Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!

Shiddi · 17.10.2011, 16:51

Grüßt euch,

Wie oben geschildert mein Problem, habe mich im Forum eingelesen. Scheint ja viele leute zu geben mit dem gleichen Problem. Leider finde ich aber keine Lösung.

Zitat:

Vorgeschichte:
Eine Alte Freundin schickte mir bei Facebook ein Link (dort ist meine Hotmail adresse registriert). Normal öffne ich Nie einfach so Links. Naja normal....., Google Chrom hat die Datei sofort gespeichert. Es war eine XXXXX.jpeg.Zip. Da hat es klick gemacht, habe die Datei sofort mit SHIFT + Entf gelöscht.
Dachte das wars.
Nun sprechen mich immer mehr Leute auf komische Emails an, die man nicht öffnen kann.
Ich wusste nicht was Sie meinen da ich ja keine verschickt habe. Bis ich gestern ne Email bekam, das die Email nicht zugestellt werden konnte.
Es waren nur hotmail bzw Windows Live Kontakte betroffen. Eben die Verbinung auch zu dem komischen Facebook Link neulich.

So nun zu meinem PC:

Zitat:

Betriebsystemname Microsoft Windows 7 Ultimate
Version 6.1.7600 Build 7600
Weitere Betriebsystembeschreibung Nicht verfügbar
Betriebsystemhersteller Microsoft Corporation
Systemname SHIDDI-PC
Systemhersteller MSI
Systemmodell MS-7673
Systemtyp x64-basierter PC
Prozessor Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 3401 MHz, 4 Kern(e), 8 logische(r) Prozessor(en)
BIOS-Version/-Datum American Megatrends Inc. V1.10, 31.03.2011
SMBIOS-Version 2.7
Windows-Verzeichnis C:\Windows
Systemverzeichnis C:\Windows\system32
Startgerät \Device\HarddiskVolume4
Gebietsschema Deutschland
Hardwareabstraktionsebene Version = "6.1.7600.16385"
Benutzername shiddi-PC\shiddi
Zeitzone Mitteleuropäische Sommerzeit
Installierter physikalischer Speicher (RAM) 16,0 GB
Gesamter realer Speicher 16,0 GB
Verfügbarer realer Speicher 13,6 GB
Gesamter virtueller Speicher 31,9 GB
Verfügbarer virtueller Speicher 29,5 GB
Größe der Auslagerungsdatei 16,0 GB
Auslagerungsdatei C:\pagefile.sys

Malwarebytes Log:

Zitat:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7965

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17.10.2011 17:17:49
mbam-log-2011-10-17 (17-17-49).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 195477
Laufzeit: 1 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Leider wird bei mir mit "OTL" keine Extra.txt erstellt. Obwohl ich es als Administrator öffne.

Eset sowie TDSSKiller hatten beide keinen Fund.

Im Anhang alle Dateien.

cosinus · 17.10.2011, 18:09

Zitat:

Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!

Passwort zum Hotmailkonto wurde schon von einem sauberen (anderen) Rechner geändert? Wenn nicht bitte nachholen.

Bitte anschließend routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Führ danach bitte auch ESET aus, danach sehen wir weiter:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Shiddi · 17.10.2011, 19:50

pw wird nachher vom sauberen lappi geändert

hier die neuen logs

Shiddi · 17.10.2011, 20:37

ACHTUNG NUR BEDACHT KLICKEN! (an alle Leser)

das hier war der vemeintliche Link mit dem Trojaner/Virus aus facebook:

[link entfernt von cosinus]

cosinus · 18.10.2011, 18:34

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Shiddi · 18.10.2011, 19:31

Jaein,

quick-scans die keinen befund hatten. Siehe Anhang.
Habe vorher Avira durchlaufen lassen. nach ca 2 stund Laufzeit kam ein vermutlicher Trojaner welcher gelöscht wurde. war aber auch ne Uralte datei ~ 3Jahre alt. ist nun gelöscht. Jetzt findet Avira auch nichts.
Heißt das und die Logs auch, das ich keinen mehr aufm pc habe?

habe nun ALLE logs gepostet.

Danke für die Hilfe

cosinus · 18.10.2011, 20:05

Deine OTL.zip scheint defekt zu sein. Erstell die bitte neu und lad es wieder hoch.

Shiddi · 18.10.2011, 20:11

hier einfach als post und nicht als Anhang :

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 17.10.2011 17:43:26 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\shiddi\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 13,93 Gb Available Physical Memory | 87,23% Memory free
31,94 Gb Paging File | 29,82 Gb Available in Paging File | 93,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,28 Gb Total Space | 406,44 Gb Free Space | 83,24% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 71,40 Mb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive F: | 218,62 Gb Total Space | 142,58 Gb Free Space | 65,22% Space Free | Partition Type: NTFS
Drive G: | 224,61 Gb Total Space | 223,57 Gb Free Space | 99,54% Space Free | Partition Type: NTFS
Drive H: | 126,85 Gb Total Space | 80,72 Gb Free Space | 63,63% Space Free | Partition Type: NTFS
Drive L: | 138,23 Gb Total Space | 103,51 Gb Free Space | 74,88% Space Free | Partition Type: NTFS
Drive U: | 9,77 Gb Total Space | 8,96 Gb Free Space | 91,74% Space Free | Partition Type: NTFS
Drive Z: | 97,66 Gb Total Space | 87,26 Gb Free Space | 89,36% Space Free | Partition Type: NTFS
 
Computer Name: SHIDDI-PC | User Name: shiddi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.17 16:52:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
PRC - [2011.10.01 22:27:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.03.23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.01.25 10:11:16 | 000,438,272 | ---- | M] (MSI CO.,LTD.) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- G:\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009.07.27 11:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.12.01 14:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.13 12:12:03 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.01 22:27:08 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- G:\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.27 11:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.10.05 16:45:39 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011.09.30 20:46:15 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.09.30 16:53:41 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.03.31 15:01:50 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 17:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.09.29 11:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:64bit: - [2010.09.29 11:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.02.22 15:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2009.11.18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.17 18:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009.02.17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2007.07.17 17:42:38 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007.07.17 17:42:32 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.10.22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010.05.10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2004.04.10 09:43:54 | 000,004,608 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\mbmiodrvr.sys -- (mbmiodrvr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A9 9A 92 9A 78 80 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
 
[2011.10.02 20:35:22 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = G:\MSOFFI~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = G:\MSOFFI~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Session Manager = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Adblock Plus fr Google Chrome (Beta) = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.4_0\
CHR - Extension: BitDefender QuickScan = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.99_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [DriveTheLife] C:\Program Files (x86)\DriveTheLife\DriveTheLife.exe (深圳市拾三意网络科技有限公司)
O4 - HKLM..\Run: [Logitech G35] G:\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (TODO: <Company name>)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Steam] F:\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk = G:\HLSW\hlsw.exe (Stripf Software)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk = G:\TS3\ts3client_win64.exe (TeamSpeak Systems GmbH)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = G:\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://G:\MSOFFI~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://G:\MSOFFI~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D70E6C2-00B2-431B-ADBB-24D68E6A5594}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^Users^shiddi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip -  - File not found
MsConfig:64bit - StartUpReg: AlcoholAutomount - hkey= - key= - G:\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig:64bit - StartUpReg: ASUSGamerOSD - hkey= - key= - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig:64bit - StartUpReg: CanonSolutionMenuEx - hkey= - key= - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
MsConfig:64bit - StartUpReg: facemoods - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\shiddi\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig:64bit - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: Live Update 5 - hkey= - key= - C:\Program Files (x86)\MSI\Live Update 5\LU5.exe ()
MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
MsConfig:64bit - StartUpReg: Razer Naga Driver - hkey= - key= - G:\NAGA\RazerNagaSysTray.exe (Razer USA Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.17 17:19:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.17 16:54:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.10.17 16:52:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
[2011.10.17 16:25:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Malwarebytes
[2011.10.17 16:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.17 16:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.17 16:25:18 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.10.17 16:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.16 16:09:35 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\QuickScan
[2011.10.15 19:01:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Photos
[2011.10.15 19:01:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Documents
[2011.10.15 19:01:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Local Settings
[2011.10.15 17:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2011.10.15 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.10.15 17:33:08 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Htc
[2011.10.15 17:33:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HTC
[2011.10.15 17:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2011.10.15 17:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2011.10.15 17:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2011.10.15 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.10.15 17:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.10.14 18:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.10.14 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Application Data
[2011.10.13 16:09:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\BioWare
[2011.10.13 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age 2
[2011.10.13 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2011.10.13 15:18:42 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.10.13 15:18:42 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.10.09 15:33:52 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terrafirma
[2011.10.08 22:50:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\SKIDROW
[2011.10.06 21:08:53 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\GTA THEME
[2011.10.06 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\shiddi
[2011.10.05 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\TrueCrypt
[2011.10.05 16:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2011.10.05 16:45:39 | 000,230,864 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011.10.05 16:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2011.10.05 16:38:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt
[2011.10.05 15:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.10.05 15:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.10.05 15:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.10.04 17:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ
[2011.10.04 17:13:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2011.10.04 17:12:40 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Canon
[2011.10.02 23:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.10.02 23:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.10.02 20:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.10.02 20:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.10.02 12:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.10.02 12:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.10.02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.10.02 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Battlefield 3 Open Beta
[2011.10.02 11:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011.10.02 11:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.10.01 23:51:08 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\LogiShrd
[2011.10.01 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011.10.01 23:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011.10.01 23:49:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011.10.01 23:49:12 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Downloaded Installations
[2011.10.01 22:44:29 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.01 22:27:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011.10.01 17:37:45 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.10.01 17:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriveTheLife 2009
[2011.10.01 17:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriveTheLife
[2011.10.01 15:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011.10.01 01:12:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011.10.01 01:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.10.01 01:11:32 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\InstallShield
[2011.09.30 23:33:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.09.30 23:33:33 | 000,000,000 | -HSD | C] -- C:\Boot
[2011.09.30 23:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2011.09.30 23:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geeks3D
[2011.09.30 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.09.30 23:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2011.09.30 22:59:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011.09.30 22:37:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.09.30 22:35:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.09.30 22:34:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.09.30 20:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011.09.30 20:50:54 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\InstallAnywhere
[2011.09.30 20:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 52%
[2011.09.30 20:46:15 | 000,503,352 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.30 19:03:45 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Origin
[2011.09.30 19:03:44 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Origin
[2011.09.30 19:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.09.30 18:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.09.30 18:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.09.30 18:21:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Ubisoft
[2011.09.30 18:21:27 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 22.08
[2011.09.30 18:21:26 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 20.08
[2011.09.30 18:21:24 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 18.08 neu
[2011.09.30 18:21:23 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 04.09.2011
[2011.09.30 18:21:21 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Games
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Meine empfangenen Dateien
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Deus Ex - Invisible War
[2011.09.30 18:20:47 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\BFBC2
[2011.09.30 18:20:03 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\terraria.serhanp
[2011.09.30 18:19:43 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\CoH Maps
[2011.09.30 18:19:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\vlc
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Software Informer
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\redsn0w
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Notepad++
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ezCoverMaker 3.1.0
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2011.09.30 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\DisplayFusion
[2011.09.30 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\CD-LabelPrint
[2011.09.30 18:18:41 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Apple Computer
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Windows Live
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Ubisoft Game Launcher
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FD90D821-D705-47D7-92EA-4EA277223379}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FCA65FF3-E69C-427D-8C89-BECED8F992A1}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FB37EB42-481A-4699-BCA9-F83F1DEACAC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FADDE3C9-DE08-43B1-A3E5-487BC0CC8B26}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F85121C1-F850-4E7C-B209-2E6795B471E5}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F4162472-A791-4350-AFA8-0727596586FC}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F2CDB118-2996-4797-98F2-D71FBDF6943F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{EF5850F4-8DD9-4E83-B489-6A0A92C8F058}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{EC2FCF36-17CE-4761-B002-F07123188750}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E8121D9F-AC3E-4AF0-B485-D0E7CE4142C4}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E6A50690-A9AD-4814-8050-04F8C9BBC98F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E59EED8E-1555-4250-BA99-8A13D4BE0236}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E4C02A71-7009-46D8-83D0-A7FB5765B38C}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E1D81303-D06F-437C-A73B-168DB59499C2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{DC726566-A3BB-4071-A5CC-F2F8EAAD6B11}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{D9D85837-6F35-4995-9609-30F1573830ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{D4D6C51B-92EF-413B-A89C-B9327C701FDF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{CED748DF-D512-47AA-B355-E08DF5985A52}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{CB32FF28-C420-4373-86F4-80DB37AE40B8}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C93C9544-F196-4CDD-989D-203374540D0E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C67DF668-F807-4D06-A175-CAAB7B6BECF9}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C34303CC-E398-43F4-A094-C8587A640DD7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C1C2C7B0-F046-4C20-8E7D-AE67C5302607}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C18D21EE-82A3-44D5-87D1-25B081FB37ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BED7C99B-84F7-49A6-9D51-76C2DF8B9130}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BEA7B6F4-BC24-4B4E-A341-FB771E3A9CC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BDBD8F99-C7D6-45B5-AFC2-AB9EE3968321}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BD865D7A-3F70-408E-B980-CD9357EC74A1}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BA3E8071-A1CF-4DE7-8E38-EAC85A049BE4}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{AC48CE65-5AA7-41EB-8387-BEF246B431F9}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{AA707825-9891-40BC-BF75-7607AA6AB987}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{A4002282-9D22-4D67-B80F-92E1812312FA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{A2C57585-7A75-4E1E-BC2C-0482762C9132}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9F7F70F0-CB38-463F-B502-FBF395428D4F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9F76AD9C-D783-4AE6-92C6-A4DFDC7C9213}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9EC8A4B5-263B-4CE8-8D7D-8B220ABE7AA2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9B1442BA-9BE9-4346-8903-64B7F94E13F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{965454CE-E112-435D-9787-24CE71BAF981}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{91802F44-7AB9-489D-BC79-B893415B9503}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8CC25773-A260-4639-A8EE-BB289A4757EA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8C21FF68-ACE9-47C5-BFEE-956FAA72E4ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8913A3FF-2609-4A50-B3A9-4C57BF54CA4F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{85613CEB-2B93-4440-BEC2-88573D9E2E2B}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{835C9B2B-D238-4903-B0FA-51D739C38197}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{7916D6D2-5E54-4962-B640-946BF4F72895}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{7741251E-64EC-4BF8-A87C-1966B4386015}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{76067D4C-0F9A-4DFD-B05B-456B59806AB0}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{73D15B7B-BB3D-421B-8001-B67AC431D378}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{705E174A-857B-4C17-8A7B-93F470880113}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6CFCB152-A25C-49C4-A9C1-79D9B05AA79A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6C418A3F-C4E4-4EC0-BF84-A34DECD921F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6BE7D7A3-EADC-4030-B7AC-2063EFD7FEC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6B83AADD-A124-430C-9A24-95DA73E8BAA5}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6B822E39-20BD-4670-826F-A94DDB24C819}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6ADB75AD-8DB1-4035-94A8-11B967942E1C}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{66C281E5-3CAF-4C42-84FB-6CADD82ABC4E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{66C0DE84-BEFA-46D1-AD4A-D2327B1703C6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6516EE82-1282-42A7-BE53-02CDAEF9DFE6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{63915E61-8DF8-4BEE-A241-4C146F8FB5C6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6176DD7E-775F-44D6-AC2E-CAA8A8F97CDB}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{611342CD-7230-4038-85D6-AABA814B4819}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5C073BAB-B10E-4C01-A50E-DE66E24DC873}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5B644BC9-805E-49A9-A5B8-9295A543B8AF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5ABA3A3B-FA8C-4C9A-B7D9-F8AE6AB7BB7F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{594E7533-3B62-4B6E-8DB0-0CBE81F7B66A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5799807D-4568-42EE-AE40-65CA4F7B43CA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{576D6673-D4E3-4B87-9C03-1484CCFC9632}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{573F7818-55D4-418A-8573-F27796198F81}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{56E54B56-6352-4EB8-BDB9-23B40EEFA6CE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4E9AC099-26DA-4F8A-82C7-BA615EB27A82}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4E6AF0B0-F122-480E-8BC5-4013153D7ADB}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4D72D53E-8F4C-490F-B59C-9F637AC7C336}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{46ABD8FF-A238-4785-91AF-3EA09761661F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{439052A3-6ACD-46B9-A66C-FC851FF6913D}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{42FF222B-C995-40FC-AF97-F784E4A93791}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{426FFB3D-3A92-488D-AF35-67ED68693E2A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3ABE5719-B179-49A6-8EBB-D6210DB130F3}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3A7CA099-4A03-4737-961A-2F21C40AF8FE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{37A92021-E569-47A0-945E-836337FD09EE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3745DFEB-81F2-493D-B255-9F06A90F51A2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3481859E-C5EA-4861-8671-E575A9A06C8A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3238681E-C965-419D-B67E-C1F1F33CE285}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{31DC22EF-6A31-4306-A797-D133E8BEBD27}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{311452FA-460C-407C-B039-E10AE9F0383F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{29B8D09C-EE76-46AD-917D-86265FA1578F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{2851B64D-08FE-402E-A297-CD6F1469CA7B}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{278CA70F-4524-483D-8743-0CD5CC75AC80}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{23F4353B-5DBF-4B17-B3EE-214928476083}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1B804D70-B3D2-460E-AE81-E3E5A9B33F04}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1B11C320-1E22-4EC5-94A1-273E696E72BD}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1A19B618-C2A7-4992-A898-D27FB8CC046D}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{18A6133D-FD7F-4728-B340-4AAAD03EC1DD}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{116831DE-9A69-4426-B069-29F8765F99F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{113EA621-3E68-4B4E-BA68-16EF01326451}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0DCC6294-E128-476C-B570-1D8C8835472E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0B6B6667-3128-444C-BC47-0630A30043D6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0A8ECD0A-BA18-4DF2-8C94-60FBDB995D2A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{03AA10A1-049E-4D0C-AA3C-E165BC6580DF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{03766BED-EDD2-46F6-B4D0-8534BB941D12}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0320955C-1545-4B2A-A4F4-5DAEDE55A248}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{015D44DA-4687-42BA-935A-2FAA362F2286}
[2011.09.30 18:18:04 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\PunkBuster
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\ElevatedDiagnostics
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\dxhr
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Deployment
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apple Computer
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apple
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Adobe
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\28050
[2011.09.30 18:13:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011.09.30 18:13:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2011.09.30 18:13:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2011.09.30 18:12:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011.09.30 18:06:10 | 000,004,608 | ---- | C] (cansoft@livewiredev.com) -- C:\Windows\SysWow64\mbmiodrvr.sys
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motherboard Monitor 5
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MBM 5
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MBM 5
[2011.09.30 18:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\WinRAR
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.09.30 18:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.09.30 17:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2011.09.30 17:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Benutzerregistrierung
[2011.09.30 17:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011.09.30 17:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2011.09.30 17:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
[2011.09.30 17:57:21 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\ts3overlay
[2011.09.30 17:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011.09.30 17:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011.09.30 17:56:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011.09.30 17:56:03 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011.09.30 17:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2011.09.30 17:55:35 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Adobe
[2011.09.30 17:54:28 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011.09.30 17:54:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2011.09.30 17:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011.09.30 17:53:10 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\TS3Client
[2011.09.30 17:50:55 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apps
[2011.09.30 17:48:53 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Realtime Soft
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2011.09.30 17:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011.09.30 17:33:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.09.30 17:30:51 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Macromedia
[2011.09.30 17:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.09.30 17:29:33 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys
[2011.09.30 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\ASUS
[2011.09.30 17:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.09.30 17:19:55 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Microsoft Help
[2011.09.30 17:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.09.30 17:17:52 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Leadertech
[2011.09.30 17:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.09.30 17:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011.09.30 17:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.09.30 17:12:24 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Xfire
[2011.09.30 17:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2011.09.30 17:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2011.09.30 17:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011.09.30 17:11:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2011.09.30 17:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.09.30 17:07:29 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Google
[2011.09.30 17:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2011.09.30 17:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2011.09.30 17:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2011.09.30 17:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2011.09.30 17:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2011.09.30 17:01:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.09.30 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.09.30 17:01:26 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.09.30 17:01:26 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.09.30 17:01:26 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.09.30 17:01:26 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.09.30 17:01:26 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.09.30 17:01:25 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.09.30 17:01:25 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.09.30 17:01:25 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.09.30 17:01:25 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.09.30 17:01:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.09.30 17:01:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.09.30 17:01:23 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.09.30 17:01:23 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.09.30 17:01:21 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.09.30 17:01:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.09.30 17:00:26 | 000,428,136 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.09.30 17:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.09.30 16:59:38 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.09.30 16:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.09.30 16:59:36 | 000,000,000 | ---D | C] -- C:\Intel
[2011.09.30 16:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011.09.30 16:53:41 | 000,016,384 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys
[2011.09.30 16:53:41 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.09.30 16:51:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLSW
[2011.09.30 16:51:58 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HLSW
[2011.09.30 16:51:55 | 005,473,280 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOSDX64.dll
[2011.09.30 16:51:55 | 002,212,864 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKDispCPL.dll
[2011.09.30 16:51:55 | 001,354,240 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atklumdispx.dll
[2011.09.30 16:51:55 | 000,151,040 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx11dispx.dll
[2011.09.30 16:51:55 | 000,150,528 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx10dispx.dll
[2011.09.30 16:51:55 | 000,063,488 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKFUSService.exe
[2011.09.30 16:51:55 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys
[2011.09.30 16:51:55 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\ATKDispLowFilter.sys
[2011.09.30 16:51:55 | 000,016,896 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOGL64.dll
[2011.09.30 16:51:54 | 005,463,552 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOSDX32.dll
[2011.09.30 16:51:54 | 001,336,320 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\ATKLUMDISP.dll
[2011.09.30 16:51:54 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx11disp.dll
[2011.09.30 16:51:54 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx10disp.dll
[2011.09.30 16:51:54 | 000,102,400 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\NetVideo_SBS.ax
[2011.09.30 16:51:54 | 000,102,400 | ---- | C] (ASMedia Techonology) -- C:\Windows\ASMT_CE.dll
[2011.09.30 16:51:54 | 000,071,680 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c.dll
[2011.09.30 16:51:54 | 000,069,632 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c_i.dll
[2011.09.30 16:51:54 | 000,068,608 | ---- | C] (ASMedia Technology) -- C:\Windows\nVGA_i2c.dll
[2011.09.30 16:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\asusgsb.sys
[2011.09.30 16:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\asusgsb.sys
[2011.09.30 16:51:54 | 000,015,360 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOGL32.dll
[2011.09.30 16:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.09.30 16:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.09.30 16:51:15 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011.09.30 16:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011.09.30 16:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011.09.30 16:50:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.09.30 16:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.09.30 16:49:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.09.30 16:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.09.30 16:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.09.30 16:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.09.30 16:48:03 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.09.30 16:43:26 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.09.30 16:43:26 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.09.30 16:43:25 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Searches
[2011.09.30 16:43:15 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Identities
[2011.09.30 16:43:13 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Contacts
[2011.09.30 16:43:12 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\VirtualStore
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Vorlagen
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Verlauf
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Temporary Internet Files
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Startmenü
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\SendTo
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Recent
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Netzwerkumgebung
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Lokale Einstellungen
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Videos
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Musik
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Eigene Dateien
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Bilder
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Druckumgebung
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Cookies
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Anwendungsdaten
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Anwendungsdaten
[2011.09.30 16:43:00 | 000,000,000 | --SD | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Videos
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Saved Games
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Pictures
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Music
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Links
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Favorites
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Downloads
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Documents
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Desktop
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.09.30 16:43:00 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\AppData
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Temp
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Microsoft
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Media Center Programs
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.09.28 18:57:30 | 000,000,000 | ---D | C] -- C:\Users\shiddi\.shsh
[2011.09.28 18:57:02 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Oma_Buch
[2011.09.28 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\nuschi
[2011.09.28 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Melanie
[2011.09.28 18:56:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\mama
[2011.09.28 18:55:38 | 000,000,000 | ---D | C] -- C:\Users\shiddi\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.17 17:33:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.17 17:33:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.17 17:27:39 | 000,337,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.17 17:27:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.17 17:27:25 | 4271,566,846 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.17 17:17:16 | 000,001,220 | ---- | M] () -- C:\prefs.js
[2011.10.17 17:12:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000UA.job
[2011.10.17 17:12:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000Core.job
[2011.10.17 16:55:39 | 000,000,020 | ---- | M] () -- C:\Users\shiddi\defogger_reenable
[2011.10.17 16:52:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
[2011.10.17 16:25:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.16 17:55:27 | 003,497,209 | ---- | M] () -- C:\Users\shiddi\Desktop\world1.rar
[2011.10.16 17:47:24 | 097,064,147 | ---- | M] () -- C:\Users\shiddi\Desktop\world1.wld
[2011.10.15 19:28:59 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.15 19:28:59 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.15 19:28:59 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.15 19:28:59 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.15 19:28:59 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.15 17:43:37 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011.10.15 16:03:48 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.10.15 16:03:48 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.15 16:02:51 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.10.13 22:29:40 | 000,042,392 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 22:29:40 | 000,028,056 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.09 15:33:52 | 000,000,562 | ---- | M] () -- C:\Users\shiddi\Desktop\Terrafirma.lnk
[2011.10.09 01:30:43 | 000,000,704 | ---- | M] () -- C:\Users\shiddi\Documents\ax_files.xml
[2011.10.08 12:13:04 | 016,129,083 | ---- | M] () -- C:\Users\shiddi\Desktop\SKIDROW.rar
[2011.10.07 22:08:39 | 000,025,004 | ---- | M] () -- C:\Users\shiddi\Desktop\www.rofl.to_you-are-gay.jpg
[2011.10.06 21:22:15 | 000,206,051 | ---- | M] () -- C:\Users\shiddi\Desktop\ts3 übersicht.jpg
[2011.10.05 18:14:36 | 000,000,589 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk
[2011.10.05 18:13:50 | 000,000,509 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk
[2011.10.05 17:03:27 | 000,000,798 | ---- | M] () -- C:\Users\shiddi\Desktop\Client.exe - Verknüpfung.lnk
[2011.10.05 16:45:43 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2011.10.05 16:45:39 | 000,230,864 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011.10.02 03:06:03 | 001,588,762 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.01 23:50:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2011.10.01 22:27:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.01 12:54:00 | 406,888,288 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.10.01 12:42:27 | 000,000,490 | ---- | M] () -- C:\Users\shiddi\Desktop\Driver.exe - Verknüpfung.lnk
[2011.09.30 23:33:35 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.09.30 22:38:59 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.09.30 22:38:59 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.09.30 22:36:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.30 20:46:15 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.30 20:38:53 | 000,001,105 | ---- | M] () -- C:\Users\shiddi\Desktop\Terraria.exe - Verknüpfung.lnk
[2011.09.30 17:48:52 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011.09.30 17:46:23 | 000,000,273 | ---- | M] () -- C:\Windows\game.ini
[2011.09.30 17:12:23 | 000,000,517 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2011.09.30 17:11:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.09.30 17:04:48 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\ControlCenter.lnk
[2011.09.30 17:04:37 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2011.09.30 16:53:41 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys
[2011.09.30 16:51:15 | 000,000,514 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2011.09.30 16:41:11 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2011.09.20 01:22:34 | 000,007,600 | ---- | M] () -- C:\Users\shiddi\AppData\Local\resmon.resmoncfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.10.17 16:55:39 | 000,000,020 | ---- | C] () -- C:\Users\shiddi\defogger_reenable
[2011.10.17 16:25:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.16 17:55:57 | 097,064,147 | ---- | C] () -- C:\Users\shiddi\Desktop\world1.wld
[2011.10.16 17:28:22 | 003,497,209 | ---- | C] () -- C:\Users\shiddi\Desktop\world1.rar
[2011.10.15 17:43:37 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011.10.13 22:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 22:29:40 | 000,028,056 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.09 15:33:52 | 000,000,562 | ---- | C] () -- C:\Users\shiddi\Desktop\Terrafirma.lnk
[2011.10.08 12:13:00 | 016,129,083 | ---- | C] () -- C:\Users\shiddi\Desktop\SKIDROW.rar
[2011.10.07 22:08:39 | 000,025,004 | ---- | C] () -- C:\Users\shiddi\Desktop\www.rofl.to_you-are-gay.jpg
[2011.10.06 21:22:15 | 000,206,051 | ---- | C] () -- C:\Users\shiddi\Desktop\ts3 übersicht.jpg
[2011.10.05 18:14:36 | 000,000,589 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk
[2011.10.05 18:13:50 | 000,000,509 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk
[2011.10.05 17:03:27 | 000,000,798 | ---- | C] () -- C:\Users\shiddi\Desktop\Client.exe - Verknüpfung.lnk
[2011.10.05 16:45:43 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2011.10.05 15:09:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.02 20:35:22 | 000,001,220 | ---- | C] () -- C:\prefs.js
[2011.10.02 20:32:19 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.10.02 20:32:19 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.10.02 20:32:19 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.10.01 23:50:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2011.10.01 12:42:27 | 000,000,490 | ---- | C] () -- C:\Users\shiddi\Desktop\Driver.exe - Verknüpfung.lnk
[2011.09.30 23:33:35 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011.09.30 23:33:33 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2011.09.30 22:38:51 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.09.30 22:38:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.09.30 22:36:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.30 22:34:34 | 4271,566,846 | -HS- | C] () -- C:\hiberfil.sys
[2011.09.30 20:42:34 | 001,588,762 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.30 19:16:14 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.09.30 18:20:47 | 000,000,704 | ---- | C] () -- C:\Users\shiddi\Documents\ax_files.xml
[2011.09.30 18:19:40 | 000,013,712 | ---- | C] () -- C:\Users\shiddi\Desktop\test.jpg
[2011.09.30 18:19:39 | 016,707,028 | ---- | C] () -- C:\Users\shiddi\Desktop\terraria.serhanp.rar
[2011.09.30 18:19:39 | 000,043,553 | ---- | C] () -- C:\Users\shiddi\Desktop\o.jpg
[2011.09.30 18:19:39 | 000,001,105 | ---- | C] () -- C:\Users\shiddi\Desktop\Terraria.exe - Verknüpfung.lnk
[2011.09.30 18:17:22 | 000,007,600 | ---- | C] () -- C:\Users\shiddi\AppData\Local\resmon.resmoncfg
[2011.09.30 17:55:56 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2011.09.30 17:55:56 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2011.09.30 17:48:52 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011.09.30 17:48:52 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011.09.30 17:46:25 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.30 17:46:25 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.09.30 17:46:24 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.30 17:46:23 | 000,000,273 | ---- | C] () -- C:\Windows\game.ini
[2011.09.30 17:33:11 | 406,888,288 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.09.30 17:12:23 | 000,000,517 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2011.09.30 17:11:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.09.30 17:07:30 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000UA.job
[2011.09.30 17:07:29 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000Core.job
[2011.09.30 17:04:48 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\ControlCenter.lnk
[2011.09.30 17:04:37 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2011.09.30 17:00:26 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011.09.30 16:51:55 | 000,001,849 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.inf
[2011.09.30 16:51:54 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.09.30 16:51:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.09.30 16:51:54 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2011.09.30 16:51:54 | 000,010,766 | ---- | C] () -- C:\Windows\SysNative\asusgsb.cat
[2011.09.30 16:51:54 | 000,010,733 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.cat
[2011.09.30 16:51:54 | 000,002,963 | ---- | C] () -- C:\Windows\SysWow64\xvid.inf
[2011.09.30 16:51:54 | 000,002,109 | ---- | C] () -- C:\Windows\SysNative\asusgsb.inf
[2011.09.30 16:51:15 | 000,000,514 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2011.09.30 16:49:16 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.09.30 16:43:32 | 000,001,405 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.30 16:43:28 | 000,001,439 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.30 16:41:11 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2011.08.03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.27 11:13:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.10.04 17:13:01 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Canon
[2011.09.30 18:18:49 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\CD-LabelPrint
[2011.09.30 18:18:49 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\DisplayFusion
[2011.10.17 17:28:53 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HLSW
[2011.10.15 17:33:08 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HTC
[2011.10.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.09.30 17:17:52 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Leadertech
[2011.09.30 23:05:38 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Notepad++
[2011.09.30 19:03:45 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Origin
[2011.10.16 16:09:38 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\QuickScan
[2011.09.30 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\redsn0w
[2011.09.30 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Software Informer
[2011.10.05 16:53:03 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\TrueCrypt
[2011.09.30 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\TS3Client
[2011.09.30 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\ts3overlay
[2009.07.14 07:08:49 | 000,011,466 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.09.30 16:43:13 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.09.30 23:33:33 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.10.17 17:27:25 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.30 16:59:36 | 000,000,000 | ---D | M] -- C:\Intel
[2011.10.01 17:37:45 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.17 17:21:13 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.17 17:21:44 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.17 16:25:21 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.17 17:44:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.02 12:23:07 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.17 17:21:44 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

--- --- ---

Hoff das hilft dir/uns weiter

cosinus · 18.10.2011, 20:34

Ist IMHO unauffällig

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-a...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Shiddi · 19.10.2011, 14:21

Hi, danke für deine schnelle Antwort.

Hier der Log:

Zitat:

15:12:31.0630 1860 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
15:12:31.0669 1860 ============================================================
15:12:31.0669 1860 Current date / time: 2011/10/19 15:12:31.0669
15:12:31.0669 1860 SystemInfo:
15:12:31.0669 1860
15:12:31.0669 1860 OS Version: 6.1.7600 ServicePack: 0.0
15:12:31.0669 1860 Product type: Workstation
15:12:31.0669 1860 ComputerName: SHIDDI-PC
15:12:31.0669 1860 UserName: shiddi
15:12:31.0669 1860 Windows directory: C:\Windows
15:12:31.0669 1860 System windows directory: C:\Windows
15:12:31.0669 1860 Running under WOW64
15:12:31.0669 1860 Processor architecture: Intel x64
15:12:31.0669 1860 Number of processors: 8
15:12:31.0669 1860 Page size: 0x1000
15:12:31.0669 1860 Boot type: Normal boot
15:12:31.0669 1860 ============================================================
15:12:33.0242 1860 Initialize success
15:13:09.0026 3524 ============================================================
15:13:09.0026 3524 Scan started
15:13:09.0026 3524 Mode: Manual;
15:13:09.0026 3524 ============================================================
15:13:09.0947 3524 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:13:09.0950 3524 1394ohci - ok
15:13:09.0986 3524 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:13:09.0990 3524 ACPI - ok
15:13:10.0005 3524 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:13:10.0005 3524 AcpiPmi - ok
15:13:10.0052 3524 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:13:10.0061 3524 adp94xx - ok
15:13:10.0082 3524 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:13:10.0084 3524 adpahci - ok
15:13:10.0106 3524 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:13:10.0107 3524 adpu320 - ok
15:13:10.0159 3524 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
15:13:10.0163 3524 AFD - ok
15:13:10.0187 3524 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:13:10.0188 3524 agp440 - ok
15:13:10.0204 3524 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:13:10.0206 3524 aliide - ok
15:13:10.0226 3524 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:13:10.0226 3524 amdide - ok
15:13:10.0234 3524 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:13:10.0238 3524 AmdK8 - ok
15:13:10.0243 3524 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:13:10.0244 3524 AmdPPM - ok
15:13:10.0278 3524 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:13:10.0279 3524 amdsata - ok
15:13:10.0324 3524 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:13:10.0325 3524 amdsbs - ok
15:13:10.0348 3524 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:13:10.0356 3524 amdxata - ok
15:13:10.0408 3524 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:13:10.0409 3524 AppID - ok
15:13:10.0429 3524 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:13:10.0430 3524 arc - ok
15:13:10.0442 3524 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:13:10.0443 3524 arcsas - ok
15:13:10.0487 3524 asusgsb (a4398a8914c32f18ec2ab562cba3caaf) C:\Windows\system32\drivers\asusgsb.sys
15:13:10.0490 3524 asusgsb - ok
15:13:10.0517 3524 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:13:10.0518 3524 AsyncMac - ok
15:13:10.0534 3524 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:13:10.0535 3524 atapi - ok
15:13:10.0581 3524 atkdisplf (fb4187c282cb467e5e606913a1fa79a3) C:\Windows\system32\Drivers\atkdisplowfilter.sys
15:13:10.0585 3524 atkdisplf - ok
15:13:10.0623 3524 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:13:10.0628 3524 avgntflt - ok
15:13:10.0648 3524 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
15:13:10.0654 3524 avipbb - ok
15:13:10.0673 3524 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:13:10.0677 3524 avkmgr - ok
15:13:10.0708 3524 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:13:10.0713 3524 b06bdrv - ok
15:13:10.0723 3524 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:13:10.0726 3524 b57nd60a - ok
15:13:10.0749 3524 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:13:10.0751 3524 Beep - ok
15:13:10.0781 3524 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:13:10.0784 3524 blbdrive - ok
15:13:10.0816 3524 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:13:10.0821 3524 bowser - ok
15:13:10.0829 3524 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:13:10.0832 3524 BrFiltLo - ok
15:13:10.0839 3524 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:13:10.0840 3524 BrFiltUp - ok
15:13:10.0863 3524 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:13:10.0865 3524 Brserid - ok
15:13:10.0877 3524 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:13:10.0878 3524 BrSerWdm - ok
15:13:10.0885 3524 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:13:10.0885 3524 BrUsbMdm - ok
15:13:10.0894 3524 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:13:10.0894 3524 BrUsbSer - ok
15:13:10.0903 3524 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:13:10.0907 3524 BTHMODEM - ok
15:13:10.0927 3524 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:13:10.0932 3524 cdfs - ok
15:13:10.0952 3524 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:13:10.0958 3524 cdrom - ok
15:13:10.0967 3524 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:13:10.0968 3524 circlass - ok
15:13:10.0999 3524 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:13:11.0016 3524 CLFS - ok
15:13:11.0077 3524 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:13:11.0080 3524 CmBatt - ok
15:13:11.0132 3524 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:13:11.0136 3524 cmdide - ok
15:13:11.0224 3524 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:13:11.0229 3524 CNG - ok
15:13:11.0246 3524 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:13:11.0247 3524 Compbatt - ok
15:13:11.0255 3524 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:13:11.0260 3524 CompositeBus - ok
15:13:11.0419 3524 cpuz132 - ok
15:13:11.0635 3524 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
15:13:11.0669 3524 cpuz135 - ok
15:13:11.0679 3524 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:13:11.0679 3524 crcdisk - ok
15:13:11.0720 3524 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
15:13:11.0734 3524 CSC - ok
15:13:11.0781 3524 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:13:11.0787 3524 DfsC - ok
15:13:11.0805 3524 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:13:11.0806 3524 discache - ok
15:13:11.0821 3524 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:13:11.0822 3524 Disk - ok
15:13:11.0852 3524 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:13:11.0852 3524 drmkaud - ok
15:13:11.0963 3524 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
15:13:11.0993 3524 DXGKrnl - ok
15:13:12.0194 3524 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:13:12.0268 3524 ebdrv - ok
15:13:12.0304 3524 EIO64 (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
15:13:12.0319 3524 EIO64 - ok
15:13:12.0375 3524 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:13:12.0380 3524 elxstor - ok
15:13:12.0401 3524 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:13:12.0403 3524 ErrDev - ok
15:13:12.0418 3524 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:13:12.0430 3524 exfat - ok
15:13:12.0442 3524 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:13:12.0444 3524 fastfat - ok
15:13:12.0453 3524 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:13:12.0465 3524 fdc - ok
15:13:12.0485 3524 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:13:12.0486 3524 FileInfo - ok
15:13:12.0496 3524 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:13:12.0496 3524 Filetrace - ok
15:13:12.0503 3524 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:13:12.0522 3524 flpydisk - ok
15:13:12.0536 3524 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:13:12.0545 3524 FltMgr - ok
15:13:12.0561 3524 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:13:12.0565 3524 FsDepends - ok
15:13:12.0582 3524 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:13:12.0584 3524 Fs_Rec - ok
15:13:12.0616 3524 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:13:12.0619 3524 fvevol - ok
15:13:12.0626 3524 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:13:12.0638 3524 gagp30kx - ok
15:13:12.0648 3524 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:13:12.0649 3524 hcw85cir - ok
15:13:12.0680 3524 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:13:12.0683 3524 HdAudAddService - ok
15:13:12.0708 3524 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:13:12.0708 3524 HDAudBus - ok
15:13:12.0716 3524 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:13:12.0716 3524 HidBatt - ok
15:13:12.0727 3524 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:13:12.0728 3524 HidBth - ok
15:13:12.0735 3524 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:13:12.0736 3524 HidIr - ok
15:13:12.0750 3524 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:13:12.0753 3524 HidUsb - ok
15:13:12.0769 3524 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:13:12.0774 3524 HpSAMD - ok
15:13:12.0814 3524 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:13:12.0826 3524 HTCAND64 - ok
15:13:12.0845 3524 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
15:13:12.0845 3524 htcnprot - ok
15:13:12.0873 3524 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:13:12.0880 3524 HTTP - ok
15:13:12.0990 3524 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:13:12.0990 3524 hwpolicy - ok
15:13:13.0047 3524 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:13:13.0084 3524 i8042prt - ok
15:13:13.0137 3524 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:13:13.0170 3524 iaStorV - ok
15:13:13.0380 3524 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:13:13.0381 3524 iirsp - ok
15:13:13.0508 3524 IntcAzAudAddService (177b4e48c7a288e70779b42ab81d2d06) C:\Windows\system32\drivers\RTKVHD64.sys
15:13:13.0536 3524 IntcAzAudAddService - ok
15:13:13.0556 3524 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:13:13.0559 3524 intelide - ok
15:13:13.0571 3524 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:13:13.0571 3524 intelppm - ok
15:13:13.0589 3524 IOMap (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
15:13:13.0589 3524 IOMap - ok
15:13:13.0622 3524 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:13:13.0623 3524 IpFilterDriver - ok
15:13:13.0633 3524 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:13:13.0633 3524 IPMIDRV - ok
15:13:13.0643 3524 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:13:13.0645 3524 IPNAT - ok
15:13:13.0662 3524 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:13:13.0666 3524 IRENUM - ok
15:13:13.0679 3524 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:13:13.0679 3524 isapnp - ok
15:13:13.0799 3524 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:13:13.0817 3524 iScsiPrt - ok
15:13:13.0844 3524 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:13:13.0848 3524 kbdclass - ok
15:13:13.0869 3524 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:13:13.0873 3524 kbdhid - ok
15:13:13.0896 3524 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:13:13.0897 3524 KSecDD - ok
15:13:13.0941 3524 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:13:13.0943 3524 KSecPkg - ok
15:13:13.0952 3524 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:13:13.0955 3524 ksthunk - ok
15:13:13.0980 3524 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
15:13:13.0985 3524 LADF_DHP2 - ok
15:13:14.0013 3524 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
15:13:14.0030 3524 LADF_SBVM - ok
15:13:14.0077 3524 LHidFilt (5d00693e33a01690911572925bb89461) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:13:14.0081 3524 LHidFilt - ok
15:13:14.0108 3524 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:13:14.0112 3524 lltdio - ok
15:13:14.0146 3524 LMouFilt (a0d8d290370f4b42c5a7284947eaffea) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:13:14.0150 3524 LMouFilt - ok
15:13:14.0182 3524 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:13:14.0187 3524 LSI_FC - ok
15:13:14.0201 3524 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:13:14.0207 3524 LSI_SAS - ok
15:13:14.0224 3524 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:13:14.0225 3524 LSI_SAS2 - ok
15:13:14.0237 3524 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:13:14.0243 3524 LSI_SCSI - ok
15:13:14.0260 3524 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:13:14.0264 3524 luafv - ok
15:13:14.0299 3524 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
15:13:14.0301 3524 MBAMProtector - ok
15:13:14.0329 3524 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
15:13:14.0333 3524 MBfilt - ok
15:13:14.0505 3524 mbmiodrvr (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
15:13:14.0506 3524 mbmiodrvr - ok
15:13:14.0543 3524 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:13:14.0544 3524 megasas - ok
15:13:14.0562 3524 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:13:14.0565 3524 MegaSR - ok
15:13:14.0585 3524 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:13:14.0586 3524 Modem - ok
15:13:14.0602 3524 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:13:14.0603 3524 monitor - ok
15:13:14.0618 3524 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:13:14.0622 3524 mouclass - ok
15:13:14.0637 3524 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:13:14.0641 3524 mouhid - ok
15:13:14.0660 3524 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:13:14.0661 3524 mountmgr - ok
15:13:14.0675 3524 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:13:14.0683 3524 mpio - ok
15:13:14.0698 3524 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:13:14.0702 3524 mpsdrv - ok
15:13:14.0713 3524 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:13:14.0715 3524 MRxDAV - ok
15:13:14.0748 3524 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:13:14.0754 3524 mrxsmb - ok
15:13:14.0773 3524 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:13:14.0782 3524 mrxsmb10 - ok
15:13:14.0816 3524 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:13:14.0821 3524 mrxsmb20 - ok
15:13:14.0832 3524 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:13:14.0833 3524 msahci - ok
15:13:14.0854 3524 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:13:14.0855 3524 msdsm - ok
15:13:14.0884 3524 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:13:14.0887 3524 Msfs - ok
15:13:14.0906 3524 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:13:14.0907 3524 mshidkmdf - ok
15:13:14.0916 3524 MSICDSetup - ok
15:13:14.0935 3524 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:13:14.0935 3524 msisadrv - ok
15:13:15.0000 3524 MSI_MSIBIOS_010507 (192476c10371dc83243d67432b2cdcbf) C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys
15:13:15.0000 3524 MSI_MSIBIOS_010507 - ok
15:13:15.0121 3524 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:13:15.0122 3524 MSKSSRV - ok
15:13:15.0142 3524 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:13:15.0143 3524 MSPCLOCK - ok
15:13:15.0151 3524 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:13:15.0152 3524 MSPQM - ok
15:13:15.0172 3524 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:13:15.0177 3524 MsRPC - ok
15:13:15.0193 3524 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:13:15.0194 3524 mssmbios - ok
15:13:15.0202 3524 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:13:15.0204 3524 MSTEE - ok
15:13:15.0216 3524 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:13:15.0220 3524 MTConfig - ok
15:13:15.0236 3524 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:13:15.0237 3524 Mup - ok
15:13:15.0267 3524 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:13:15.0278 3524 NativeWifiP - ok
15:13:15.0320 3524 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:13:15.0331 3524 NDIS - ok
15:13:15.0353 3524 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:13:15.0354 3524 NdisCap - ok
15:13:15.0372 3524 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:13:15.0375 3524 NdisTapi - ok
15:13:15.0419 3524 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:13:15.0425 3524 Ndisuio - ok
15:13:15.0449 3524 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:13:15.0457 3524 NdisWan - ok
15:13:15.0475 3524 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:13:15.0479 3524 NDProxy - ok
15:13:15.0501 3524 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:13:15.0505 3524 NetBIOS - ok
15:13:15.0529 3524 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:13:15.0532 3524 NetBT - ok
15:13:15.0580 3524 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:13:15.0585 3524 nfrd960 - ok
15:13:15.0613 3524 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:13:15.0617 3524 Npfs - ok
15:13:15.0639 3524 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:13:15.0640 3524 nsiproxy - ok
15:13:15.0709 3524 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:13:15.0739 3524 Ntfs - ok
15:13:15.0806 3524 NTIOLib_1_0_4 (1b32c54b95121ab1683c7b83b2db4b96) C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
15:13:15.0807 3524 NTIOLib_1_0_4 - ok
15:13:15.0815 3524 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:13:15.0817 3524 Null - ok
15:13:15.0847 3524 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:13:15.0853 3524 nusb3hub - ok
15:13:15.0873 3524 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:13:15.0881 3524 nusb3xhc - ok
15:13:15.0941 3524 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
15:13:15.0957 3524 NVHDA - ok
15:13:16.0401 3524 nvlddmkm (f87fc68f90b09f06ebaaad687e2e83a5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:13:16.0451 3524 nvlddmkm - ok
15:13:16.0495 3524 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:13:16.0496 3524 nvraid - ok
15:13:16.0541 3524 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:13:16.0543 3524 nvstor - ok
15:13:16.0611 3524 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:13:16.0616 3524 nv_agp - ok
15:13:16.0624 3524 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:13:16.0628 3524 ohci1394 - ok
15:13:16.0639 3524 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:13:16.0639 3524 Parport - ok
15:13:16.0656 3524 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:13:16.0660 3524 partmgr - ok
15:13:16.0681 3524 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:13:16.0682 3524 pci - ok
15:13:16.0696 3524 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:13:16.0697 3524 pciide - ok
15:13:16.0706 3524 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:13:16.0707 3524 pcmcia - ok
15:13:16.0724 3524 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:13:16.0724 3524 pcw - ok
15:13:16.0782 3524 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:13:16.0795 3524 PEAUTH - ok
15:13:16.0843 3524 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:13:16.0847 3524 PptpMiniport - ok
15:13:16.0869 3524 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:13:16.0870 3524 Processor - ok
15:13:16.0892 3524 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:13:16.0893 3524 Psched - ok
15:13:16.0932 3524 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:13:16.0948 3524 ql2300 - ok
15:13:17.0015 3524 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:13:17.0017 3524 ql40xx - ok
15:13:17.0068 3524 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:13:17.0069 3524 QWAVEdrv - ok
15:13:17.0109 3524 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:13:17.0109 3524 RasAcd - ok
15:13:17.0142 3524 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:13:17.0146 3524 RasAgileVpn - ok
15:13:17.0166 3524 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:13:17.0172 3524 Rasl2tp - ok
15:13:17.0194 3524 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:13:17.0199 3524 RasPppoe - ok
15:13:17.0214 3524 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:13:17.0219 3524 RasSstp - ok
15:13:17.0246 3524 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:13:17.0256 3524 rdbss - ok
15:13:17.0268 3524 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:13:17.0272 3524 rdpbus - ok
15:13:17.0295 3524 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:13:17.0296 3524 RDPCDD - ok
15:13:17.0308 3524 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
15:13:17.0309 3524 RDPDR - ok
15:13:17.0399 3524 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:13:17.0400 3524 RDPENCDD - ok
15:13:17.0435 3524 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:13:17.0435 3524 RDPREFMP - ok
15:13:17.0467 3524 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:13:17.0480 3524 RDPWD - ok
15:13:17.0515 3524 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:13:17.0517 3524 rdyboost - ok
15:13:17.0556 3524 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:13:17.0561 3524 rspndr - ok
15:13:17.0603 3524 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:13:17.0623 3524 RTL8167 - ok
15:13:17.0660 3524 RzSynapse (24510c4a77aba3b07aefa840db888637) C:\Windows\system32\DRIVERS\RzSynapse.sys
15:13:17.0665 3524 RzSynapse - ok
15:13:17.0680 3524 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
15:13:17.0680 3524 s3cap - ok
15:13:17.0702 3524 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:13:17.0727 3524 sbp2port - ok
15:13:17.0759 3524 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:13:17.0784 3524 scfilter - ok
15:13:17.0813 3524 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:13:17.0817 3524 secdrv - ok
15:13:17.0847 3524 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:13:17.0850 3524 Serenum - ok
15:13:17.0882 3524 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:13:17.0887 3524 Serial - ok
15:13:17.0905 3524 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:13:17.0905 3524 sermouse - ok
15:13:17.0921 3524 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:13:17.0924 3524 sffdisk - ok
15:13:17.0932 3524 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:13:17.0935 3524 sffp_mmc - ok
15:13:17.0945 3524 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:13:17.0946 3524 sffp_sd - ok
15:13:17.0954 3524 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:13:17.0955 3524 sfloppy - ok
15:13:17.0979 3524 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:13:17.0984 3524 SiSRaid2 - ok
15:13:17.0996 3524 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:13:18.0001 3524 SiSRaid4 - ok
15:13:18.0010 3524 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:13:18.0011 3524 Smb - ok
15:13:18.0028 3524 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:13:18.0031 3524 spldr - ok
15:13:18.0182 3524 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\System32\Drivers\sptd.sys
15:13:18.0380 3524 sptd - ok
15:13:18.0443 3524 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:13:18.0454 3524 srv - ok
15:13:18.0481 3524 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:13:18.0493 3524 srv2 - ok
15:13:18.0546 3524 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:13:18.0553 3524 srvnet - ok
15:13:18.0657 3524 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:13:18.0791 3524 stexstor - ok
15:13:18.0812 3524 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:13:18.0813 3524 storflt - ok
15:13:18.0823 3524 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
15:13:18.0827 3524 storvsc - ok
15:13:18.0840 3524 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:13:18.0843 3524 swenum - ok
15:13:18.0965 3524 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
15:13:18.0997 3524 Tcpip - ok
15:13:19.0032 3524 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
15:13:19.0046 3524 TCPIP6 - ok
15:13:19.0064 3524 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:13:19.0074 3524 tcpipreg - ok
15:13:19.0120 3524 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:13:19.0121 3524 TDPIPE - ok
15:13:19.0142 3524 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:13:19.0143 3524 TDTCP - ok
15:13:19.0188 3524 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:13:19.0211 3524 tdx - ok
15:13:19.0235 3524 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:13:19.0240 3524 TermDD - ok
15:13:19.0291 3524 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
15:13:19.0305 3524 truecrypt - ok
15:13:19.0347 3524 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:13:19.0348 3524 tssecsrv - ok
15:13:19.0373 3524 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:13:19.0380 3524 tunnel - ok
15:13:19.0412 3524 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
15:13:19.0416 3524 TurboB - ok
15:13:19.0426 3524 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:13:19.0427 3524 uagp35 - ok
15:13:19.0456 3524 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:13:19.0465 3524 udfs - ok
15:13:19.0479 3524 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:13:19.0480 3524 uliagpkx - ok
15:13:19.0587 3524 UltraMonUtility (694bcf23662f97d987cf4c6739c35f8b) C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
15:13:19.0601 3524 UltraMonUtility - ok
15:13:19.0627 3524 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:13:19.0644 3524 umbus - ok
15:13:19.0678 3524 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:13:19.0678 3524 UmPass - ok
15:13:19.0727 3524 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:13:19.0733 3524 usbaudio - ok
15:13:19.0768 3524 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
15:13:19.0774 3524 usbccgp - ok
15:13:19.0786 3524 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:13:19.0793 3524 usbcir - ok
15:13:19.0815 3524 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
15:13:19.0820 3524 usbehci - ok
15:13:19.0837 3524 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
15:13:19.0848 3524 usbhub - ok
15:13:19.0884 3524 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
15:13:19.0887 3524 usbohci - ok
15:13:19.0920 3524 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:13:19.0920 3524 usbprint - ok
15:13:19.0960 3524 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:13:19.0970 3524 usbscan - ok
15:13:20.0006 3524 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:13:20.0008 3524 USBSTOR - ok
15:13:20.0029 3524 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
15:13:20.0033 3524 usbuhci - ok
15:13:20.0062 3524 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:13:20.0066 3524 vdrvroot - ok
15:13:20.0086 3524 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:13:20.0087 3524 vga - ok
15:13:20.0095 3524 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:13:20.0099 3524 VgaSave - ok
15:13:20.0123 3524 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:13:20.0125 3524 vhdmp - ok
15:13:20.0146 3524 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:13:20.0150 3524 viaide - ok
15:13:20.0169 3524 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
15:13:20.0171 3524 vmbus - ok
15:13:20.0180 3524 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:13:20.0183 3524 VMBusHID - ok
15:13:20.0206 3524 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:13:20.0211 3524 volmgr - ok
15:13:20.0228 3524 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:13:20.0232 3524 volmgrx - ok
15:13:20.0257 3524 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:13:20.0266 3524 volsnap - ok
15:13:20.0290 3524 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:13:20.0292 3524 vsmraid - ok
15:13:20.0326 3524 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:13:20.0327 3524 vwifibus - ok
15:13:20.0381 3524 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:13:20.0382 3524 WacomPen - ok
15:13:20.0411 3524 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:13:20.0417 3524 WANARP - ok
15:13:20.0421 3524 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:13:20.0422 3524 Wanarpv6 - ok
15:13:20.0441 3524 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:13:20.0441 3524 Wd - ok
15:13:20.0473 3524 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:13:20.0485 3524 Wdf01000 - ok
15:13:20.0503 3524 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:13:20.0504 3524 WfpLwf - ok
15:13:20.0519 3524 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:13:20.0521 3524 WIMMount - ok
15:13:20.0565 3524 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:13:20.0566 3524 WmiAcpi - ok
15:13:20.0591 3524 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:13:20.0592 3524 ws2ifsl - ok
15:13:20.0616 3524 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:13:20.0627 3524 WudfPf - ok
15:13:20.0648 3524 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:13:20.0654 3524 WUDFRd - ok
15:13:20.0667 3524 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:13:20.0676 3524 \Device\Harddisk1\DR1 - ok
15:13:20.0678 3524 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:13:20.0681 3524 \Device\Harddisk0\DR0 - ok
15:13:20.0690 3524 Boot (0x1200) (dfa9edb4561a492aafb654766996306a) \Device\Harddisk1\DR1\Partition0
15:13:20.0697 3524 \Device\Harddisk1\DR1\Partition0 - ok
15:13:20.0729 3524 Boot (0x1200) (7d33cc3d4299974a341d16ee01bcba4d) \Device\Harddisk1\DR1\Partition1
15:13:20.0730 3524 \Device\Harddisk1\DR1\Partition1 - ok
15:13:20.0747 3524 Boot (0x1200) (55c84bee2919934b4bd081cfc31dda9b) \Device\Harddisk1\DR1\Partition2
15:13:20.0747 3524 \Device\Harddisk1\DR1\Partition2 - ok
15:13:20.0749 3524 Boot (0x1200) (e0f1e43a6a40d2441ec0ac53413e1cc2) \Device\Harddisk0\DR0\Partition0
15:13:20.0750 3524 \Device\Harddisk0\DR0\Partition0 - ok
15:13:20.0752 3524 Boot (0x1200) (d6282a99bd6e432937dc2a020937d379) \Device\Harddisk0\DR0\Partition1
15:13:20.0752 3524 \Device\Harddisk0\DR0\Partition1 - ok
15:13:20.0754 3524 Boot (0x1200) (81e59dfa501b7ed3b03bc612a5c6f9cb) \Device\Harddisk0\DR0\Partition2
15:13:20.0755 3524 \Device\Harddisk0\DR0\Partition2 - ok
15:13:20.0757 3524 Boot (0x1200) (6c97819b1fba1708aa3c1a58ddf1d6e0) \Device\Harddisk0\DR0\Partition3
15:13:20.0758 3524 \Device\Harddisk0\DR0\Partition3 - ok
15:13:20.0760 3524 Boot (0x1200) (9980a32e1adc3dbf13fa4d6353cad572) \Device\Harddisk0\DR0\Partition4
15:13:20.0760 3524 \Device\Harddisk0\DR0\Partition4 - ok
15:13:20.0761 3524 ============================================================
15:13:20.0761 3524 Scan finished
15:13:20.0761 3524 ============================================================
15:13:20.0768 4496 Detected object count: 0
15:13:20.0768 4496 Actual detected object count: 0
15:14:10.0161 3908 ============================================================
15:14:10.0161 3908 Scan started
15:14:10.0161 3908 Mode: Manual;
15:14:10.0161 3908 ============================================================
15:14:11.0487 3908 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:14:11.0487 3908 1394ohci - ok
15:14:11.0518 3908 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:14:11.0518 3908 ACPI - ok
15:14:11.0534 3908 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:14:11.0534 3908 AcpiPmi - ok
15:14:11.0565 3908 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:14:11.0565 3908 adp94xx - ok
15:14:11.0580 3908 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:14:11.0580 3908 adpahci - ok
15:14:11.0612 3908 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:14:11.0627 3908 adpu320 - ok
15:14:11.0658 3908 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
15:14:11.0658 3908 AFD - ok
15:14:11.0674 3908 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:14:11.0674 3908 agp440 - ok
15:14:11.0690 3908 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:14:11.0690 3908 aliide - ok
15:14:11.0705 3908 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:14:11.0705 3908 amdide - ok
15:14:11.0721 3908 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:14:11.0721 3908 AmdK8 - ok
15:14:11.0721 3908 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:14:11.0721 3908 AmdPPM - ok
15:14:11.0752 3908 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:14:11.0752 3908 amdsata - ok
15:14:11.0768 3908 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:14:11.0768 3908 amdsbs - ok
15:14:11.0799 3908 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:14:11.0799 3908 amdxata - ok
15:14:11.0799 3908 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:14:11.0814 3908 AppID - ok
15:14:11.0830 3908 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:14:11.0830 3908 arc - ok
15:14:11.0861 3908 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:14:11.0861 3908 arcsas - ok
15:14:11.0892 3908 asusgsb (a4398a8914c32f18ec2ab562cba3caaf) C:\Windows\system32\drivers\asusgsb.sys
15:14:11.0892 3908 asusgsb - ok
15:14:11.0924 3908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:11.0924 3908 AsyncMac - ok
15:14:11.0939 3908 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:14:11.0939 3908 atapi - ok
15:14:11.0955 3908 atkdisplf (fb4187c282cb467e5e606913a1fa79a3) C:\Windows\system32\Drivers\atkdisplowfilter.sys
15:14:11.0955 3908 atkdisplf - ok
15:14:12.0002 3908 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:14:12.0002 3908 avgntflt - ok
15:14:12.0033 3908 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
15:14:12.0033 3908 avipbb - ok
15:14:12.0048 3908 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:14:12.0048 3908 avkmgr - ok
15:14:12.0080 3908 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:14:12.0080 3908 b06bdrv - ok
15:14:12.0095 3908 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:14:12.0095 3908 b57nd60a - ok
15:14:12.0111 3908 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:14:12.0111 3908 Beep - ok
15:14:12.0142 3908 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:14:12.0142 3908 blbdrive - ok
15:14:12.0173 3908 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:14:12.0173 3908 bowser - ok
15:14:12.0189 3908 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:14:12.0189 3908 BrFiltLo - ok
15:14:12.0189 3908 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:14:12.0189 3908 BrFiltUp - ok
15:14:12.0204 3908 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:14:12.0204 3908 Brserid - ok
15:14:12.0204 3908 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:14:12.0204 3908 BrSerWdm - ok
15:14:12.0220 3908 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:14:12.0220 3908 BrUsbMdm - ok
15:14:12.0220 3908 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:14:12.0220 3908 BrUsbSer - ok
15:14:12.0236 3908 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:14:12.0236 3908 BTHMODEM - ok
15:14:12.0251 3908 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:14:12.0251 3908 cdfs - ok
15:14:12.0267 3908 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:14:12.0267 3908 cdrom - ok
15:14:12.0267 3908 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:14:12.0267 3908 circlass - ok
15:14:12.0298 3908 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:14:12.0298 3908 CLFS - ok
15:14:12.0314 3908 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:14:12.0314 3908 CmBatt - ok
15:14:12.0329 3908 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:14:12.0329 3908 cmdide - ok
15:14:12.0345 3908 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:14:12.0345 3908 CNG - ok
15:14:12.0376 3908 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:14:12.0376 3908 Compbatt - ok
15:14:12.0376 3908 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:14:12.0376 3908 CompositeBus - ok
15:14:12.0407 3908 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
15:14:12.0407 3908 cpuz135 - ok
15:14:12.0423 3908 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:14:12.0423 3908 crcdisk - ok
15:14:12.0454 3908 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
15:14:12.0454 3908 CSC - ok
15:14:12.0501 3908 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:14:12.0501 3908 DfsC - ok
15:14:12.0516 3908 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:14:12.0516 3908 discache - ok
15:14:12.0532 3908 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:14:12.0532 3908 Disk - ok
15:14:12.0548 3908 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:14:12.0548 3908 drmkaud - ok
15:14:12.0594 3908 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
15:14:12.0610 3908 DXGKrnl - ok
15:14:12.0672 3908 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:14:12.0704 3908 ebdrv - ok
15:14:12.0735 3908 EIO64 (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
15:14:12.0735 3908 EIO64 - ok
15:14:12.0766 3908 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:14:12.0766 3908 elxstor - ok
15:14:12.0797 3908 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:14:12.0797 3908 ErrDev - ok
15:14:12.0813 3908 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:14:12.0813 3908 exfat - ok
15:14:12.0828 3908 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:14:12.0828 3908 fastfat - ok
15:14:12.0844 3908 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:14:12.0844 3908 fdc - ok
15:14:12.0860 3908 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:14:12.0860 3908 FileInfo - ok
15:14:12.0891 3908 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:14:12.0891 3908 Filetrace - ok
15:14:12.0891 3908 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:12.0891 3908 flpydisk - ok
15:14:12.0922 3908 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:14:12.0922 3908 FltMgr - ok
15:14:12.0938 3908 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:14:12.0938 3908 FsDepends - ok
15:14:12.0953 3908 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:14:12.0969 3908 Fs_Rec - ok
15:14:13.0000 3908 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:14:13.0000 3908 fvevol - ok
15:14:13.0016 3908 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:14:13.0016 3908 gagp30kx - ok
15:14:13.0047 3908 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:14:13.0047 3908 hcw85cir - ok
15:14:13.0062 3908 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:14:13.0062 3908 HdAudAddService - ok
15:14:13.0078 3908 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:14:13.0078 3908 HDAudBus - ok
15:14:13.0078 3908 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:14:13.0078 3908 HidBatt - ok
15:14:13.0094 3908 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:14:13.0094 3908 HidBth - ok
15:14:13.0109 3908 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:14:13.0109 3908 HidIr - ok
15:14:13.0125 3908 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:14:13.0125 3908 HidUsb - ok
15:14:13.0140 3908 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:14:13.0140 3908 HpSAMD - ok
15:14:13.0187 3908 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:14:13.0187 3908 HTCAND64 - ok
15:14:13.0218 3908 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
15:14:13.0218 3908 htcnprot - ok
15:14:13.0250 3908 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:14:13.0250 3908 HTTP - ok
15:14:13.0265 3908 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:14:13.0265 3908 hwpolicy - ok
15:14:13.0296 3908 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:14:13.0296 3908 i8042prt - ok
15:14:13.0328 3908 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:14:13.0328 3908 iaStorV - ok
15:14:13.0359 3908 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:14:13.0359 3908 iirsp - ok
15:14:13.0437 3908 IntcAzAudAddService (177b4e48c7a288e70779b42ab81d2d06) C:\Windows\system32\drivers\RTKVHD64.sys
15:14:13.0452 3908 IntcAzAudAddService - ok
15:14:13.0468 3908 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:14:13.0468 3908 intelide - ok
15:14:13.0484 3908 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:14:13.0484 3908 intelppm - ok
15:14:13.0499 3908 IOMap (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
15:14:13.0499 3908 IOMap - ok
15:14:13.0530 3908 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:13.0530 3908 IpFilterDriver - ok
15:14:13.0530 3908 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:14:13.0530 3908 IPMIDRV - ok
15:14:13.0546 3908 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:14:13.0546 3908 IPNAT - ok
15:14:13.0562 3908 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:14:13.0562 3908 IRENUM - ok
15:14:13.0577 3908 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:14:13.0577 3908 isapnp - ok
15:14:13.0686 3908 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:14:13.0686 3908 iScsiPrt - ok
15:14:13.0718 3908 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:14:13.0718 3908 kbdclass - ok
15:14:13.0718 3908 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:14:13.0733 3908 kbdhid - ok
15:14:13.0749 3908 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:14:13.0749 3908 KSecDD - ok
15:14:13.0764 3908 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:14:13.0780 3908 KSecPkg - ok
15:14:13.0780 3908 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:14:13.0780 3908 ksthunk - ok
15:14:13.0811 3908 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
15:14:13.0811 3908 LADF_DHP2 - ok
15:14:13.0842 3908 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
15:14:13.0842 3908 LADF_SBVM - ok
15:14:13.0874 3908 LHidFilt (5d00693e33a01690911572925bb89461) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:14:13.0874 3908 LHidFilt - ok
15:14:13.0889 3908 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:14:13.0889 3908 lltdio - ok
15:14:13.0920 3908 LMouFilt (a0d8d290370f4b42c5a7284947eaffea) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:14:13.0920 3908 LMouFilt - ok
15:14:13.0936 3908 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:14:13.0936 3908 LSI_FC - ok
15:14:13.0952 3908 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:14:13.0952 3908 LSI_SAS - ok
15:14:13.0983 3908 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:14:13.0983 3908 LSI_SAS2 - ok
15:14:13.0998 3908 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:14:13.0998 3908 LSI_SCSI - ok
15:14:14.0014 3908 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:14:14.0014 3908 luafv - ok
15:14:14.0045 3908 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
15:14:14.0045 3908 MBAMProtector - ok
15:14:14.0076 3908 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
15:14:14.0076 3908 MBfilt - ok
15:14:14.0217 3908 mbmiodrvr (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
15:14:14.0217 3908 mbmiodrvr - ok
15:14:14.0232 3908 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:14:14.0232 3908 megasas - ok
15:14:14.0248 3908 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:14:14.0248 3908 MegaSR - ok
15:14:14.0279 3908 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:14:14.0279 3908 Modem - ok
15:14:14.0295 3908 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:14:14.0295 3908 monitor - ok
15:14:14.0310 3908 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:14:14.0310 3908 mouclass - ok
15:14:14.0326 3908 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:14:14.0326 3908 mouhid - ok
15:14:14.0357 3908 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:14:14.0357 3908 mountmgr - ok
15:14:14.0373 3908 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:14:14.0373 3908 mpio - ok
15:14:14.0388 3908 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:14:14.0388 3908 mpsdrv - ok
15:14:14.0404 3908 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:14:14.0404 3908 MRxDAV - ok
15:14:14.0420 3908 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:14.0435 3908 mrxsmb - ok
15:14:14.0451 3908 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:14.0451 3908 mrxsmb10 - ok
15:14:14.0482 3908 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:14.0482 3908 mrxsmb20 - ok
15:14:14.0498 3908 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:14:14.0498 3908 msahci - ok
15:14:14.0529 3908 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:14:14.0529 3908 msdsm - ok
15:14:14.0544 3908 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:14:14.0544 3908 Msfs - ok
15:14:14.0560 3908 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:14:14.0560 3908 mshidkmdf - ok
15:14:14.0560 3908 MSICDSetup - ok
15:14:14.0576 3908 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:14:14.0576 3908 msisadrv - ok
15:14:14.0607 3908 MSI_MSIBIOS_010507 (192476c10371dc83243d67432b2cdcbf) C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys
15:14:14.0607 3908 MSI_MSIBIOS_010507 - ok
15:14:14.0732 3908 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:14:14.0732 3908 MSKSSRV - ok
15:14:14.0747 3908 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:14.0763 3908 MSPCLOCK - ok
15:14:14.0763 3908 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:14:14.0763 3908 MSPQM - ok
15:14:14.0778 3908 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:14:14.0794 3908 MsRPC - ok
15:14:14.0810 3908 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:14:14.0810 3908 mssmbios - ok
15:14:14.0810 3908 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:14:14.0810 3908 MSTEE - ok
15:14:14.0825 3908 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:14:14.0825 3908 MTConfig - ok
15:14:14.0856 3908 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:14:14.0856 3908 Mup - ok
15:14:14.0872 3908 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:14:14.0888 3908 NativeWifiP - ok
15:14:14.0903 3908 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:14:14.0919 3908 NDIS - ok
15:14:14.0934 3908 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:14:14.0934 3908 NdisCap - ok
15:14:14.0934 3908 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:14.0950 3908 NdisTapi - ok
15:14:14.0950 3908 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:14.0950 3908 Ndisuio - ok
15:14:14.0966 3908 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:14.0981 3908 NdisWan - ok
15:14:14.0981 3908 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:14:14.0981 3908 NDProxy - ok
15:14:14.0997 3908 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:14:14.0997 3908 NetBIOS - ok
15:14:15.0012 3908 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:14:15.0028 3908 NetBT - ok
15:14:15.0044 3908 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:14:15.0044 3908 nfrd960 - ok
15:14:15.0075 3908 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:14:15.0075 3908 Npfs - ok
15:14:15.0090 3908 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:14:15.0090 3908 nsiproxy - ok
15:14:15.0137 3908 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:14:15.0153 3908 Ntfs - ok
15:14:15.0168 3908 NTIOLib_1_0_4 (1b32c54b95121ab1683c7b83b2db4b96) C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
15:14:15.0168 3908 NTIOLib_1_0_4 - ok
15:14:15.0184 3908 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:14:15.0184 3908 Null - ok
15:14:15.0200 3908 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:14:15.0200 3908 nusb3hub - ok
15:14:15.0215 3908 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:14:15.0215 3908 nusb3xhc - ok
15:14:15.0262 3908 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
15:14:15.0262 3908 NVHDA - ok
15:14:15.0480 3908 nvlddmkm (f87fc68f90b09f06ebaaad687e2e83a5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:14:15.0527 3908 nvlddmkm - ok
15:14:15.0558 3908 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:14:15.0558 3908 nvraid - ok
15:14:15.0574 3908 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:14:15.0574 3908 nvstor - ok
15:14:15.0590 3908 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:14:15.0590 3908 nv_agp - ok
15:14:15.0605 3908 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:14:15.0605 3908 ohci1394 - ok
15:14:15.0605 3908 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:14:15.0605 3908 Parport - ok
15:14:15.0621 3908 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:14:15.0621 3908 partmgr - ok
15:14:15.0636 3908 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:14:15.0636 3908 pci - ok
15:14:15.0652 3908 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:14:15.0652 3908 pciide - ok
15:14:15.0668 3908 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:14:15.0668 3908 pcmcia - ok
15:14:15.0683 3908 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:14:15.0683 3908 pcw - ok
15:14:15.0699 3908 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:14:15.0699 3908 PEAUTH - ok
15:14:15.0730 3908 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:14:15.0730 3908 PptpMiniport - ok
15:14:15.0746 3908 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:14:15.0746 3908 Processor - ok
15:14:15.0761 3908 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:14:15.0761 3908 Psched - ok
15:14:15.0777 3908 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:14:15.0792 3908 ql2300 - ok
15:14:15.0808 3908 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:14:15.0808 3908 ql40xx - ok
15:14:15.0824 3908 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:14:15.0824 3908 QWAVEdrv - ok
15:14:15.0839 3908 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:14:15.0839 3908 RasAcd - ok
15:14:15.0870 3908 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:14:15.0870 3908 RasAgileVpn - ok
15:14:15.0902 3908 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:15.0902 3908 Rasl2tp - ok
15:14:15.0917 3908 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:15.0917 3908 RasPppoe - ok
15:14:15.0933 3908 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:14:15.0933 3908 RasSstp - ok
15:14:15.0964 3908 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:14:15.0964 3908 rdbss - ok
15:14:15.0980 3908 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:14:15.0980 3908 rdpbus - ok
15:14:16.0011 3908 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:16.0011 3908 RDPCDD - ok
15:14:16.0026 3908 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
15:14:16.0026 3908 RDPDR - ok
15:14:16.0026 3908 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:14:16.0026 3908 RDPENCDD - ok
15:14:16.0042 3908 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:14:16.0042 3908 RDPREFMP - ok
15:14:16.0120 3908 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:14:16.0136 3908 RDPWD - ok
15:14:16.0151 3908 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:14:16.0151 3908 rdyboost - ok
15:14:16.0182 3908 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:14:16.0182 3908 rspndr - ok
15:14:16.0214 3908 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:14:16.0214 3908 RTL8167 - ok
15:14:16.0245 3908 RzSynapse (24510c4a77aba3b07aefa840db888637) C:\Windows\system32\DRIVERS\RzSynapse.sys
15:14:16.0245 3908 RzSynapse - ok
15:14:16.0260 3908 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
15:14:16.0260 3908 s3cap - ok
15:14:16.0276 3908 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:14:16.0276 3908 sbp2port - ok
15:14:16.0292 3908 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:14:16.0292 3908 scfilter - ok
15:14:16.0307 3908 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:14:16.0323 3908 secdrv - ok
15:14:16.0338 3908 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:14:16.0338 3908 Serenum - ok
15:14:16.0354 3908 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:14:16.0370 3908 Serial - ok
15:14:16.0385 3908 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:14:16.0385 3908 sermouse - ok
15:14:16.0401 3908 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:14:16.0401 3908 sffdisk - ok
15:14:16.0416 3908 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:14:16.0416 3908 sffp_mmc - ok
15:14:16.0416 3908 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:14:16.0416 3908 sffp_sd - ok
15:14:16.0432 3908 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:14:16.0432 3908 sfloppy - ok
15:14:16.0448 3908 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:14:16.0448 3908 SiSRaid2 - ok
15:14:16.0463 3908 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:14:16.0463 3908 SiSRaid4 - ok
15:14:16.0463 3908 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:14:16.0463 3908 Smb - ok
15:14:16.0479 3908 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:14:16.0479 3908 spldr - ok
15:14:16.0541 3908 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\System32\Drivers\sptd.sys
15:14:16.0541 3908 sptd - ok
15:14:16.0572 3908 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:14:16.0588 3908 srv - ok
15:14:16.0604 3908 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:14:16.0604 3908 srv2 - ok
15:14:16.0650 3908 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:14:16.0650 3908 srvnet - ok
15:14:16.0666 3908 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:14:16.0666 3908 stexstor - ok
15:14:16.0791 3908 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:14:16.0791 3908 storflt - ok
15:14:16.0806 3908 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
15:14:16.0806 3908 storvsc - ok
15:14:16.0822 3908 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:14:16.0822 3908 swenum - ok
15:14:16.0884 3908 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
15:14:16.0900 3908 Tcpip - ok
15:14:16.0947 3908 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
15:14:16.0962 3908 TCPIP6 - ok
15:14:16.0978 3908 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:14:16.0978 3908 tcpipreg - ok
15:14:16.0994 3908 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:14:16.0994 3908 TDPIPE - ok
15:14:17.0009 3908 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:14:17.0009 3908 TDTCP - ok
15:14:17.0025 3908 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:14:17.0025 3908 tdx - ok
15:14:17.0040 3908 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:14:17.0040 3908 TermDD - ok
15:14:17.0087 3908 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
15:14:17.0087 3908 truecrypt - ok
15:14:17.0118 3908 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:14:17.0118 3908 tssecsrv - ok
15:14:17.0134 3908 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:14:17.0134 3908 tunnel - ok
15:14:17.0165 3908 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
15:14:17.0165 3908 TurboB - ok
15:14:17.0165 3908 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:14:17.0165 3908 uagp35 - ok
15:14:17.0181 3908 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:14:17.0181 3908 udfs - ok
15:14:17.0196 3908 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:14:17.0196 3908 uliagpkx - ok
15:14:17.0259 3908 UltraMonUtility (694bcf23662f97d987cf4c6739c35f8b) C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
15:14:17.0274 3908 UltraMonUtility - ok
15:14:17.0290 3908 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:14:17.0290 3908 umbus - ok
15:14:17.0290 3908 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:14:17.0290 3908 UmPass - ok
15:14:17.0321 3908 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:14:17.0321 3908 usbaudio - ok
15:14:17.0352 3908 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
15:14:17.0352 3908 usbccgp - ok
15:14:17.0368 3908 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:14:17.0368 3908 usbcir - ok
15:14:17.0399 3908 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
15:14:17.0399 3908 usbehci - ok
15:14:17.0415 3908 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
15:14:17.0415 3908 usbhub - ok
15:14:17.0446 3908 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
15:14:17.0446 3908 usbohci - ok
15:14:17.0477 3908 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:14:17.0477 3908 usbprint - ok
15:14:17.0508 3908 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:14:17.0508 3908 usbscan - ok
15:14:17.0540 3908 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:14:17.0540 3908 USBSTOR - ok
15:14:17.0571 3908 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
15:14:17.0571 3908 usbuhci - ok
15:14:17.0586 3908 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:14:17.0586 3908 vdrvroot - ok
15:14:17.0602 3908 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:14:17.0618 3908 vga - ok
15:14:17.0618 3908 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:14:17.0618 3908 VgaSave - ok
15:14:17.0633 3908 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:14:17.0633 3908 vhdmp - ok
15:14:17.0664 3908 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:14:17.0664 3908 viaide - ok
15:14:17.0680 3908 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
15:14:17.0680 3908 vmbus - ok
15:14:17.0696 3908 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:14:17.0696 3908 VMBusHID - ok
15:14:17.0711 3908 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:14:17.0711 3908 volmgr - ok
15:14:17.0727 3908 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:14:17.0727 3908 volmgrx - ok
15:14:17.0758 3908 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:14:17.0758 3908 volsnap - ok
15:14:17.0774 3908 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:14:17.0789 3908 vsmraid - ok
15:14:17.0820 3908 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:14:17.0820 3908 vwifibus - ok
15:14:17.0836 3908 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:14:17.0836 3908 WacomPen - ok
15:14:17.0852 3908 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:17.0852 3908 WANARP - ok
15:14:17.0867 3908 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:17.0867 3908 Wanarpv6 - ok
15:14:17.0883 3908 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:14:17.0883 3908 Wd - ok
15:14:17.0914 3908 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:14:17.0914 3908 Wdf01000 - ok
15:14:17.0945 3908 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:14:17.0945 3908 WfpLwf - ok
15:14:17.0961 3908 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:14:17.0961 3908 WIMMount - ok
15:14:17.0992 3908 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:14:17.0992 3908 WmiAcpi - ok
15:14:18.0023 3908 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:14:18.0023 3908 ws2ifsl - ok
15:14:18.0054 3908 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:14:18.0054 3908 WudfPf - ok
15:14:18.0070 3908 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:14:18.0070 3908 WUDFRd - ok
15:14:18.0086 3908 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:14:18.0101 3908 \Device\Harddisk1\DR1 - ok
15:14:18.0101 3908 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:14:18.0101 3908 \Device\Harddisk0\DR0 - ok
15:14:18.0117 3908 Boot (0x1200) (dfa9edb4561a492aafb654766996306a) \Device\Harddisk1\DR1\Partition0
15:14:18.0117 3908 \Device\Harddisk1\DR1\Partition0 - ok
15:14:18.0132 3908 Boot (0x1200) (7d33cc3d4299974a341d16ee01bcba4d) \Device\Harddisk1\DR1\Partition1
15:14:18.0132 3908 \Device\Harddisk1\DR1\Partition1 - ok
15:14:18.0148 3908 Boot (0x1200) (55c84bee2919934b4bd081cfc31dda9b) \Device\Harddisk1\DR1\Partition2
15:14:18.0148 3908 \Device\Harddisk1\DR1\Partition2 - ok
15:14:18.0148 3908 Boot (0x1200) (e0f1e43a6a40d2441ec0ac53413e1cc2) \Device\Harddisk0\DR0\Partition0
15:14:18.0148 3908 \Device\Harddisk0\DR0\Partition0 - ok
15:14:18.0148 3908 Boot (0x1200) (d6282a99bd6e432937dc2a020937d379) \Device\Harddisk0\DR0\Partition1
15:14:18.0148 3908 \Device\Harddisk0\DR0\Partition1 - ok
15:14:18.0164 3908 Boot (0x1200) (81e59dfa501b7ed3b03bc612a5c6f9cb) \Device\Harddisk0\DR0\Partition2
15:14:18.0164 3908 \Device\Harddisk0\DR0\Partition2 - ok
15:14:18.0164 3908 Boot (0x1200) (6c97819b1fba1708aa3c1a58ddf1d6e0) \Device\Harddisk0\DR0\Partition3
15:14:18.0164 3908 \Device\Harddisk0\DR0\Partition3 - ok
15:14:18.0164 3908 Boot (0x1200) (9980a32e1adc3dbf13fa4d6353cad572) \Device\Harddisk0\DR0\Partition4
15:14:18.0164 3908 \Device\Harddisk0\DR0\Partition4 - ok
15:14:18.0164 3908 ============================================================
15:14:18.0164 3908 Scan finished
15:14:18.0164 3908 ============================================================
15:14:18.0179 4900 Detected object count: 0
15:14:18.0179 4900 Actual detected object count: 0

Keine Treffer.
Btw das neue Tdss Tool hat mehr Einstellmöglichkeiten wie in eurem "How-To"
hab alle anderen Hacken rausgelassen.

Was ich noch wissen sollte: Muss ich den Defogger wieder umstellen?

mfg Shiddi

cosinus · 19.10.2011, 17:21

Erstmal CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Shiddi · 19.10.2011, 17:35

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-10-19.04 - shiddi 19.10.2011  18:26:04.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.16354.13009 [GMT 2:00]
ausgeführt von:: c:\users\shiddi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-09-19 bis 2011-10-19  ))))))))))))))))))))))))))))))
.
.
2011-10-19 16:28 . 2011-10-19 16:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-10-18 13:28 . 2011-10-18 13:28	--------	d-----w-	C:\ts3overlay
2011-10-18 13:28 . 2011-10-11 13:00	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-10-18 13:28 . 2011-10-11 13:00	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-10-18 13:28 . 2011-10-11 13:00	130760	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-10-18 13:28 . 2011-10-18 13:28	--------	d-----w-	c:\programdata\Avira
2011-10-18 13:28 . 2011-10-18 13:28	--------	d-----w-	c:\program files (x86)\Avira
2011-10-18 13:17 . 2011-09-21 07:00	9049936	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{86CD63CF-F84B-4B1F-8C91-0CCA4E4181E1}\mpengine.dll
2011-10-17 14:25 . 2011-10-17 14:25	--------	d-----w-	c:\programdata\Malwarebytes
2011-10-17 14:25 . 2011-10-17 14:25	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-17 14:25 . 2011-08-31 15:00	25416	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-10-15 15:17 . 2011-10-15 15:17	--------	d-----w-	c:\program files (x86)\Spirent Communications
2011-10-15 15:17 . 2011-10-15 15:19	--------	d-----w-	c:\program files (x86)\HTC
2011-10-15 15:17 . 2011-10-15 15:40	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2011-10-15 15:16 . 2011-10-15 15:16	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2011-10-14 16:13 . 2011-10-14 16:13	--------	d-----w-	c:\programdata\boost_interprocess
2011-10-13 20:29 . 2011-10-13 20:29	42392	----a-w-	c:\windows\SysWow64\xfcodec.dll
2011-10-13 20:29 . 2011-10-13 20:29	28056	----a-w-	c:\windows\system32\xfcodec64.dll
2011-10-13 13:45 . 2011-10-13 14:02	--------	d-----w-	c:\program files (x86)\Common Files\BioWare
2011-10-13 13:45 . 2011-10-13 14:02	--------	d-----w-	c:\program files (x86)\Dragon Age 2
2011-10-05 14:45 . 2011-10-05 14:45	230864	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2011-10-05 14:45 . 2011-10-05 14:45	--------	d-----w-	c:\program files\TrueCrypt
2011-10-05 14:38 . 2011-10-05 14:39	--------	d-----w-	c:\windows\SysWow64\ShellExt
2011-10-05 13:08 . 2011-10-05 13:08	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-10-04 15:14 . 2011-10-04 15:14	--------	d-----w-	c:\programdata\CanonIJ
2011-10-03 09:21 . 2011-03-25 03:23	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-10-03 09:21 . 2011-03-25 03:23	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-10-03 09:21 . 2011-03-25 03:23	324608	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-10-03 09:21 . 2011-03-25 03:22	52224	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-10-03 09:21 . 2011-03-25 03:22	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-10-03 09:21 . 2011-03-25 03:22	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-10-03 09:21 . 2011-03-25 03:22	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-10-03 09:08 . 2011-03-11 06:23	1657216	----a-w-	c:\windows\system32\drivers\ntfs.sys
2011-10-03 09:08 . 2011-03-11 06:23	187264	----a-w-	c:\windows\system32\drivers\storport.sys
2011-10-03 09:08 . 2011-03-11 06:23	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2011-10-03 09:08 . 2011-03-11 06:23	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2011-10-03 09:08 . 2011-03-11 06:23	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2011-10-03 09:08 . 2011-03-11 06:22	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-10-03 09:08 . 2011-03-11 06:22	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-10-03 09:08 . 2011-03-11 06:18	2566144	----a-w-	c:\windows\system32\esent.dll
2011-10-03 09:08 . 2011-03-11 05:39	1686016	----a-w-	c:\windows\SysWow64\esent.dll
2011-10-03 09:08 . 2011-03-11 06:15	96768	----a-w-	c:\windows\system32\fsutil.exe
2011-10-03 09:08 . 2011-03-11 05:37	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2011-10-03 01:19 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2011-10-03 01:19 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2011-10-03 01:15 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2011-10-03 01:15 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2011-10-03 01:11 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2011-10-02 21:34 . 2011-10-02 21:34	--------	d-----w-	c:\program files (x86)\VideoLAN
2011-10-02 18:32 . 2011-10-12 17:00	--------	d-----w-	c:\program files (x86)\JDownloader
2011-10-02 10:23 . 2011-10-02 10:23	--------	d-----w-	c:\users\UpdatusUser
2011-10-02 10:21 . 2011-08-03 11:50	1519720	----a-w-	c:\windows\system32\nvdispco64.dll
2011-10-02 10:21 . 2011-08-03 11:50	1453160	----a-w-	c:\windows\system32\nvgenco64.dll
2011-10-02 10:21 . 2011-03-28 10:27	1985640	----a-w-	c:\windows\SysWow64\nvapi.dll
2011-10-02 10:20 . 2011-10-02 10:20	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-10-02 10:19 . 2011-10-02 10:19	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-10-02 10:19 . 2011-10-02 10:19	--------	d-----w-	c:\program files (x86)\Java
2011-10-02 09:36 . 2011-10-02 09:36	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2011-10-02 09:34 . 2011-10-02 09:34	--------	d-----w-	c:\programdata\EA Core
2011-10-02 00:40 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2011-10-01 21:51 . 2011-10-01 21:51	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2011-10-01 21:49 . 2011-10-01 21:49	--------	d-----w-	c:\program files\Common Files\Logishrd
2011-10-01 20:27 . 2011-10-01 20:27	--------	d--h--w-	c:\program files (x86)\Common Files\EAInstaller
2011-10-01 15:37 . 2011-10-01 15:37	--------	d-----w-	C:\NVIDIA
2011-10-01 15:37 . 2011-10-19 13:05	--------	d-----w-	c:\program files (x86)\DriveTheLife
2011-10-01 13:15 . 2011-10-01 13:15	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2011-10-01 09:11 . 2010-08-26 05:27	148992	----a-w-	c:\windows\system32\t2embed.dll
2011-10-01 09:10 . 2011-02-24 06:30	476160	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-10-01 09:09 . 2010-08-21 06:29	558592	----a-w-	c:\windows\system32\spoolsv.exe
2011-10-01 09:08 . 2011-03-03 06:17	182272	----a-w-	c:\windows\system32\dnsrslvr.dll
2011-10-01 09:07 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-10-01 09:06 . 2010-08-31 04:32	954752	----a-w-	c:\windows\SysWow64\mfc40.dll
2011-10-01 09:00 . 2011-06-23 05:29	5507968	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-10-01 09:00 . 2011-06-23 04:38	3957120	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-10-01 09:00 . 2011-06-23 04:38	3902336	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-09-30 23:11 . 2011-09-30 23:11	--------	d-----w-	c:\program files\Intel
2011-09-30 21:33 . 2011-09-30 20:38	--------	d-----w-	c:\windows\Panther
2011-09-30 21:33 . 2011-09-30 21:33	--------	d-----w-	C:\Boot
2011-09-30 21:26 . 2011-09-30 21:26	--------	d-----w-	c:\program files (x86)\Geeks3D
2011-09-30 21:05 . 2011-09-30 21:05	--------	d-----w-	c:\program files (x86)\Notepad++
2011-09-30 21:00 . 2011-09-30 21:00	--------	d--h--w-	c:\windows\msdownld.tmp
2011-09-30 18:57 . 2011-09-30 18:57	--------	d-----w-	c:\program files (x86)\Ubisoft
2011-09-30 18:46 . 2011-09-30 18:46	503352	----a-w-	c:\windows\system32\drivers\sptd.sys
2011-09-30 18:40 . 2009-11-25 19:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2011-09-30 18:40 . 2009-11-25 19:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2011-09-30 18:40 . 2009-11-25 19:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2011-09-30 18:40 . 2009-11-25 19:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2011-09-30 18:40 . 2009-11-25 19:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2011-09-30 18:40 . 2009-11-25 19:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2011-09-30 18:40 . 2009-11-25 19:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2011-09-30 18:40 . 2009-11-25 19:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2011-09-30 18:40 . 2009-11-25 19:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2011-09-30 18:40 . 2009-11-25 19:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2011-09-30 17:16 . 2011-10-15 14:03	271200	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-09-30 17:03 . 2011-10-02 09:34	--------	d-----w-	c:\programdata\Electronic Arts
2011-09-30 17:03 . 2011-10-02 09:34	--------	d-----w-	c:\programdata\Origin
2011-09-30 17:03 . 2011-10-01 00:07	--------	d-----w-	c:\program files (x86)\Origin Games
2011-09-30 16:24 . 2011-10-13 13:13	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2011-09-30 16:13 . 2011-09-30 16:13	--------	d--h--w-	c:\programdata\CanonEPP
2011-09-30 16:06 . 2004-04-10 07:43	4608	----a-w-	c:\windows\SysWow64\mbmiodrvr.sys
2011-09-30 16:06 . 2011-09-30 16:06	--------	d-----w-	c:\program files (x86)\Motherboard Monitor 5
2011-09-30 15:58 . 2010-08-25 03:00	361472	----a-w-	c:\windows\system32\CNMXLMAE.DLL
2011-09-30 15:57 . 2011-09-30 15:57	--------	d-----w-	c:\program files\Common Files\CANON
2011-09-30 15:56 . 2011-09-30 15:56	--------	d-----w-	c:\program files\Canon
2011-09-30 15:56 . 2011-09-30 15:56	--------	d--h--w-	c:\programdata\CanonBJ
2011-09-30 15:56 . 2010-08-25 03:00	87040	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPPAE.DLL
2011-09-30 15:56 . 2010-08-25 03:00	28672	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPDAE.DLL
2011-09-30 15:56 . 2011-09-30 15:56	--------	d--h--w-	c:\windows\system32\CanonIJ Uninstaller Information
2011-09-30 15:55 . 2010-03-18 17:25	307200	----a-w-	c:\windows\SysWow64\CNC5200L.dll
2011-09-30 15:55 . 2010-03-18 15:11	106496	----a-w-	c:\windows\SysWow64\CNC5200U.dll
2011-09-30 15:55 . 2008-08-25 16:02	15872	----a-w-	c:\windows\SysWow64\CNHMCA.dll
2011-09-30 15:55 . 2010-03-18 17:26	348672	----a-w-	c:\windows\system32\CNC5200L.dll
2011-09-30 15:55 . 2010-03-18 15:13	1354240	----a-w-	c:\windows\system32\CNC5200C.dll
2011-09-30 15:55 . 2010-03-18 15:13	112128	----a-w-	c:\windows\system32\CNC5200I.dll
2011-09-30 15:55 . 2008-08-25 16:02	17920	----a-w-	c:\windows\system32\CNHMCA6.dll
2011-09-30 15:55 . 2010-08-25 03:00	361472	----a-w-	c:\windows\system32\CNMLMAE.DLL
2011-09-30 15:54 . 2010-06-03 06:12	103424	----a-w-	c:\windows\system32\CNC5200O.dll
2011-09-30 15:54 . 2010-03-10 23:57	248320	----a-w-	c:\windows\system32\CNMIUAE.DLL
2011-09-30 15:54 . 2011-09-30 15:54	--------	d-----w-	c:\windows\system32\STRING
2011-09-30 15:54 . 2010-02-05 01:37	37376	----a-w-	c:\windows\system32\CNMN6UI.DLL
2011-09-30 15:54 . 2010-02-05 01:37	327680	----a-w-	c:\windows\system32\CNMN6PPM.DLL
2011-09-30 15:53 . 2011-09-30 15:57	--------	d-----w-	c:\program files (x86)\Canon
2011-09-30 15:48 . 2011-09-30 15:48	--------	d-----w-	c:\program files (x86)\Common Files\Realtime Soft
2011-09-30 15:48 . 2011-09-30 15:48	--------	d-----w-	c:\programdata\Realtime Soft
2011-09-30 15:48 . 2011-09-30 15:48	--------	d-----w-	c:\program files\UltraMon
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-03 11:50 . 2011-03-23 22:53	61544	----a-w-	c:\windows\system32\nvshext.dll
2011-08-03 01:31 . 2011-08-03 01:31	311912	----a-w-	c:\windows\SysWow64\nvStreaming.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="f:\steam\Steam.exe" [2011-09-30 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104]
"Logitech G35"="g:\g35\G35.exe" [2010-10-05 1811800]
"DriveTheLife"="c:\program files (x86)\DriveTheLife\DriveTheLife.exe" [2010-02-27 3158016]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"ASUSGamerOSD"="c:\program files (x86)\ASUS\GamerOSD\GamerOSD.exe" [2009-07-30 380928]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HLSW.lnk - g:\hlsw\hlsw.exe [2011-9-30 19929088]
TeamSpeak 3 Client.lnk - g:\ts3\ts3client_win64.exe [2011-8-24 11903744]
Xfire.lnk - g:\xfire\Xfire.exe [2011-10-13 3510680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2011-9-30 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 MSICDSetup;MSICDSetup;M:\CDriver64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-23 378472]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000Core.job
- c:\users\shiddi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-30 15:07]
.
2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000UA.job
- c:\users\shiddi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-30 15:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-03-07 6612072]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xcel exportieren - g:\msoffi~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ASDR.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
g:\alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe
c:\program files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
g:\ts3\plugins\ts3overlay\InstallHook.exe
c:\program files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-19  18:33:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-10-19 16:33
.
Vor Suchlauf: 9 Verzeichnis(se), 435.699.445.760 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 437.175.275.520 Bytes frei
.
- - End Of File - - B5BCFE6E31ED7A99076032F12D79E2B0

--- --- ---

Versteh das alles zwar net aber ich hoff doch du

MfG Shiddi

cosinus · 19.10.2011, 18:33

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Shiddi · 19.10.2011, 20:20

Hi der log ist im Anhang.

Partition M istn Wechseldatenträger, welcher aber nicht belegt ist

danke

mfg Shiddi

cosinus · 20.10.2011, 12:41

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

18.10.2011, 18:34	#5
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist! Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind. __________________ Logfiles bitte immer in CODE-Tags posten

18.10.2011, 20:05	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist! Deine OTL.zip scheint defekt zu sein. Erstell die bitte neu und lad es wieder hoch. __________________ Logfiles bitte immer in CODE-Tags posten

Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!

Plagegeister aller Art und deren Bekämpfung: Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!