729 4048  LSI_SCSI - ok
03:02:16.0743 4048  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
03:02:16.0793 4048  luafv - ok
03:02:16.0835 4048  [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
03:02:16.0890 4048  ManyCam - ok
03:02:16.0922 4048  [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
03:02:16.0961 4048  mcaudrv_simple - ok
03:02:16.0995 4048  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:02:17.0030 4048  Mcx2Svc - ok
03:02:17.0047 4048  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
03:02:17.0066 4048  megasas - ok
03:02:17.0089 4048  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
03:02:17.0106 4048  MegaSR - ok
03:02:17.0170 4048  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
03:02:17.0236 4048  MMCSS - ok
03:02:17.0251 4048  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
03:02:17.0292 4048  Modem - ok
03:02:17.0323 4048  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:02:17.0367 4048  monitor - ok
03:02:17.0401 4048  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:02:17.0413 4048  mouclass - ok
03:02:17.0451 4048  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
03:02:17.0482 4048  mouhid - ok
03:02:17.0539 4048  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
03:02:17.0559 4048  mountmgr - ok
03:02:17.0635 4048  [ FC1D590039EF06A381768710E6C07E75 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
03:02:17.0667 4048  MpFilter - ok
03:02:17.0695 4048  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
03:02:17.0708 4048  mpio - ok
03:02:17.0724 4048  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:02:17.0776 4048  mpsdrv - ok
03:02:17.0836 4048  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:02:17.0931 4048  MpsSvc - ok
03:02:17.0967 4048  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:02:18.0004 4048  MRxDAV - ok
03:02:18.0036 4048  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:02:18.0082 4048  mrxsmb - ok
03:02:18.0106 4048  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:02:18.0144 4048  mrxsmb10 - ok
03:02:18.0165 4048  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:02:18.0195 4048  mrxsmb20 - ok
03:02:18.0216 4048  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
03:02:18.0233 4048  msahci - ok
03:02:18.0266 4048  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:02:18.0287 4048  msdsm - ok
03:02:18.0308 4048  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
03:02:18.0345 4048  MSDTC - ok
03:02:18.0373 4048  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:02:18.0417 4048  Msfs - ok
03:02:18.0439 4048  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
03:02:18.0500 4048  mshidkmdf - ok
03:02:18.0521 4048  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:02:18.0531 4048  msisadrv - ok
03:02:18.0561 4048  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:02:18.0610 4048  MSiSCSI - ok
03:02:18.0613 4048  msiserver - ok
03:02:18.0646 4048  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:02:18.0673 4048  MSKSSRV - ok
03:02:18.0771 4048  [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
03:02:18.0794 4048  MsMpSvc - ok
03:02:18.0809 4048  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:02:18.0880 4048  MSPCLOCK - ok
03:02:18.0892 4048  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:02:18.0945 4048  MSPQM - ok
03:02:18.0979 4048  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:02:18.0991 4048  MsRPC - ok
03:02:19.0005 4048  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
03:02:19.0013 4048  mssmbios - ok
03:02:19.0016 4048  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:02:19.0051 4048  MSTEE - ok
03:02:19.0061 4048  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
03:02:19.0072 4048  MTConfig - ok
03:02:19.0087 4048  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
03:02:19.0097 4048  Mup - ok
03:02:19.0120 4048  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
03:02:19.0171 4048  napagent - ok
03:02:19.0203 4048  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:02:19.0248 4048  NativeWifiP - ok
03:02:19.0332 4048  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:02:19.0366 4048  NDIS - ok
03:02:19.0384 4048  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
03:02:19.0415 4048  NdisCap - ok
03:02:19.0432 4048  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:02:19.0469 4048  NdisTapi - ok
03:02:19.0492 4048  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:02:19.0518 4048  Ndisuio - ok
03:02:19.0537 4048  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:02:19.0573 4048  NdisWan - ok
03:02:19.0612 4048  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:02:19.0664 4048  NDProxy - ok
03:02:19.0684 4048  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:02:19.0731 4048  NetBIOS - ok
03:02:19.0760 4048  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
03:02:19.0813 4048  NetBT - ok
03:02:19.0823 4048  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
03:02:19.0833 4048  Netlogon - ok
03:02:19.0864 4048  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
03:02:19.0934 4048  Netman - ok
03:02:19.0975 4048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0022 4048  NetMsmqActivator - ok
03:02:20.0027 4048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0041 4048  NetPipeActivator - ok
03:02:20.0065 4048  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
03:02:20.0117 4048  netprofm - ok
03:02:20.0120 4048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0130 4048  NetTcpActivator - ok
03:02:20.0133 4048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0141 4048  NetTcpPortSharing - ok
03:02:20.0167 4048  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
03:02:20.0178 4048  nfrd960 - ok
03:02:20.0232 4048  [ 8FB3C853E886E1E4D57271672486111C ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
03:02:20.0258 4048  NisDrv - ok
03:02:20.0317 4048  [ 869A808253726EA11939EC4FE76346A4 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
03:02:20.0349 4048  NisSrv - ok
03:02:20.0368 4048  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:02:20.0390 4048  NlaSvc - ok
03:02:20.0428 4048  [ 903681BAB213D5F84717C0FC42AFB28A ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
03:02:20.0497 4048  nmwcd - ok
03:02:20.0510 4048  [ EC4C5EBD003E0395BF4EA5A2EFD13CE6 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
03:02:20.0535 4048  nmwcdc - ok
03:02:20.0553 4048  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:02:20.0579 4048  Npfs - ok
03:02:20.0590 4048  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
03:02:20.0629 4048  nsi - ok
03:02:20.0644 4048  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:02:20.0683 4048  nsiproxy - ok
03:02:20.0745 4048  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:02:20.0803 4048  Ntfs - ok
03:02:20.0818 4048  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
03:02:20.0868 4048  Null - ok
03:02:20.0934 4048  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
03:02:20.0956 4048  NVHDA - ok
03:02:21.0237 4048  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:02:21.0348 4048  nvlddmkm - ok
03:02:21.0468 4048  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:02:21.0485 4048  nvraid - ok
03:02:21.0512 4048  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:02:21.0528 4048  nvstor - ok
03:02:21.0577 4048  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
03:02:21.0609 4048  nvsvc - ok
03:02:21.0715 4048  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
03:02:21.0762 4048  nvUpdatusService - ok
03:02:21.0802 4048  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:02:21.0812 4048  nv_agp - ok
03:02:21.0834 4048  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:02:21.0883 4048  ohci1394 - ok
03:02:21.0936 4048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
03:02:22.0008 4048  p2pimsvc - ok
03:02:22.0065 4048  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
03:02:22.0095 4048  p2psvc - ok
03:02:22.0149 4048  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
03:02:22.0172 4048  Parport - ok
03:02:22.0205 4048  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:02:22.0226 4048  partmgr - ok
03:02:22.0295 4048  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:02:22.0328 4048  PcaSvc - ok
03:02:22.0395 4048  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
03:02:22.0418 4048  pci - ok
03:02:22.0472 4048  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
03:02:22.0486 4048  pciide - ok
03:02:22.0566 4048  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
03:02:22.0591 4048  pcmcia - ok
03:02:22.0866 4048  [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
03:02:22.0898 4048  PCToolsSSDMonitorSvc - ok
03:02:22.0912 4048  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
03:02:22.0922 4048  pcw - ok
03:02:22.0946 4048  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:02:22.0997 4048  PEAUTH - ok
03:02:23.0087 4048  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
03:02:23.0295 4048  PeerDistSvc - ok
03:02:23.0412 4048  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
03:02:23.0451 4048  PerfHost - ok
03:02:23.0789 4048  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
03:02:23.0883 4048  pla - ok
03:02:24.0049 4048  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:02:24.0106 4048  PlugPlay - ok
03:02:24.0225 4048  PnkBstrA - ok
03:02:24.0298 4048  PnkBstrB - ok
03:02:24.0326 4048  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
03:02:24.0366 4048  PNRPAutoReg - ok
03:02:24.0469 4048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
03:02:24.0495 4048  PNRPsvc - ok
03:02:24.0618 4048  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:02:24.0701 4048  PolicyAgent - ok
03:02:24.0754 4048  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
03:02:24.0796 4048  Power - ok
03:02:24.0828 4048  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:02:24.0870 4048  PptpMiniport - ok
03:02:24.0882 4048  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
03:02:24.0900 4048  Processor - ok
03:02:24.0935 4048  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
03:02:24.0969 4048  ProfSvc - ok
03:02:24.0984 4048  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:02:24.0998 4048  ProtectedStorage - ok
03:02:25.0024 4048  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
03:02:25.0062 4048  Psched - ok
03:02:25.0096 4048  [ DA3964D8FB8798DC741ABACA9ED1B99D ] pwdrvio         C:\Windows\system32\pwdrvio.sys
03:02:25.0130 4048  pwdrvio - ok
03:02:25.0175 4048  [ A55ED5A63D0178A41EA05AC50A60F89A ] pwdspio         C:\Windows\system32\pwdspio.sys
03:02:25.0209 4048  pwdspio - ok
03:02:25.0293 4048  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
03:02:25.0340 4048  ql2300 - ok
03:02:25.0377 4048  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
03:02:25.0389 4048  ql40xx - ok
03:02:25.0421 4048  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
03:02:25.0462 4048  QWAVE - ok
03:02:25.0476 4048  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:02:25.0509 4048  QWAVEdrv - ok
03:02:25.0539 4048  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:02:25.0589 4048  RasAcd - ok
03:02:25.0627 4048  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
03:02:25.0674 4048  RasAgileVpn - ok
03:02:25.0695 4048  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
03:02:25.0725 4048  RasAuto - ok
03:02:25.0750 4048  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:02:25.0797 4048  Rasl2tp - ok
03:02:25.0830 4048  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
03:02:25.0876 4048  RasMan - ok
03:02:25.0888 4048  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:02:25.0932 4048  RasPppoe - ok
03:02:25.0958 4048  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:02:26.0004 4048  RasSstp - ok
03:02:26.0029 4048  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:02:26.0078 4048  rdbss - ok
03:02:26.0088 4048  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
03:02:26.0101 4048  rdpbus - ok
03:02:26.0129 4048  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:02:26.0187 4048  RDPCDD - ok
03:02:26.0222 4048  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
03:02:26.0269 4048  RDPDR - ok
03:02:26.0280 4048  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:02:26.0351 4048  RDPENCDD - ok
03:02:26.0367 4048  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
03:02:26.0393 4048  RDPREFMP - ok
03:02:26.0411 4048  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:02:26.0458 4048  RDPWD - ok
03:02:26.0480 4048  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
03:02:26.0494 4048  rdyboost - ok
03:02:26.0524 4048  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:02:26.0574 4048  RemoteAccess - ok
03:02:26.0609 4048  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:02:26.0655 4048  RemoteRegistry - ok
03:02:26.0671 4048  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
03:02:26.0712 4048  RpcEptMapper - ok
03:02:26.0738 4048  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
03:02:26.0775 4048  RpcLocator - ok
03:02:26.0812 4048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
03:02:26.0867 4048  RpcSs - ok
03:02:26.0901 4048  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:02:26.0927 4048  rspndr - ok
03:02:26.0976 4048  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
03:02:26.0990 4048  RTL8167 - ok
03:02:27.0009 4048  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
03:02:27.0044 4048  s3cap - ok
03:02:27.0060 4048  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
03:02:27.0075 4048  SamSs - ok
03:02:27.0102 4048  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:02:27.0124 4048  sbp2port - ok
03:02:27.0140 4048  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:02:27.0190 4048  SCardSvr - ok
03:02:27.0228 4048  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
03:02:27.0286 4048  scfilter - ok
03:02:27.0323 4048  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
03:02:27.0383 4048  Schedule - ok
03:02:27.0421 4048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:02:27.0465 4048  SCPolicySvc - ok
03:02:27.0561 4048  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
03:02:27.0576 4048  ScreamBAudioSvc - ok
03:02:27.0592 4048  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:02:27.0634 4048  SDRSVC - ok
03:02:27.0677 4048  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:02:27.0740 4048  secdrv - ok
03:02:27.0765 4048  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
03:02:27.0806 4048  seclogon - ok
03:02:27.0839 4048  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
03:02:27.0873 4048  SENS - ok
03:02:27.0879 4048  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
03:02:27.0925 4048  SensrSvc - ok
03:02:27.0937 4048  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
03:02:27.0955 4048  Serenum - ok
03:02:27.0985 4048  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
03:02:28.0015 4048  Serial - ok
03:02:28.0064 4048  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
03:02:28.0105 4048  sermouse - ok
03:02:28.0145 4048  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
03:02:28.0190 4048  SessionEnv - ok
03:02:28.0213 4048  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:02:28.0250 4048  sffdisk - ok
03:02:28.0272 4048  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:02:28.0312 4048  sffp_mmc - ok
03:02:28.0332 4048  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:02:28.0365 4048  sffp_sd - ok
03:02:28.0383 4048  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
03:02:28.0400 4048  sfloppy - ok
03:02:28.0474 4048  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:02:28.0545 4048  SharedAccess - ok
03:02:28.0579 4048  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:02:28.0621 4048  ShellHWDetection - ok
03:02:28.0650 4048  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:02:28.0659 4048  SiSRaid2 - ok
03:02:28.0758 4048  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
03:02:28.0779 4048  SiSRaid4 - ok
03:02:28.0843 4048  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
03:02:28.0861 4048  SkypeUpdate - ok
03:02:28.0874 4048  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:02:28.0924 4048  Smb - ok
03:02:28.0954 4048  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:02:28.0994 4048  SNMPTRAP - ok
03:02:29.0014 4048  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:02:29.0031 4048  spldr - ok
03:02:29.0075 4048  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
03:02:29.0127 4048  Spooler - ok
03:02:29.0245 4048  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
03:02:29.0398 4048  sppsvc - ok
03:02:29.0414 4048  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
03:02:29.0474 4048  sppuinotify - ok
03:02:29.0536 4048  [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd            C:\Windows\System32\Drivers\sptd.sys
03:02:29.0561 4048  sptd - ok
03:02:29.0595 4048  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:02:29.0644 4048  srv - ok
03:02:29.0676 4048  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:02:29.0716 4048  srv2 - ok
03:02:29.0737 4048  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:02:29.0769 4048  srvnet - ok
03:02:29.0792 4048  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:02:29.0862 4048  SSDPSRV - ok
03:02:29.0884 4048  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:02:29.0921 4048  SstpSvc - ok
03:02:29.0961 4048  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
03:02:29.0982 4048  ssudmdm - ok
03:02:30.0052 4048  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
03:02:30.0080 4048  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
03:02:30.0080 4048  StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
03:02:30.0150 4048  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
03:02:30.0181 4048  Steam Client Service - ok
03:02:30.0261 4048  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:02:30.0290 4048  Stereo Service - ok
03:02:30.0314 4048  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
03:02:30.0334 4048  stexstor - ok
03:02:30.0389 4048  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
03:02:30.0428 4048  stisvc - ok
03:02:30.0450 4048  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
03:02:30.0459 4048  storflt - ok
03:02:30.0485 4048  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
03:02:30.0531 4048  StorSvc - ok
03:02:30.0550 4048  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
03:02:30.0570 4048  storvsc - ok
03:02:30.0597 4048  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
03:02:30.0608 4048  swenum - ok
03:02:30.0698 4048  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
03:02:30.0726 4048  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
03:02:30.0726 4048  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
03:02:30.0748 4048  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
03:02:30.0796 4048  swprv - ok
03:02:30.0865 4048  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
03:02:30.0934 4048  SysMain - ok
03:02:30.0959 4048  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:02:31.0007 4048  TabletInputService - ok
03:02:31.0212 4048  [ 45C9720E43ADF60E31A018FBC3321608 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
03:02:31.0534 4048  TabletServicePen - ok
03:02:31.0564 4048  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:02:31.0633 4048  TapiSrv - ok
03:02:31.0657 4048  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
03:02:31.0687 4048  TBS - ok
03:02:31.0755 4048  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:02:31.0846 4048  Tcpip - ok
03:02:31.0875 4048  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
03:02:31.0900 4048  TCPIP6 - ok
03:02:31.0929 4048  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:02:31.0961 4048  tcpipreg - ok
03:02:31.0977 4048  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:02:31.0999 4048  TDPIPE - ok
03:02:32.0019 4048  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:02:32.0033 4048  TDTCP - ok
03:02:32.0068 4048  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:02:32.0119 4048  tdx - ok
03:02:32.0245 4048  [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6     C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
03:02:32.0356 4048  TeamViewer6 - ok
03:02:32.0384 4048  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
03:02:32.0391 4048  teamviewervpn - ok
03:02:32.0417 4048  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
03:02:32.0426 4048  TermDD - ok
03:02:32.0460 4048  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
03:02:32.0537 4048  TermService - ok
03:02:32.0566 4048  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
03:02:32.0589 4048  Themes - ok
03:02:32.0627 4048  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
03:02:32.0674 4048  THREADORDER - ok
03:02:32.0729 4048  [ B623380AA85A84C836C395B873D6D20C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
03:02:32.0753 4048  TouchServicePen - ok
03:02:32.0764 4048  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
03:02:32.0802 4048  TrkWks - ok
03:02:32.0849 4048  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:02:32.0885 4048  TrustedInstaller - ok
03:02:32.0912 4048  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:02:32.0979 4048  tssecsrv - ok
03:02:33.0006 4048  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
03:02:33.0067 4048  TsUsbFlt - ok
03:02:33.0098 4048  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:02:33.0158 4048  tunnel - ok
03:02:33.0185 4048  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
03:02:33.0206 4048  uagp35 - ok
03:02:33.0228 4048  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:02:33.0278 4048  udfs - ok
03:02:33.0301 4048  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:02:33.0324 4048  UI0Detect - ok
03:02:33.0370 4048  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:02:33.0392 4048  uliagpkx - ok
03:02:33.0435 4048  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
03:02:33.0467 4048  umbus - ok
03:02:33.0494 4048  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
03:02:33.0514 4048  UmPass - ok
03:02:33.0546 4048  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
03:02:33.0588 4048  UmRdpService - ok
03:02:33.0616 4048  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
03:02:33.0685 4048  upnphost - ok
03:02:33.0734 4048  [ 7168819F30FE9622284EA19BDE7F8AB4 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
03:02:33.0789 4048  upperdev - ok
03:02:33.0854 4048  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
03:02:33.0896 4048  usbaudio - ok
03:02:33.0928 4048  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:02:33.0959 4048  usbccgp - ok
03:02:33.0977 4048  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:02:34.0004 4048  usbcir - ok
03:02:34.0018 4048  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
03:02:34.0052 4048  usbehci - ok
03:02:34.0079 4048  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
03:02:34.0123 4048  usbhub - ok
03:02:34.0151 4048  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
03:02:34.0170 4048  usbohci - ok
03:02:34.0204 4048  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
03:02:34.0238 4048  usbprint - ok
03:02:34.0262 4048  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
03:02:34.0285 4048  usbscan - ok
03:02:34.0305 4048  [ 66C25CB20B2974E0C0CFDAB49FB72A02 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
03:02:34.0328 4048  UsbserFilt - ok
03:02:34.0343 4048  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:02:34.0382 4048  USBSTOR - ok
03:02:34.0397 4048  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
03:02:34.0410 4048  usbuhci - ok
03:02:34.0460 4048  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
03:02:34.0505 4048  usbvideo - ok
03:02:34.0533 4048  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
03:02:34.0577 4048  UxSms - ok
03:02:34.0620 4048  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
03:02:34.0635 4048  VaultSvc - ok
03:02:34.0648 4048  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
03:02:34.0665 4048  vdrvroot - ok
03:02:34.0709 4048  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
03:02:34.0779 4048  vds - ok
03:02:34.0790 4048  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:02:34.0811 4048  vga - ok
03:02:34.0829 4048  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:02:34.0874 4048  VgaSave - ok
03:02:34.0907 4048  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
03:02:34.0918 4048  vhdmp - ok
03:02:34.0951 4048  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
03:02:34.0961 4048  viaide - ok
03:02:34.0984 4048  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
03:02:34.0998 4048  vmbus - ok
03:02:35.0022 4048  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
03:02:35.0036 4048  VMBusHID - ok
03:02:35.0045 4048  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:02:35.0058 4048  volmgr - ok
03:02:35.0084 4048  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:02:35.0101 4048  volmgrx - ok
03:02:35.0114 4048  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:02:35.0127 4048  volsnap - ok
03:02:35.0144 4048  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
03:02:35.0157 4048  vsmraid - ok
03:02:35.0226 4048  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
03:02:35.0323 4048  VSS - ok
03:02:35.0338 4048  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
03:02:35.0375 4048  vwifibus - ok
03:02:35.0410 4048  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
03:02:35.0473 4048  W32Time - ok
03:02:35.0498 4048  [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
03:02:35.0505 4048  wacmoumonitor - ok
03:02:35.0535 4048  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
03:02:35.0542 4048  wacommousefilter - ok
03:02:35.0550 4048  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
03:02:35.0578 4048  WacomPen - ok
03:02:35.0591 4048  [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
03:02:35.0598 4048  wacomvhid - ok
03:02:35.0624 4048  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
03:02:35.0663 4048  WANARP - ok
03:02:35.0666 4048  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:02:35.0694 4048  Wanarpv6 - ok
03:02:35.0768 4048  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
03:02:35.0816 4048  wbengine - ok
03:02:35.0842 4048  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
03:02:35.0861 4048  WbioSrvc - ok
03:02:35.0895 4048  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:02:35.0931 4048  wcncsvc - ok
03:02:35.0948 4048  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:02:35.0969 4048  WcsPlugInService - ok
03:02:35.0984 4048  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
03:02:35.0995 4048  Wd - ok
03:02:36.0037 4048  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:02:36.0074 4048  Wdf01000 - ok
03:02:36.0083 4048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:02:36.0165 4048  WdiServiceHost - ok
03:02:36.0169 4048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:02:36.0192 4048  WdiSystemHost - ok
03:02:36.0210 4048  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
03:02:36.0248 4048  WebClient - ok
03:02:36.0263 4048  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:02:36.0311 4048  Wecsvc - ok
03:02:36.0332 4048  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:02:36.0363 4048  wercplsupport - ok
03:02:36.0404 4048  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:02:36.0466 4048  WerSvc - ok
03:02:36.0497 4048  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
03:02:36.0522 4048  WfpLwf - ok
03:02:36.0532 4048  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
03:02:36.0541 4048  WIMMount - ok
03:02:36.0602 4048  WinDefend - ok
03:02:36.0612 4048  WinHttpAutoProxySvc - ok
03:02:36.0661 4048  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:02:36.0711 4048  Winmgmt - ok
03:02:36.0789 4048  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
03:02:36.0870 4048  WinRM - ok
03:02:36.0920 4048  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
03:02:36.0964 4048  WinUsb - ok
03:02:37.0011 4048  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:02:37.0078 4048  Wlansvc - ok
03:02:37.0210 4048  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:02:37.0309 4048  wlidsvc - ok
03:02:37.0332 4048  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
03:02:37.0343 4048  WmiAcpi - ok
03:02:37.0359 4048  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:02:37.0381 4048  wmiApSrv - ok
03:02:37.0421 4048  WMPNetworkSvc - ok
03:02:37.0431 4048  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:02:37.0466 4048  WPCSvc - ok
03:02:37.0480 4048  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:02:37.0508 4048  WPDBusEnum - ok
03:02:37.0525 4048  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:02:37.0585 4048  ws2ifsl - ok
03:02:37.0618 4048  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
03:02:37.0643 4048  wscsvc - ok
03:02:37.0646 4048  WSearch - ok
03:02:37.0750 4048  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:02:37.0854 4048  wuauserv - ok
03:02:37.0931 4048  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:02:37.0983 4048  WudfPf - ok
03:02:38.0030 4048  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:02:38.0054 4048  WUDFRd - ok
03:02:38.0080 4048  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:02:38.0119 4048  wudfsvc - ok
03:02:38.0153 4048  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
03:02:38.0201 4048  WwanSvc - ok
03:02:38.0322 4048  X6va007 - ok
03:02:38.0337 4048  ================ Scan global ===============================
03:02:38.0358 4048  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:02:38.0398 4048  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:02:38.0409 4048  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:02:38.0431 4048  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:02:38.0457 4048  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:02:38.0463 4048  [Global] - ok
03:02:38.0463 4048  ================ Scan MBR ==================================
03:02:38.0484 4048  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:02:38.0790 4048  \Device\Harddisk0\DR0 - ok
03:02:38.0791 4048  ================ Scan VBR ==================================
03:02:38.0794 4048  [ C34501B25193EF201FE2B17CF5429E1C ] \Device\Harddisk0\DR0\Partition1
03:02:38.0796 4048  \Device\Harddisk0\DR0\Partition1 - ok
03:02:38.0824 4048  [ 7BCB2AED936BC684E8CD576C3D39F4B6 ] \Device\Harddisk0\DR0\Partition2
03:02:38.0826 4048  \Device\Harddisk0\DR0\Partition2 - ok
03:02:38.0830 4048  [ 12EB1AAAAEF24910D29081E0D88C22AD ] \Device\Harddisk0\DR0\Partition3
03:02:38.0832 4048  \Device\Harddisk0\DR0\Partition3 - ok
03:02:38.0833 4048  ============================================================
03:02:38.0833 4048  Scan finished
03:02:38.0833 4048  ============================================================
03:02:38.0845 2768  Detected object count: 6
03:02:38.0845 2768  Actual detected object count: 6
03:02:45.0603 2768  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
03:02:45.0603 2768  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
03:02:45.0604 2768  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0604 2768  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:02:45.0606 2768  epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0606 2768  epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:02:45.0608 2768  EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0608 2768  EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:02:45.0610 2768  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0610 2768  StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:02:45.0612 2768  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0612 2768  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:02:48.0733 4348  Deinitialize success
         

Alt 08.08.2013, 12:51   #10
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hi,
wenn wir fertig sind, alle Passwörter ändern.
Es sind 3 Logs zu erstellen, poste diese möglichst gleichzeitig.
1.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

neustarten.
2.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Neustarten.
3.
Hitman Pro - Download - Filepony
Hitmanpro laden, doppelklicken, Scan klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen.
Nicht auf weiter in Hitmanpro klicken, einfach schließen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.08.2013, 14:27   #11
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Okay. Diesmal alles auf einmal
AdwCleaner:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 08/08/2013 um 14:36:44 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Max - MAXPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Max\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : ICQ Service

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\plugin@yontoo.com.xpi
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\SweetIm.xml
Gelöscht mit Neustart : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Ordner Gelöscht : C:\Program Files (x86)\LyricsContainer
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\adapter@babylontc.com
Ordner Gelöscht : C:\Program Files (x86)\registry mechanic
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Yontoo Layers Runtime
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\Max\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Max\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\Freeware.de
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\CT2851647
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Smartbar
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Freeware.de
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\Freeware.de
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E111A5C-3D11-4F56-9463-5310C3C69025}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB7C3E3A-17DA-438A-836E-4F296F14E8AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D998A976-E0B9-41B7-AB31-8D83906D30D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD1BE34A-EDB9-46F7-A39C-B428D48FCC0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E111A5C-3D11-4F56-9463-5310C3C69025}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\prefs.js

C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2851647.1000234.TWC_TMP_city", "SULZBACH");
Gelöscht : user_pref("CT2851647.1000234.TWC_TMP_country", "DE");
Gelöscht : user_pref("CT2851647.1000234.TWC_locId", "SZXX2722");
Gelöscht : user_pref("CT2851647.1000234.TWC_location", "Sulzbach, Schweiz");
Gelöscht : user_pref("CT2851647.1000234.TWC_region", "DE");
Gelöscht : user_pref("CT2851647.1000234.TWC_temp_dis", "c");
Gelöscht : user_pref("CT2851647.1000234.TWC_wind_dis", "kmh");
Gelöscht : user_pref("CT2851647.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"10°C\",\"temperat[...]
Gelöscht : user_pref("CT2851647.CBOpenMAMSettings.enc", "MA==");
Gelöscht : user_pref("CT2851647.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2851647.FirstTime", "true");
Gelöscht : user_pref("CT2851647.FirstTimeFF3", "true");
Gelöscht : user_pref("CT2851647.LoginRevertSettingsEnabled", true);
Gelöscht : user_pref("CT2851647.PG_ENABLE", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.PG_ENABLE.enc", "ZEhKMVpRPT0=");
Gelöscht : user_pref("CT2851647.RevertSettingsEnabled", true);
Gelöscht : user_pref("CT2851647.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Gelöscht : user_pref("CT2851647.SF_STATUS.enc", "RU5BQkxFRA==");
Gelöscht : user_pref("CT2851647.SF_USER_ID.enc", "Y2lkXzk0MjAxMzIwMTg1NjYxMDM0MjE=");
Gelöscht : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Gelöscht : user_pref("CT2851647.UserID", "UN00719041435812883");
Gelöscht : user_pref("CT2851647.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT2851647.autoDisableScopes", -1);
Gelöscht : user_pref("CT2851647.browser.search.defaultthis.engineName", true);
Gelöscht : user_pref("CT2851647.cbcountry_001.enc", "REU=");
Gelöscht : user_pref("CT2851647.cbfirsttime.enc", "VGh1IE9jdCAxMSAyMDEyIDE3OjUxOjU5IEdNVCswMjAw");
Gelöscht : user_pref("CT2851647.countryCode", "DE");
Gelöscht : user_pref("CT2851647.enableAlerts", "always");
Gelöscht : user_pref("CT2851647.enableFix404ByUser", "FALSE");
Gelöscht : user_pref("CT2851647.enableSearchFromAddressBar", "true");
Gelöscht : user_pref("CT2851647.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundError", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundErrorByUser", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT2851647.fixUrls", true);
Gelöscht : user_pref("CT2851647.fullUserID", "UN00719041435812883.UP.20130713231245");
Gelöscht : user_pref("CT2851647.installId", "fftA2DC.tmp.exe");
Gelöscht : user_pref("CT2851647.installType", "XPE");
Gelöscht : user_pref("CT2851647.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT2851647.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT2851647.isNewTabEnabled", true);
Gelöscht : user_pref("CT2851647.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT2851647.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2851647.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.keyword", true);
Gelöscht : user_pref("CT2851647.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Gelöscht : user_pref("CT2851647.lastVersion", "10.16.4.519");
Gelöscht : user_pref("CT2851647.mam_gk_appStateReportTime.enc", "MTM2NTUzMTQ4NDcxNA==");
Gelöscht : user_pref("CT2851647.mam_gk_appState_CouponBuddy.enc", "b24=");
Gelöscht : user_pref("CT2851647.mam_gk_appState_PriceGong.enc", "b24=");
Gelöscht : user_pref("CT2851647.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Gelöscht : user_pref("CT2851647.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Gelöscht : user_pref("CT2851647.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Gelöscht : user_pref("CT2851647.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Gelöscht : user_pref("CT2851647.mam_gk_first_time.enc", "MQ==");
Gelöscht : user_pref("CT2851647.mam_gk_lastLoginTime.enc", "MTM2NTUzMTQ4MDQxMA==");
Gelöscht : user_pref("CT2851647.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Gelöscht : user_pref("CT2851647.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Gelöscht : user_pref("CT2851647.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Gelöscht : user_pref("CT2851647.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Gelöscht : user_pref("CT2851647.mam_gk_userId.enc", "AA==");
Gelöscht : user_pref("CT2851647.mam_gk_user_apps_selection.enc", "AA==");
Gelöscht : user_pref("CT2851647.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT2851647.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Gelöscht : user_pref("CT2851647.openThankYouPage", "true");
Gelöscht : user_pref("CT2851647.openUninstallPage", "FALSE");
Gelöscht : user_pref("CT2851647.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT28[...]
Gelöscht : user_pref("CT2851647.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
Gelöscht : user_pref("CT2851647.search.searchAppId", "129351532245275780");
Gelöscht : user_pref("CT2851647.search.searchCount", "0");
Gelöscht : user_pref("CT2851647.searchInNewTabEnabledByUser", "true");
Gelöscht : user_pref("CT2851647.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT2851647.searchSuggestEnabledByUser", "true");
Gelöscht : user_pref("CT2851647.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Gelöscht : user_pref("CT2851647.serviceLayer_services_Configuration_lastUpdate", "1374347370264");
Gelöscht : user_pref("CT2851647.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1365529011474");
Gelöscht : user_pref("CT2851647.serviceLayer_services_appsMetadata_lastUpdate", "1365529011368");
Gelöscht : user_pref("CT2851647.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1365529011345");
Gelöscht : user_pref("CT2851647.serviceLayer_services_location_lastUpdate", "1373720866583");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.10.27.6_lastUpdate", "1355346345548");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.13.40.15_lastUpdate", "1363421943149");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.14.370.524_lastUpdate", "1365532186238");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.15.0.562_lastUpdate", "1373720866467");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374347370631");
Gelöscht : user_pref("CT2851647.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1365529011390");
Gelöscht : user_pref("CT2851647.serviceLayer_services_searchAPI_lastUpdate", "1374347370280");
Gelöscht : user_pref("CT2851647.serviceLayer_services_serviceMap_lastUpdate", "1374347370110");
Gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarContextMenu_lastUpdate", "1365529011371");
Gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarSettings_lastUpdate", "1374358834147");
Gelöscht : user_pref("CT2851647.serviceLayer_services_translation_lastUpdate", "1374347370619");
Gelöscht : user_pref("CT2851647.serviceLayer_services_userApps_lastUpdate", "1365528891036");
Gelöscht : user_pref("CT2851647.settingsINI", true);
Gelöscht : user_pref("CT2851647.shouldFirstTimeDialog", "false");
Gelöscht : user_pref("CT2851647.showToolbarPermission", "false");
Gelöscht : user_pref("CT2851647.smartbar.CTID", "CT2851647");
Gelöscht : user_pref("CT2851647.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT2851647.smartbar.homepage", true);
Gelöscht : user_pref("CT2851647.smartbar.isHidden", true);
Gelöscht : user_pref("CT2851647.smartbar.toolbarName", "uTorrentBar_DE ");
Gelöscht : user_pref("CT2851647.toolbarBornServerTime", "11-10-2012");
Gelöscht : user_pref("CT2851647.toolbarCurrentServerTime", "20-7-2013");
Gelöscht : user_pref("CT2851647.toolbarLoginClientTime", "Tue Apr 09 2013 19:34:49 GMT+0200");
Gelöscht : user_pref("CT2851647.upgradeFromClearSBVersion", true);
Gelöscht : user_pref("CT2851647.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuZGUvdXJsP3NhPXQmcmN0PWomcT1wYXlw[...]
Gelöscht : user_pref("CT2851647_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=1[...]
Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_DE Customized Web Search");
Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647[...]
Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.privitize.com/?aff=7&q=");
Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2851647");
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Gelöscht : user_pref("browser.search.selectedEngine", "uTorrentBar_DE Customized Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 4);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "CD481B4BA782B64600A6E88131CA59A8");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "4");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 4);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.219:38:34");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 114133813);
Gelöscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gelöscht : user_pref("extensions.enabledAddons", "battlefieldheroespatcher@ea.com:5.0.110.0,ffxtlbr@babylon.com[...]
Gelöscht : user_pref("extentions.y2layers.installId", "555f8fb1-4e17-4130-b2af-9ef8e3c9399a");
Gelöscht : user_pref("extentions.y2layers.lastDnsTest", 371756);
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", true);
Gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Gelöscht : user_pref("icqtoolbar.geolastmodified", 1375573813);
Gelöscht : user_pref("icqtoolbar.history", "paypal||hxxp%3A%2F%2Fwww.facebook.com%2Fphoto.php%3Ffbid%3D35055202[...]
Gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Gelöscht : user_pref("icqtoolbar.installTime", "1348250834");
Gelöscht : user_pref("icqtoolbar.installsource", "1");
Gelöscht : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "5.0.1");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uniqueID", "131204442913118773101312359191552");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1375573815);
Gelöscht : user_pref("icqtoolbar.userEngineApproved", false);
Gelöscht : user_pref("icqtoolbar.version", "1.5.3");
Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2851647&ctid=CT2851647&S[...]
Gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT2851647");
Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT2851647");
Gelöscht : user_pref("smartbar.machineId", "RBGVVT240JDWAFGFQG7WRL0LHCZ0HIZEQM6F9DCMLMB9G+LLOQHUTLAUCIOLFDXM9QM[...]
Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]

-\\ Google Chrome v22.0.1229.94

Datei : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.27] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gelöscht [l.30] : keyword = "search.conduit.com",
Gelöscht [l.33] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2[...]
Gelöscht [l.34] : suggest_url = "hxxp://search.conduit.com/"

-\\ Opera v12.16.1860.0

Datei : C:\Users\Max\AppData\Roaming\Opera\Opera\operaprefs.ini

Gelöscht : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=opera&icid=opera

*************************

AdwCleaner[S1].txt - [37735 octets] - [08/08/2013 14:36:44]

########## EOF - C:\AdwCleaner[S1].txt - [37796 octets] ##########
         
Junkware Removal tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.8 (08.07.2013:4)
OS: Windows 7 Professional x64
Ran by Max on 08.08.2013 at 14:41:35,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\trolltech
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2015333589-2609546115-2474780110-1001\Software\SweetIM"
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{55861E1C-A576-45C7-B1A5-8E2C14D40F8F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA3D98A6-868D-4E1B-BB78-0887230DA405}



~~~ Files

Successfully deleted: [File] "C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\babylon.lnk"



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2013 at 14:45:48,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und zu guter Letzt die Hitman Pro Logs im Anhang.

/Edit

Grade eben geschaut:
Windows Firewall läuft schonmal wieder. Werde aber nichts anrühren

Geändert von Quobble (08.08.2013 um 14:35 Uhr)

Alt 08.08.2013, 14:35   #12
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hi,
sei mal so gut, und lösche mit Hitmanpro alles außer:
PunkBuster
dann speichere noch mal das Log vom löschen und poste es.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.08.2013, 14:43   #13
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Hier die Löschlogs:

Alt 08.08.2013, 14:47   #14
markusg
/// Malware-holic
 
Unbekannter Schädling - Standard

Unbekannter Schädling



Neustarten bitte, neues FRST Log
auch sicherheitshalber noch mal Hitmanpro laufen lassen, scheint du hast nciht alle erwischt. außer den von mir genannten Ausnamen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.08.2013, 15:16   #15
Quobble
 
Unbekannter Schädling - Standard

Unbekannter Schädling




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 06
Ran by Max (administrator) on 08-08-2013 15:59:53
Running from C:\Users\Max\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Users\Max\Local Settings\Apps\F.lux\flux.exe
(Dropbox, Inc.) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKCU\...\Run: [F.lux] - C:\Users\Max\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\UpdatusUser\...\Run: [fsm] -  [x]
HKU\UpdatusUser\...\Run: [RDReminder] -  [x]
HKU\UpdatusUser\...\Run: [DriverScanner] - "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000  [x]
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\..\Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: [NameServer]192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - D:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Startpins.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Yahoo! Toolbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: DownloadHelper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: ciuvo-extension - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] C:\Program Files (x86)\LyricsContainer\125.xpi

Chrome: 
=======
CHR DefaultSearchURL: (Conduit) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Virtual Keyboard) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Max\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-30] ()
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-02] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-08-02] ()
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-06-05] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-03-27] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fsRamDsk; C:\Windows\System32\DRIVERS\fsRamDsk.sys [53656 2007-04-01] ()
R0 FVXSCSI; C:\Windows\System32\DRIVERS\fvxscsi.sys [118360 2009-12-23] (FarStone Inc.)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-06-05] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-23] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va007; \??\C:\Users\Max\AppData\Local\Temp\0079E18.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-08 15:43 - 2013-08-08 15:43 - 00003217 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.rar
2013-08-08 15:42 - 2013-08-08 15:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-08-08 14:47 - 2013-08-08 14:48 - 09853928 _____ (SurfRight B.V.) C:\Users\Max\Desktop\HitmanPro_x64.exe
2013-08-08 14:46 - 2013-08-08 15:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-08 14:45 - 2013-08-08 14:45 - 00001890 _____ C:\Users\Max\Desktop\JRT.txt
2013-08-08 14:41 - 2013-08-08 14:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 14:36 - 2013-08-08 14:37 - 00037854 _____ C:\AdwCleaner[S1].txt
2013-08-08 14:36 - 2013-08-08 14:37 - 00000170 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 14:35 - 2013-08-08 14:35 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Max\Desktop\JRT.exe
2013-08-08 14:35 - 2013-08-08 14:35 - 00666633 _____ C:\Users\Max\Desktop\adwcleaner.exe
2013-08-08 02:56 - 2013-08-08 02:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-08 02:38 - 2013-08-08 02:38 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller.exe
2013-08-08 02:30 - 2013-08-08 02:30 - 00025501 _____ C:\ComboFix.txt
2013-08-08 02:15 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-08 02:15 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-08 02:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-08 02:14 - 2013-08-08 02:31 - 00000000 ____D C:\Qoobox
2013-08-08 02:13 - 2013-08-08 02:29 - 00000000 ____D C:\Windows\erdnt
2013-08-08 02:13 - 2013-08-08 02:13 - 05100713 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2013-08-08 01:57 - 2013-08-08 01:57 - 00000000 _____ C:\Windows\SysWOW64\REN3B6D.tmp
2013-08-08 01:54 - 2013-08-08 01:54 - 00000040 _____ C:\Users\Public\Documents\_rgpl
2013-08-08 01:49 - 2013-08-08 01:49 - 00003162 _____ C:\Windows\System32\Tasks\{73D5730F-0E3D-48D1-8E5D-E1B011B56111}
2013-08-07 23:53 - 2013-08-08 00:08 - 00036914 _____ C:\Users\Max\Desktop\Addition.txt
2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 14:15 - 2013-08-07 14:16 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 03:16 - 2013-08-07 04:26 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 02:55 - 2013-08-07 03:14 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:53 - 2013-08-07 02:54 - 00018397 _____ C:\Windows\DirectX.log
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:57 - 2013-08-06 20:58 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:12 - 2013-08-08 01:55 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:22 - 2013-08-06 18:35 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:21 - 2013-03-23 22:31 - 61788395 _____ (Introversion Software Ltd                                   ) C:\Users\Max\Desktop\defcon-win32-v1.6.exe
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 00:42 - 2013-08-06 01:02 - 259091339 _____ (Media Contact LLC                                           ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-05 22:15 - 2013-08-04 17:41 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:32 - 2013-08-04 01:37 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-07-31 16:01 - 2013-07-31 16:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 14:20 - 2013-07-26 19:43 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 14:20 - 2013-07-26 17:14 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 08:54 - 2013-07-25 09:17 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:11 - 2013-08-08 02:25 - 00031032 _____ C:\Windows\PFRO.log
2013-07-20 13:04 - 2013-08-08 02:12 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:01 - 2013-08-08 02:25 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 12:07 - 2013-07-19 12:11 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-11 23:46 - 2013-07-12 01:24 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-11 20:39 - 2013-07-19 16:33 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-11 16:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 16:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 16:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 16:06 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 20:57 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 20:57 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 20:57 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 20:57 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 20:56 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 20:55 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 20:55 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 15:51 - 2013-08-08 15:57 - 00002097 _____ C:\Windows\setupact.log
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
153

==================== One Month Modified Files and Folders =======

2013-08-08 15:59 - 2012-12-02 21:29 - 00000000 ___RD C:\Users\Max\Dropbox
2013-08-08 15:59 - 2012-12-02 21:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2013-08-08 15:59 - 2012-06-26 21:24 - 00000000 ____D C:\Users\Max\AppData\Local\LogMeIn Hamachi
2013-08-08 15:57 - 2013-07-10 15:51 - 00002097 _____ C:\Windows\setupact.log
2013-08-08 15:57 - 2011-12-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-08 15:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-08 15:56 - 2011-05-21 13:35 - 01753209 _____ C:\Windows\WindowsUpdate.log
2013-08-08 15:43 - 2013-08-08 15:43 - 00034546 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.xml
2013-08-08 15:43 - 2013-08-08 15:43 - 00003217 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.rar
2013-08-08 15:43 - 2013-07-07 12:35 - 00000000 ____D C:\Users\Max\Desktop\Cube
2013-08-08 15:42 - 2013-08-08 15:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-08-08 15:42 - 2013-08-08 14:46 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-08 15:42 - 2012-01-11 17:20 - 00000000 __SHD C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
2013-08-08 15:01 - 2012-01-05 19:29 - 00000252 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-08-08 14:48 - 2013-08-08 14:47 - 09853928 _____ (SurfRight B.V.) C:\Users\Max\Desktop\HitmanPro_x64.exe
2013-08-08 14:46 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 14:46 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 14:45 - 2013-08-08 14:45 - 00001890 _____ C:\Users\Max\Desktop\JRT.txt
2013-08-08 14:41 - 2013-08-08 14:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 14:37 - 2013-08-08 14:36 - 00037854 _____ C:\AdwCleaner[S1].txt
2013-08-08 14:37 - 2013-08-08 14:36 - 00000170 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 14:36 - 2011-08-02 12:41 - 00000000 ____D C:\ProgramData\ICQ
2013-08-08 14:35 - 2013-08-08 14:35 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Max\Desktop\JRT.exe
2013-08-08 14:35 - 2013-08-08 14:35 - 00666633 _____ C:\Users\Max\Desktop\adwcleaner.exe
2013-08-08 14:34 - 2011-05-21 17:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2013-08-08 02:56 - 2013-08-08 02:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-08 02:38 - 2013-08-08 02:38 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller.exe
2013-08-08 02:31 - 2013-08-08 02:14 - 00000000 ____D C:\Qoobox
2013-08-08 02:30 - 2013-08-08 02:30 - 00025501 _____ C:\ComboFix.txt
2013-08-08 02:29 - 2013-08-08 02:13 - 00000000 ____D C:\Windows\erdnt
2013-08-08 02:26 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-08 02:25 - 2013-07-20 17:11 - 00031032 _____ C:\Windows\PFRO.log
2013-08-08 02:25 - 2013-07-20 13:01 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-08-08 02:13 - 2013-08-08 02:13 - 05100713 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2013-08-08 02:12 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-08-08 02:10 - 2012-06-02 17:59 - 00000000 ____D C:\Users\Max\AppData\Local\Unity
2013-08-08 02:10 - 2011-06-15 17:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\GHISLER
2013-08-08 02:08 - 2012-05-05 21:13 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-08-08 02:08 - 2011-08-02 12:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-08 02:06 - 2013-01-14 02:13 - 00000000 ____D C:\Users\Max\Documents\ArmAWork
2013-08-08 02:05 - 2011-10-23 13:04 - 00003192 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2015333589-2609546115-2474780110-1001
2013-08-08 02:05 - 2011-10-23 13:03 - 00000000 ____D C:\Users\Max\AppData\Roaming\Real
2013-08-08 02:05 - 2011-10-23 13:03 - 00000000 ____D C:\Program Files (x86)\Real
2013-08-08 02:04 - 2011-10-23 13:04 - 00003330 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2015333589-2609546115-2474780110-1001
2013-08-08 02:04 - 2011-10-23 13:03 - 00000000 ____D C:\ProgramData\Real
2013-08-08 02:04 - 2011-05-21 13:41 - 00000000 ____D C:\Users\Max
2013-08-08 02:02 - 2011-09-02 14:25 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2013-08-08 02:02 - 2011-07-12 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-08 02:01 - 2012-02-10 13:40 - 00000000 ____D C:\Windows\Lhsp
2013-08-08 02:01 - 2011-07-15 19:37 - 00000000 ____D C:\Users\Max\AppData\Local\MediaGet2
2013-08-08 01:57 - 2013-08-08 01:57 - 00000000 _____ C:\Windows\SysWOW64\REN3B6D.tmp
2013-08-08 01:57 - 2011-05-21 14:31 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-08 01:55 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-08 01:54 - 2013-08-08 01:54 - 00000040 _____ C:\Users\Public\Documents\_rgpl
2013-08-08 01:53 - 2012-10-27 13:21 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-08 01:53 - 2011-10-06 15:50 - 00000000 ____D C:\Users\Max\AppData\Roaming\DVDVideoSoft
2013-08-08 01:53 - 2011-08-07 14:31 - 00000000 ____D C:\Users\Max\AppData\Roaming\GameRanger
2013-08-08 01:52 - 2011-12-27 18:57 - 00000000 ____D C:\Program Files\Easeware
2013-08-08 01:49 - 2013-08-08 01:49 - 00003162 _____ C:\Windows\System32\Tasks\{73D5730F-0E3D-48D1-8E5D-E1B011B56111}
2013-08-08 01:49 - 2011-10-07 22:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-08 01:47 - 2011-06-18 15:39 - 00000000 ____D C:\ProgramData\Adobe
2013-08-08 01:45 - 2012-10-10 22:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\uTorrent
2013-08-08 00:08 - 2013-08-07 23:53 - 00036914 _____ C:\Users\Max\Desktop\Addition.txt
2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 23:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-07 14:16 - 2013-08-07 14:15 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 13:53 - 2012-11-02 13:08 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2013-08-07 04:26 - 2013-08-07 03:16 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 03:14 - 2013-08-07 02:55 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:54 - 2013-08-07 02:53 - 00018397 _____ C:\Windows\DirectX.log
2013-08-07 02:20 - 2012-02-08 22:34 - 00000000 ___RD C:\Users\Max\Desktop\Games
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:58 - 2013-08-06 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:44 - 2011-11-02 00:19 - 00000000 ____D C:\Users\Max\AppData\Local\Akamai
2013-08-06 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 20:10 - 2012-12-25 11:16 - 00000840 _____ C:\Windows\system32\config\afw_hm.conf
2013-08-06 20:10 - 2012-12-25 11:16 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:35 - 2013-08-06 18:22 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:22 - 2011-06-18 11:23 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-06 14:52 - 2012-04-28 09:30 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2 OA
2013-08-06 14:15 - 2009-07-14 19:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-06 14:15 - 2009-07-14 19:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-06 14:15 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 01:02 - 2013-08-06 00:42 - 259091339 _____ (Media Contact LLC                                           ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-04 17:41 - 2013-08-05 22:15 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:37 - 2013-08-04 01:32 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 15:00 - 2011-05-21 15:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2013-08-02 14:49 - 2013-06-30 13:33 - 00000000 ____D C:\Users\Max\Documents\ProjectReality
2013-08-02 14:34 - 2013-03-27 13:35 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-08-02 14:33 - 2013-03-27 13:35 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-02 14:17 - 2013-03-27 13:35 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-02 14:17 - 2011-08-14 15:15 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-02 14:11 - 2013-06-29 21:53 - 00001188 _____ C:\Users\Max\Desktop\Project Reality BF2.lnk
2013-08-01 23:28 - 2011-09-06 17:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Mumble
2013-07-31 16:05 - 2013-07-31 16:01 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 21:28 - 2013-06-16 18:00 - 00000000 ____D C:\Users\Max\Desktop\@JSRS
2013-07-26 19:43 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 17:14 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 14:18 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2
2013-07-25 09:17 - 2013-07-25 08:54 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-25 03:06 - 2011-07-30 23:00 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-24 11:11 - 2012-06-25 18:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2013-07-23 16:38 - 2011-08-29 13:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:13 - 2011-05-21 14:31 - 00000000 ____D C:\Windows\Panther
2013-07-20 17:12 - 2009-07-14 06:45 - 04946728 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-20 17:10 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:03 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 16:33 - 2013-07-11 20:39 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-19 12:11 - 2013-07-19 12:07 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-17 19:17 - 2011-05-21 14:11 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-12 01:24 - 2013-07-11 23:46 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log

Files to move or delete:
====================
C:\Users\Max\jagex_cl_runescape_LIVE.dat
C:\Users\Max\random.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-02 01:33

==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Unbekannter Schädling
benötige, benötigt, cpu, daten, dringend, fehler, firewall, installieren, interne, internet, malware, meldung, nichts, problem, programme, regeln, scan, scannen, schlägt, schädling, security, sicherheit, starten, stelle, unbekannter, versuche, virus, windows, windows-firewall



Ähnliche Themen: Unbekannter Schädling


  1. Torbrowser-Trojaner? Meldung: In Browser unbekannter Schädling (Fingerprint: [b7eb851e]) entdeckt
    Plagegeister aller Art und deren Bekämpfung - 23.08.2015 (9)
  2. In Ihrem Browser wurde ein unbekannter Schädling(Fingerprint: [23b7a990])entdeckt. (GData15) ?
    Plagegeister aller Art und deren Bekämpfung - 15.12.2014 (28)
  3. G Data Bank Guard: Unbekannter Schädling Fingerprint: [11c85a72]
    Log-Analyse und Auswertung - 07.11.2014 (10)
  4. Windows 7: GDATA Antivirus meldet "unbekannter Schädling (Fingerprint: [88157299])"
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (7)
  5. Unbekannter Schädling(blockiert Malwarebytes&Antivir&Systemwiederherstellung)
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (31)
  6. Windows 7: Webbrowser Infektion- unbekannter Schädling (Fingerprint: [526016dd])
    Log-Analyse und Auswertung - 14.01.2014 (3)
  7. "Unbekannter Schädling" in Google Chrome erkannt
    Log-Analyse und Auswertung - 05.08.2013 (11)
  8. Unbekannter Schädling auf Chaos-System
    Log-Analyse und Auswertung - 28.08.2012 (12)
  9. Unbekannter Schädling
    Log-Analyse und Auswertung - 20.12.2011 (5)
  10. Anscheinend unbekannter Schädling öffnet Tabs in Opera
    Log-Analyse und Auswertung - 25.07.2010 (6)
  11. Unbekannter Schädling im System, holt "Verstärkung"
    Plagegeister aller Art und deren Bekämpfung - 25.06.2010 (21)
  12. unbekannter schädling
    Plagegeister aller Art und deren Bekämpfung - 18.08.2009 (30)
  13. Unbekannter Schädling?
    Plagegeister aller Art und deren Bekämpfung - 02.12.2008 (6)
  14. Unbekannter Schädling - HJTLog inside
    Log-Analyse und Auswertung - 28.07.2008 (1)
  15. evt. Schädling
    Mülltonne - 28.10.2007 (1)
  16. Unbekannter Schädling
    Plagegeister aller Art und deren Bekämpfung - 24.04.2005 (7)
  17. Schädling oder nicht Schädling ?!?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2004 (0)

Zum Thema Unbekannter Schädling - Hallo! Ich habe seit einiger Zeit ein Problem mit meiner Windows Firewall. Wenn ich versuche Windows-Firewall mit erweiterter Sicherheit zu starten, bekomme ich eine Meldung die mir sagt, dass "Beim - Unbekannter Schädling...
Archiv
Du betrachtest: Unbekannter Schädling auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.