TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz

Hipparchus · 26.03.2012, 16:04

Guten Tag ,

ich brauche Hilfe bei der Bekämpfung des Trojaners
TR/Crypt.XPACK.Gen.

Mein Desktop ist schwarz und meine Dateien versteckt.
Hab zwar schon einiges drüber gelesen, aber da es kein
allgemeingültiges Patentrezept zur Bekämpfung gibt, bitte
ich um Unterstützung.

Antivirenprogramm:

Code:

ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 26. März 2012  13:53

Es wird nach 3595020 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 x64
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : DICKLI

Versionsinformationen:
BUILD.DAT      : 12.0.0.898     41963 Bytes  31.01.2012 13:51:00
AVSCAN.EXE     : 12.1.0.20     492496 Bytes  16.02.2012 16:04:40
AVSCAN.DLL     : 12.1.0.18      65744 Bytes  16.02.2012 16:04:40
LUKE.DLL       : 12.1.0.19      68304 Bytes  16.02.2012 16:04:40
AVSCPLR.DLL    : 12.1.0.22     100048 Bytes  16.02.2012 16:04:41
AVREG.DLL      : 12.1.0.29     228048 Bytes  16.02.2012 16:04:41
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 18:18:34
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 09:07:39
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 15:57:52
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 17:12:17
VBASE004.VDF   : 7.11.21.239     2048 Bytes  01.02.2012 17:12:17
VBASE005.VDF   : 7.11.21.240     2048 Bytes  01.02.2012 17:12:17
VBASE006.VDF   : 7.11.21.241     2048 Bytes  01.02.2012 17:12:17
VBASE007.VDF   : 7.11.21.242     2048 Bytes  01.02.2012 17:12:17
VBASE008.VDF   : 7.11.21.243     2048 Bytes  01.02.2012 17:12:17
VBASE009.VDF   : 7.11.21.244     2048 Bytes  01.02.2012 17:12:17
VBASE010.VDF   : 7.11.21.245     2048 Bytes  01.02.2012 17:12:17
VBASE011.VDF   : 7.11.21.246     2048 Bytes  01.02.2012 17:12:17
VBASE012.VDF   : 7.11.21.247     2048 Bytes  01.02.2012 17:12:18
VBASE013.VDF   : 7.11.22.33   1486848 Bytes  03.02.2012 13:55:41
VBASE014.VDF   : 7.11.22.56    687616 Bytes  03.02.2012 13:55:59
VBASE015.VDF   : 7.11.22.92    178176 Bytes  06.02.2012 13:54:23
VBASE016.VDF   : 7.11.22.154   144896 Bytes  08.02.2012 13:54:37
VBASE017.VDF   : 7.11.22.220   183296 Bytes  13.02.2012 13:13:03
VBASE018.VDF   : 7.11.23.34    202752 Bytes  15.02.2012 16:04:39
VBASE019.VDF   : 7.11.23.98    126464 Bytes  17.02.2012 16:26:19
VBASE020.VDF   : 7.11.23.150   148480 Bytes  20.02.2012 16:26:22
VBASE021.VDF   : 7.11.23.224   172544 Bytes  23.02.2012 12:54:36
VBASE022.VDF   : 7.11.24.52    219648 Bytes  28.02.2012 13:41:28
VBASE023.VDF   : 7.11.24.152   165888 Bytes  05.03.2012 13:07:07
VBASE024.VDF   : 7.11.24.204   177664 Bytes  07.03.2012 13:07:11
VBASE025.VDF   : 7.11.25.30    245248 Bytes  12.03.2012 17:11:55
VBASE026.VDF   : 7.11.25.121   252416 Bytes  15.03.2012 16:03:19
VBASE027.VDF   : 7.11.25.177   202752 Bytes  20.03.2012 09:02:40
VBASE028.VDF   : 7.11.25.233   169984 Bytes  23.03.2012 07:28:57
VBASE029.VDF   : 7.11.25.234     2048 Bytes  23.03.2012 07:28:58
VBASE030.VDF   : 7.11.25.235     2048 Bytes  23.03.2012 07:28:58
VBASE031.VDF   : 7.11.25.254    78336 Bytes  26.03.2012 07:29:02
Engineversion  : 8.2.10.28 
AEVDF.DLL      : 8.1.2.2       106868 Bytes  25.10.2011 16:59:02
AESCRIPT.DLL   : 8.1.4.13      442746 Bytes  26.03.2012 07:32:34
AESCN.DLL      : 8.1.8.2       131444 Bytes  29.01.2012 10:34:07
AESBX.DLL      : 8.2.5.5       606579 Bytes  12.03.2012 13:09:58
AERDL.DLL      : 8.1.9.15      639348 Bytes  08.09.2011 21:16:06
AEPACK.DLL     : 8.2.16.7      803190 Bytes  26.03.2012 07:32:25
AEOFFICE.DLL   : 8.1.2.25      201084 Bytes  03.01.2012 16:54:26
AEHEUR.DLL     : 8.1.4.8      4514165 Bytes  26.03.2012 07:32:15
AEHELP.DLL     : 8.1.19.0      254327 Bytes  22.01.2012 13:06:07
AEGEN.DLL      : 8.1.5.23      409973 Bytes  12.03.2012 13:07:32
AEEXP.DLL      : 8.1.0.25       74101 Bytes  15.03.2012 17:35:30
AEEMU.DLL      : 8.1.3.0       393589 Bytes  01.09.2011 21:46:01
AECORE.DLL     : 8.1.25.6      201078 Bytes  15.03.2012 17:35:28
AEBB.DLL       : 8.1.1.0        53618 Bytes  01.09.2011 21:46:01
AVWINLL.DLL    : 12.1.0.17      27344 Bytes  11.10.2011 12:59:41
AVPREF.DLL     : 12.1.0.17      51920 Bytes  11.10.2011 12:59:38
AVREP.DLL      : 12.1.0.17     179408 Bytes  11.10.2011 12:59:38
AVARKT.DLL     : 12.1.0.23     209360 Bytes  16.02.2012 16:04:40
AVEVTLOG.DLL   : 12.1.0.17     169168 Bytes  11.10.2011 12:59:37
SQLITE3.DLL    : 3.7.0.0       398288 Bytes  11.10.2011 12:59:51
AVSMTP.DLL     : 12.1.0.17      62928 Bytes  11.10.2011 12:59:39
NETNT.DLL      : 12.1.0.17      17104 Bytes  11.10.2011 12:59:47
RCIMAGE.DLL    : 12.1.0.17    4447952 Bytes  11.10.2011 13:00:00
RCTEXT.DLL     : 12.1.0.16      98512 Bytes  11.10.2011 13:00:00

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_4f701a74\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Abweichende Gefahrenkategorien........: +JOKE,+PFS,+SPR,

Beginn des Suchlaufs: Montag, 26. März 2012  13:53

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'bYXmuYDuwsvN.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'javaw.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsScrPro.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spmgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ADSMTray.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ADSMSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControlUser.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMedia.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD2.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAM Updates Notifier.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'WDC.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'KBFiltr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControl.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GFNEXSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASLDRSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Eschi\AppData\Local\Temp\tDqjCHXtbZbE1J.exe'
C:\Users\Eschi\AppData\Local\Temp\tDqjCHXtbZbE1J.exe
  [FUND]      Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a1ef125.qua' verschoben!


Ende des Suchlaufs: Montag, 26. März 2012  13:53
Benötigte Zeit: 00:10 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
     24 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
     23 Dateien ohne Befall
      0 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise

dds:
[CODE].DDS Logfile:

Code:

ATTFilter

DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_26
Run by Administrator at 17:33:24 on 2012-03-26
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2531 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
D:\Programme\Avira\AntiVir Desktop\avguard.exe
D:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
D:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
D:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Programme\Mozilla\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - D:\Programme\Java\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Setwallpaper] c:\programdata\SetWallpaper.cmd
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{88F82C2B-2E7E-4F2F-BD70-925BC64F2125} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{88F82C2B-2E7E-4F2F-BD70-925BC64F2125}\755627375647575627D6B656E6 : DhcpNameServer = 168.95.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{8dcb7100-df86-4384-8842-8fa844297b3f}
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Setwallpaper] c:\programdata\SetWallpaper.cmd
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 acedrv11;acedrv11;\??\C:\Windows\system32\drivers\acedrv11.sys --> C:\Windows\system32\drivers\acedrv11.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AntiVirSchedulerService;Avira Planer;D:\Programme\Avira\AntiVir Desktop\sched.exe [2011-10-15 86224]
R2 AntiVirService;Avira Echtzeit Scanner;D:\Programme\Avira\AntiVir Desktop\avguard.exe [2011-10-15 110032]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-3-9 5352960]
R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2010-2-12 44312]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-13 136176]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-13 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys --> C:\Windows\system32\drivers\nmwcdnsucx64.sys [?]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== File Associations ===============
.
regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2012-03-26 13:27:44	8669240	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5DBC3EE1-45B9-42F1-9FFC-442AD8FB2816}\mpengine.dll
2012-03-14 19:28:41	5559152	----a-w-	C:\Windows\System32\ntoskrnl.exe
2012-03-14 19:28:40	3968368	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 19:28:40	3913584	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 17:21:54	3145728	----a-w-	C:\Windows\System32\win32k.sys
2012-03-14 17:21:52	1544192	----a-w-	C:\Windows\System32\DWrite.dll
2012-03-14 17:21:52	1077248	----a-w-	C:\Windows\SysWow64\DWrite.dll
2012-03-14 17:21:20	9216	----a-w-	C:\Windows\System32\rdrmemptylst.exe
2012-03-14 17:21:20	77312	----a-w-	C:\Windows\System32\rdpwsx.dll
2012-03-14 17:21:20	149504	----a-w-	C:\Windows\System32\rdpcorekmts.dll
2012-03-14 17:21:18	826880	----a-w-	C:\Windows\SysWow64\rdpcore.dll
2012-03-14 17:21:18	1031680	----a-w-	C:\Windows\System32\rdpcore.dll
2012-03-14 17:21:17	23552	----a-w-	C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 17:21:17	210944	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2012-03-02 14:00:34	303616	----a-w-	C:\Windows\IsUninst.exe
.
==================== Find3M  ====================
.
2012-02-23 13:03:59	414368	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 07:18:36	279656	------w-	C:\Windows\System32\MpSigStub.exe
2012-01-04 10:44:20	509952	----a-w-	C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41	442880	----a-w-	C:\Windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08	515584	----a-w-	C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56	478720	----a-w-	C:\Windows\SysWow64\timedate.cpl
2011-12-28 03:59:24	498688	----a-w-	C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 17:33:46,00 ===============

--- --- ---

markusg · 26.03.2012, 17:14

hi,
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Hipparchus · 26.03.2012, 17:29

so...

OTL:

Code:

ATTFilter

OTL logfile created on: 26.03.2012 17:56:30 - Run 3
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Eschi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 59,50% Memory free
8,00 Gb Paging File | 6,27 Gb Available in Paging File | 78,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 20,43 Gb Free Space | 27,42% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 9,87 Gb Free Space | 4,72% Space Free | Partition Type: NTFS
 
Computer Name: DICKLI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Eschi\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\Programme\Mozilla\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (OberonGameConsoleService) -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe ()
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programme\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.10.23 16:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Programme\Mozilla\components [2012.03.18 14:41:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Programme\Mozilla\plugins [2011.05.04 12:58:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.23 16:05:31 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88F82C2B-2E7E-4F2F-BD70-925BC64F2125}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.26 16:22:55 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012.03.26 16:02:51 | 009,604,712 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Administrator\Desktop\mbam-setup.exe
[2012.03.26 15:56:26 | 000,389,024 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Administrator\Desktop\unhide.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.26 17:39:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.26 17:05:41 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.26 17:05:41 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.26 17:03:31 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.26 17:03:31 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.26 17:03:31 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.26 17:03:31 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.26 17:03:31 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.26 17:01:36 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.26 16:58:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.26 16:57:56 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.26 16:57:07 | 000,000,020 | ---- | M] () -- C:\Users\Administrator\defogger_reenable
[2012.03.26 16:22:55 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012.03.26 16:03:08 | 009,604,712 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Administrator\Desktop\mbam-setup.exe
[2012.03.26 15:56:26 | 000,389,024 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Administrator\Desktop\unhide.exe
[2012.03.26 14:07:20 | 000,000,456 | ---- | M] () -- C:\ProgramData\dC4f6WWbPCd1TG
[2012.03.26 14:05:43 | 000,000,264 | ---- | M] () -- C:\ProgramData\~dC4f6WWbPCd1TG
[2012.03.26 14:05:43 | 000,000,176 | ---- | M] () -- C:\ProgramData\~dC4f6WWbPCd1TGr
[2012.03.15 19:34:23 | 005,014,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.02 16:00:23 | 001,207,296 | ---- | M] () -- C:\Users\Administrator\Desktop\brainwwavegenerator_3.1.12.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.26 16:57:07 | 000,000,020 | ---- | C] () -- C:\Users\Administrator\defogger_reenable
[2012.03.26 13:58:38 | 000,000,264 | ---- | C] () -- C:\ProgramData\~dC4f6WWbPCd1TG
[2012.03.26 13:58:38 | 000,000,176 | ---- | C] () -- C:\ProgramData\~dC4f6WWbPCd1TGr
[2012.03.26 13:58:08 | 000,000,456 | ---- | C] () -- C:\ProgramData\dC4f6WWbPCd1TG
[2012.03.02 16:00:18 | 001,207,296 | ---- | C] () -- C:\Users\Administrator\Desktop\brainwwavegenerator_3.1.12.exe
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.05.17 13:40:19 | 000,000,051 | ---- | C] () -- C:\Windows\wiso.ini
[2010.12.25 21:44:44 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.12.24 16:25:06 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.10.07 18:12:51 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010.10.07 18:12:51 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010.09.02 00:53:48 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.06.23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
 
========== LOP Check ==========
 
[2011.11.01 18:48:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2012.02.06 15:54:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:E690114B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:3969ACF7
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:689AB7E9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:C8B8CEBD
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:F1DEA771

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 26.03.2012 17:44:43 - Run 2
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Eschi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,26% Memory free
8,00 Gb Paging File | 6,39 Gb Available in Paging File | 79,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 20,43 Gb Free Space | 27,42% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 9,87 Gb Free Space | 4,72% Space Free | Partition Type: NTFS
 
Computer Name: DICKLI | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 275.33
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"ASUS WebStorage" = ASUS WebStorage
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}" = Island Wars 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}" = WISO Bewerbung 2008
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Analog Factory HipHop_is1" = Analog Factory HipHop 2.2.1
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bubble Snooker" = Bubble Snooker
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Das Vermächtnis der Insel 2" = Das Vermächtnis der Insel 2
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"FL Studio 9" = FL Studio 9
"Hardcore" = Hardcore
"Hühner-Attacke Deluxe" = Hühner-Attacke Deluxe
"IL Download Manager" = IL Download Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"intelliScore Ensemble" = intelliScore Ensemble
"JDownloader" = JDownloader
"Live 8.1" = Live 8.1
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mystery Stories – Berge des Wahnsinns" = Mystery Stories – Berge des Wahnsinns
"Mystery Stories - Expedition des Grauens" = Mystery Stories - Expedition des Grauens
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"PoiZone" = PoiZone
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"reFX Vanguard 1.7.2_is1" = reFX Vanguard 1.7.2
"Sacra Terra: Nacht der Engel" = Sacra Terra: Nacht der Engel
"Sakura" = Sakura
"Sawer" = Sawer
"Super Puzzle" = Super Puzzle
"The Mystery of Scoggins" = Puzzle Agent - The Mystery of Scoggins
"Total Audio Converter_is1" = TotalAudioConverter
"Toxic Biohazard" = Toxic Biohazard
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-7.manifest".  Die abhängige Assemblierung
 "Nero.NeDiscManager,processorArchitecture="x86",type="win32",version="7.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-8.manifest".  Die abhängige Assemblierung
 "Nero.DiscNavVcd,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-9.manifest".  Die abhängige Assemblierung
 "Nero.DiscNavDvd,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-10.manifest".  Die abhängige Assemblierung
 "Nero.DiscNavBD,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-11.manifest".  Die abhängige Assemblierung
 "Nero.BDThumbnail,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-12.manifest".  Die abhängige Assemblierung
 "Nero.BDGraphic,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-13.manifest".  Die abhängige Assemblierung
 "CoverEdCtrl,version="1.4.0.0"" konnte nicht gefunden werden.  Verwenden Sie für 
eine detaillierte Diagnose das Programm "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-14.manifest".  Die abhängige Assemblierung
 "AudioPluginMgr,processorArchitecture="x86",type="win32",version="7.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-15.manifest".  Die abhängige Assemblierung
 "Nero.InFAudioRippingServer,type="win32",version="8.9.9.0"" konnte nicht gefunden
 werden.  Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 
Error - 14.02.2012 14:40:52 | Computer Name = Dickli | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Nero\NEBURO100PO\Nero
 Burning Rom 10.0 Portable\Nero 10\SKEL\1104-16.manifest".  Die abhängige Assemblierung
 "NeroAPIFiles,processorArchitecture="x86",type="win32",version="9.0.0.0"" konnte
 nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 17.05.2011 11:45:35 | Computer Name = Dickli | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Oberon Media Game Console service erreicht.
 
Error - 17.05.2011 11:45:35 | Computer Name = Dickli | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 18.05.2011 06:02:51 | Computer Name = Dickli | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?05.?2011 um 12:01:15 unerwartet heruntergefahren.
 
Error - 24.05.2011 08:11:26 | Computer Name = Dickli | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Windows Internet Explorer 9 für Windows 7 für
 x64-basierte Systeme
 
Error - 07.06.2011 08:49:42 | Computer Name = Dickli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 07.06.2011 08:49:42 | Computer Name = Dickli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 07.06.2011 08:49:43 | Computer Name = Dickli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 07.06.2011 08:49:44 | Computer Name = Dickli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 26.06.2011 17:11:05 | Computer Name = Dickli | Source = Service Control Manager | ID = 7034
Description = Dienst "NIHardwareService" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 27.06.2011 16:09:08 | Computer Name = Dickli | Source = Service Control Manager | ID = 7034
Description = Dienst "NIHardwareService" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
 
< End of report >

markusg · 26.03.2012, 20:05

lade unhide:
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.

Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
Tool

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Hinweis:
Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Hipparchus · 27.03.2012, 11:18

Hab alles erledigt und es lief zunächst einwandfrei. Dann wollte Combofix
das System neustarten. Und jetzt kommt das Problem:
Combofix führt sich nicht weiter aus. Es flackert lediglich das Fenster
auf dem Desktop und taucht im Task-Manager als Anwendung im Sekundentakt für den Bruchteil einer Sekunde auf.
Woran kann das liegen? Hab alle anderen Scanner etc. deaktiviert.

markusg · 27.03.2012, 17:55

melde dich mal im selben konto an, wo combofix lief, wenn das nicht klappt, im abgesicherten modus mit netzwerk starten, evtl. auch mal als admin, und dann wieder in den normalen modus, geht es wieder?

Hipparchus · 27.03.2012, 20:31

Hab jetzt alle Möglichkeiten durch. Keine war von Erfolg gekrönt.
Dafür konnt ich mich mehr und mehr mit dem Gedanken anfreunden
einfach alles platt zu machen und neu aufzusetzen. Ist eigentlich
sowieso längst überfällig...

Oder hast du noch ne andere Idee?

markusg · 27.03.2012, 20:34

brenne dir mal ubuntu:
Download | Ubuntu
dann starte das gerät von der cd, die cd im probier modus, dann sichere bilder dokumente, musik, vidios.
weist du wie man formatiert, oder is ne anleitung nötig.

Hipparchus · 28.03.2012, 17:47

Wie man formatiert weiß ich wohl , aber danke für den
Ubuntu-Link.
Dennoch passieren manchmal auch unglaubliche Dinge.
Hab gerade den Laptop hochgefahren und gegen jede
Erwartung nimmt Combofix die Arbeit weiter auf.

Ich präsentiere die Combofix.txt:

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-03-27.03 - Administrator 27.03.2012  22:09:30.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2635 [GMT 2:00]
ausgeführt von:: c:\users\Eschi\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\programdata\FullRemove.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\tmp67D9.tmp
c:\windows\SysWow64\tmp6876.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-28 bis 2012-03-28  ))))))))))))))))))))))))))))))
.
.
2012-03-27 20:19 . 2012-03-27 20:19	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-27 19:37 . 2012-03-28 17:26	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2012-03-27 19:28 . 2012-03-27 19:28	--------	d-----w-	c:\users\Eschi\AppData\Roaming\Malwarebytes
2012-03-27 15:17 . 2012-03-27 15:17	--------	d-----w-	c:\users\Administrator\AppData\Roaming\Malwarebytes
2012-03-27 15:13 . 2012-03-27 15:13	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-27 14:35 . 2012-02-08 07:13	8643640	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{93E3C8A1-2FA5-48CC-BF88-5B60257395EA}\mpengine.dll
2012-03-22 16:58 . 2012-03-22 16:58	--------	d-----w-	c:\users\Eschi\AppData\Roaming\Floodlight Games
2012-03-14 19:28 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 19:28 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 19:28 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 17:21 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 17:21 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 17:21 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 17:21 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 17:21 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 17:21 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 17:21 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 17:21 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-14 17:21 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 17:21 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-02 14:00 . 1997-11-19 14:49	303616	----a-w-	c:\windows\IsUninst.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 13:03 . 2011-05-23 09:40	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 07:18 . 2010-09-14 22:51	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-01-04 10:44 . 2012-02-16 16:12	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 16:12	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 16:12	515584	----a-w-	c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 16:12	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08	143360	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\Eschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
WISO Bewerbung-Reminder.lnk - d:\programme\Wiso\KCReminder.exe [2007-11-29 1236480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-2-12 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-2-12 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-13 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-13 136176]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-03-09 5352960]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-13 15:47]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-13 15:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52	159744	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Heroes of Might and Magic® III - d:\spiele\Heroes of Might and Magic 3 Complete\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-28  19:39:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-03-28 17:39
.
Vor Suchlauf: 13 Verzeichnis(se), 32.686.432.256 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 32.289.255.424 Bytes frei
.
- - End Of File - - 396B91FBA504D170E678233194697730

--- --- ---

markusg · 28.03.2012, 20:40

na das ist doch mal was.
http://www.trojaner-board.de/82358-t...entfernen.html
log posten bitte

Hipparchus · 29.03.2012, 13:51

TDSS-Log (nach dem 2. Durchgang):

15:47:54.0083 1496 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
15:47:54.0129 1496 ============================================================
15:47:54.0129 1496 Current date / time: 2012/03/29 15:47:54.0129
15:47:54.0129 1496 SystemInfo:
15:47:54.0129 1496
15:47:54.0129 1496 OS Version: 6.1.7601 ServicePack: 1.0
15:47:54.0129 1496 Product type: Workstation
15:47:54.0129 1496 ComputerName: DICKLI
15:47:54.0129 1496 UserName: Administrator
15:47:54.0129 1496 Windows directory: C:\Windows
15:47:54.0129 1496 System windows directory: C:\Windows
15:47:54.0129 1496 Running under WOW64
15:47:54.0129 1496 Processor architecture: Intel x64
15:47:54.0129 1496 Number of processors: 2
15:47:54.0129 1496 Page size: 0x1000
15:47:54.0129 1496 Boot type: Normal boot
15:47:54.0129 1496 ============================================================
15:47:56.0095 1496 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:47:56.0095 1496 \Device\Harddisk0\DR0:
15:47:56.0095 1496 MBR used
15:47:56.0095 1496 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0x950A600
15:47:56.0111 1496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xB2557B7, BlocksNum 0x1A1D7F0A
15:47:56.0189 1496 Initialize success
15:47:56.0189 1496 ============================================================
15:48:05.0923 4512 ============================================================
15:48:05.0923 4512 Scan started
15:48:05.0923 4512 Mode: Manual; SigCheck; TDLFS;
15:48:05.0923 4512 ============================================================
15:48:08.0123 4512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:48:08.0232 4512 1394ohci - ok
15:48:08.0559 4512 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
15:48:08.0622 4512 acedrv11 - ok
15:48:08.0856 4512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:48:08.0903 4512 ACPI - ok
15:48:09.0090 4512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:48:09.0293 4512 AcpiPmi - ok
15:48:09.0511 4512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:48:09.0605 4512 adp94xx - ok
15:48:09.0729 4512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:48:09.0745 4512 adpahci - ok
15:48:09.0901 4512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:48:09.0995 4512 adpu320 - ok
15:48:10.0182 4512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:48:10.0728 4512 AeLookupSvc - ok
15:48:10.0931 4512 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
15:48:10.0946 4512 AFBAgent - ok
15:48:11.0149 4512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:48:11.0289 4512 AFD - ok
15:48:11.0461 4512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:48:11.0492 4512 agp440 - ok
15:48:11.0617 4512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:48:11.0695 4512 ALG - ok
15:48:11.0913 4512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:48:11.0960 4512 aliide - ok
15:48:12.0147 4512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:48:12.0163 4512 amdide - ok
15:48:12.0241 4512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:48:12.0319 4512 AmdK8 - ok
15:48:12.0475 4512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:48:12.0569 4512 AmdPPM - ok
15:48:12.0725 4512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:48:12.0756 4512 amdsata - ok
15:48:12.0912 4512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:48:12.0959 4512 amdsbs - ok
15:48:13.0115 4512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:48:13.0146 4512 amdxata - ok
15:48:13.0427 4512 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:48:13.0473 4512 AntiVirSchedulerService - ok
15:48:13.0723 4512 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:48:13.0739 4512 AntiVirService - ok
15:48:13.0910 4512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:48:14.0534 4512 AppID - ok
15:48:14.0643 4512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:48:14.0753 4512 AppIDSvc - ok
15:48:14.0940 4512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:48:15.0018 4512 Appinfo - ok
15:48:15.0252 4512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:48:15.0283 4512 arc - ok
15:48:15.0439 4512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:48:15.0470 4512 arcsas - ok
15:48:15.0689 4512 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
15:48:15.0735 4512 AsDsm - ok
15:48:15.0845 4512 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:48:15.0860 4512 ASLDRService - ok
15:48:15.0938 4512 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:48:15.0954 4512 ASMMAP64 - ok
15:48:16.0110 4512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:16.0203 4512 AsyncMac - ok
15:48:16.0406 4512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:48:16.0437 4512 atapi - ok
15:48:16.0687 4512 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
15:48:16.0890 4512 athr - ok
15:48:17.0015 4512 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:48:17.0030 4512 ATKGFNEXSrv - ok
15:48:17.0327 4512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:48:17.0451 4512 AudioEndpointBuilder - ok
15:48:17.0592 4512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:48:17.0639 4512 AudioSrv - ok
15:48:17.0904 4512 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:48:17.0935 4512 avgntflt - ok
15:48:18.0216 4512 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
15:48:18.0247 4512 avipbb - ok
15:48:18.0481 4512 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:48:18.0497 4512 avkmgr - ok
15:48:18.0637 4512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:48:18.0824 4512 AxInstSV - ok
15:48:18.0980 4512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:48:19.0074 4512 b06bdrv - ok
15:48:19.0230 4512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:48:19.0292 4512 b57nd60a - ok
15:48:19.0464 4512 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:48:19.0479 4512 BBSvc - ok
15:48:19.0667 4512 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:48:19.0682 4512 BBUpdate - ok
15:48:19.0838 4512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:48:19.0901 4512 BDESVC - ok
15:48:20.0041 4512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:48:20.0135 4512 Beep - ok
15:48:20.0353 4512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:48:20.0431 4512 BFE - ok
15:48:20.0665 4512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:48:20.0821 4512 BITS - ok
15:48:20.0977 4512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:48:21.0086 4512 blbdrive - ok
15:48:21.0289 4512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:48:21.0445 4512 bowser - ok
15:48:21.0585 4512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:48:21.0788 4512 BrFiltLo - ok
15:48:21.0866 4512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:48:21.0929 4512 BrFiltUp - ok
15:48:22.0100 4512 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:48:22.0194 4512 BridgeMP - ok
15:48:22.0319 4512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:48:22.0428 4512 Browser - ok
15:48:22.0615 4512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:48:22.0755 4512 Brserid - ok
15:48:22.0989 4512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:48:23.0145 4512 BrSerWdm - ok
15:48:23.0411 4512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:48:23.0535 4512 BrUsbMdm - ok
15:48:23.0863 4512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:48:23.0941 4512 BrUsbSer - ok
15:48:24.0035 4512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:48:24.0097 4512 BTHMODEM - ok
15:48:24.0128 4512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:48:24.0206 4512 bthserv - ok
15:48:24.0222 4512 catchme - ok
15:48:24.0331 4512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:48:24.0471 4512 cdfs - ok
15:48:24.0721 4512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:48:24.0768 4512 cdrom - ok
15:48:24.0846 4512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:48:25.0002 4512 CertPropSvc - ok
15:48:25.0298 4512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:48:25.0392 4512 circlass - ok
15:48:25.0595 4512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:48:25.0673 4512 CLFS - ok
15:48:25.0813 4512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:25.0953 4512 clr_optimization_v2.0.50727_32 - ok
15:48:26.0156 4512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:48:26.0281 4512 clr_optimization_v2.0.50727_64 - ok
15:48:26.0609 4512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:48:26.0718 4512 clr_optimization_v4.0.30319_32 - ok
15:48:26.0983 4512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:48:27.0217 4512 clr_optimization_v4.0.30319_64 - ok
15:48:27.0404 4512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:48:27.0467 4512 CmBatt - ok
15:48:27.0669 4512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:48:27.0716 4512 cmdide - ok
15:48:27.0919 4512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:48:28.0028 4512 CNG - ok
15:48:28.0231 4512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:48:28.0262 4512 Compbatt - ok
15:48:28.0403 4512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:48:28.0449 4512 CompositeBus - ok
15:48:28.0605 4512 COMSysApp - ok
15:48:28.0761 4512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:48:28.0793 4512 crcdisk - ok
15:48:28.0995 4512 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:48:29.0073 4512 CryptSvc - ok
15:48:29.0214 4512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:48:29.0292 4512 DcomLaunch - ok
15:48:29.0432 4512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:48:29.0541 4512 defragsvc - ok
15:48:29.0697 4512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:48:29.0807 4512 DfsC - ok
15:48:30.0056 4512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:48:30.0165 4512 Dhcp - ok
15:48:30.0415 4512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:48:30.0477 4512 discache - ok
15:48:30.0758 4512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:48:30.0883 4512 Disk - ok
15:48:31.0023 4512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:48:31.0289 4512 Dnscache - ok
15:48:31.0523 4512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:48:31.0725 4512 dot3svc - ok
15:48:31.0881 4512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:48:31.0991 4512 DPS - ok
15:48:32.0147 4512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:48:32.0193 4512 drmkaud - ok
15:48:32.0287 4512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:48:32.0318 4512 DXGKrnl - ok
15:48:32.0381 4512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:48:32.0459 4512 EapHost - ok
15:48:32.0833 4512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:48:32.0989 4512 ebdrv - ok
15:48:33.0098 4512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:48:33.0161 4512 EFS - ok
15:48:33.0317 4512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:48:33.0410 4512 ehRecvr - ok
15:48:33.0519 4512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:48:33.0582 4512 ehSched - ok
15:48:33.0956 4512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:48:34.0003 4512 elxstor - ok
15:48:34.0097 4512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:48:34.0143 4512 ErrDev - ok
15:48:34.0253 4512 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
15:48:34.0331 4512 ETD - ok
15:48:34.0377 4512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:48:34.0440 4512 EventSystem - ok
15:48:34.0533 4512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:48:34.0611 4512 exfat - ok
15:48:34.0643 4512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:48:34.0705 4512 fastfat - ok
15:48:34.0799 4512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:48:34.0877 4512 Fax - ok
15:48:34.0955 4512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:48:35.0001 4512 fdc - ok
15:48:35.0048 4512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:48:35.0157 4512 fdPHost - ok
15:48:35.0298 4512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:48:35.0391 4512 FDResPub - ok
15:48:35.0501 4512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:48:35.0532 4512 FileInfo - ok
15:48:35.0547 4512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:48:35.0625 4512 Filetrace - ok
15:48:35.0719 4512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:48:35.0766 4512 flpydisk - ok
15:48:35.0906 4512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:48:35.0922 4512 FltMgr - ok
15:48:36.0062 4512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:48:36.0171 4512 FontCache - ok
15:48:36.0296 4512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:48:36.0312 4512 FontCache3.0.0.0 - ok
15:48:36.0452 4512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:48:36.0483 4512 FsDepends - ok
15:48:36.0639 4512 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:48:36.0671 4512 fssfltr - ok
15:48:36.0795 4512 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:48:36.0827 4512 fsssvc - ok
15:48:36.0905 4512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:48:36.0920 4512 Fs_Rec - ok
15:48:36.0983 4512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:48:37.0029 4512 fvevol - ok
15:48:37.0139 4512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:48:37.0170 4512 gagp30kx - ok
15:48:37.0279 4512 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
15:48:37.0295 4512 ghaio - ok
15:48:37.0513 4512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:48:37.0591 4512 gpsvc - ok
15:48:37.0731 4512 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:48:37.0778 4512 gupdate - ok
15:48:37.0778 4512 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:48:37.0794 4512 gupdatem - ok
15:48:37.0872 4512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:48:37.0934 4512 hcw85cir - ok
15:48:38.0059 4512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:48:38.0121 4512 HdAudAddService - ok
15:48:38.0262 4512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:48:38.0309 4512 HDAudBus - ok
15:48:38.0340 4512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:48:38.0387 4512 HidBatt - ok
15:48:38.0527 4512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:48:38.0605 4512 HidBth - ok
15:48:38.0823 4512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:48:38.0870 4512 HidIr - ok
15:48:38.0948 4512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:48:39.0026 4512 hidserv - ok
15:48:39.0104 4512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:48:39.0120 4512 HidUsb - ok
15:48:39.0198 4512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:48:39.0260 4512 hkmsvc - ok
15:48:39.0307 4512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:48:39.0401 4512 HomeGroupListener - ok
15:48:39.0479 4512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:48:39.0525 4512 HomeGroupProvider - ok
15:48:39.0650 4512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:48:39.0681 4512 HpSAMD - ok
15:48:39.0775 4512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:48:39.0853 4512 HTTP - ok
15:48:40.0009 4512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:48:40.0040 4512 hwpolicy - ok
15:48:40.0103 4512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:48:40.0181 4512 i8042prt - ok
15:48:40.0383 4512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:48:40.0461 4512 iaStorV - ok
15:48:40.0602 4512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:48:40.0649 4512 idsvc - ok
15:48:40.0758 4512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:48:40.0773 4512 iirsp - ok
15:48:40.0836 4512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:48:40.0945 4512 IKEEXT - ok
15:48:41.0117 4512 IntcAzAudAddService (181e4ff75674a7105ecd0a02c35ef43a) C:\Windows\system32\drivers\RTKVHD64.sys
15:48:41.0179 4512 IntcAzAudAddService - ok
15:48:41.0273 4512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:48:41.0288 4512 intelide - ok
15:48:41.0335 4512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:48:41.0397 4512 intelppm - ok
15:48:41.0460 4512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:48:41.0538 4512 IPBusEnum - ok
15:48:41.0585 4512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:41.0663 4512 IpFilterDriver - ok
15:48:41.0772 4512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:48:41.0850 4512 iphlpsvc - ok
15:48:41.0959 4512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:48:42.0006 4512 IPMIDRV - ok
15:48:42.0053 4512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:48:42.0146 4512 IPNAT - ok
15:48:42.0209 4512 ipswuio - ok
15:48:42.0240 4512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:48:42.0302 4512 IRENUM - ok
15:48:42.0349 4512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:48:42.0365 4512 isapnp - ok
15:48:42.0474 4512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:48:42.0505 4512 iScsiPrt - ok
15:48:42.0536 4512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:48:42.0552 4512 kbdclass - ok
15:48:42.0583 4512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:48:42.0614 4512 kbdhid - ok
15:48:42.0723 4512 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
15:48:42.0739 4512 kbfiltr - ok
15:48:42.0770 4512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:42.0786 4512 KeyIso - ok
15:48:42.0801 4512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:48:42.0833 4512 KSecDD - ok
15:48:42.0911 4512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:48:42.0942 4512 KSecPkg - ok
15:48:42.0973 4512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:48:43.0035 4512 ksthunk - ok
15:48:43.0113 4512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:48:43.0191 4512 KtmRm - ok
15:48:43.0238 4512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:48:43.0301 4512 LanmanServer - ok
15:48:43.0394 4512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:48:43.0488 4512 LanmanWorkstation - ok
15:48:43.0550 4512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:48:43.0613 4512 lltdio - ok
15:48:43.0691 4512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:48:43.0769 4512 lltdsvc - ok
15:48:43.0800 4512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:48:43.0831 4512 lmhosts - ok
15:48:43.0893 4512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:48:43.0909 4512 LSI_FC - ok
15:48:43.0971 4512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:48:44.0003 4512 LSI_SAS - ok
15:48:44.0034 4512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:48:44.0049 4512 LSI_SAS2 - ok
15:48:44.0081 4512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:48:44.0112 4512 LSI_SCSI - ok
15:48:44.0205 4512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:48:44.0283 4512 luafv - ok
15:48:44.0330 4512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:48:44.0361 4512 Mcx2Svc - ok
15:48:44.0455 4512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:48:44.0486 4512 megasas - ok
15:48:44.0502 4512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:48:44.0517 4512 MegaSR - ok
15:48:44.0642 4512 Microsoft SharePoint Workspace Audit Service - ok
15:48:44.0720 4512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:48:44.0814 4512 MMCSS - ok
15:48:44.0861 4512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:48:44.0954 4512 Modem - ok
15:48:45.0032 4512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:48:45.0079 4512 monitor - ok
15:48:45.0173 4512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:48:45.0204 4512 mouclass - ok
15:48:45.0235 4512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:48:45.0297 4512 mouhid - ok
15:48:45.0391 4512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:48:45.0422 4512 mountmgr - ok
15:48:45.0469 4512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:48:45.0500 4512 mpio - ok
15:48:45.0594 4512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:48:45.0672 4512 mpsdrv - ok
15:48:45.0719 4512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:48:45.0781 4512 MpsSvc - ok
15:48:45.0890 4512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:48:45.0953 4512 MRxDAV - ok
15:48:45.0984 4512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:46.0031 4512 mrxsmb - ok
15:48:46.0140 4512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:46.0187 4512 mrxsmb10 - ok
15:48:46.0233 4512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:46.0280 4512 mrxsmb20 - ok
15:48:46.0374 4512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:48:46.0405 4512 msahci - ok
15:48:46.0436 4512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:48:46.0452 4512 msdsm - ok
15:48:46.0499 4512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:48:46.0545 4512 MSDTC - ok
15:48:46.0655 4512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:48:46.0717 4512 Msfs - ok
15:48:46.0733 4512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:48:46.0795 4512 mshidkmdf - ok
15:48:46.0889 4512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:48:46.0904 4512 msisadrv - ok
15:48:46.0951 4512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:48:47.0013 4512 MSiSCSI - ok
15:48:47.0076 4512 msiserver - ok
15:48:47.0154 4512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:48:47.0232 4512 MSKSSRV - ok
15:48:47.0310 4512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:47.0372 4512 MSPCLOCK - ok
15:48:47.0419 4512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:48:47.0466 4512 MSPQM - ok
15:48:47.0559 4512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:48:47.0591 4512 MsRPC - ok
15:48:47.0637 4512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:48:47.0653 4512 mssmbios - ok
15:48:47.0747 4512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:48:47.0809 4512 MSTEE - ok
15:48:47.0825 4512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:48:47.0856 4512 MTConfig - ok
15:48:47.0934 4512 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
15:48:47.0965 4512 MTsensor - ok
15:48:47.0996 4512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:48:48.0012 4512 Mup - ok
15:48:48.0059 4512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:48:48.0121 4512 napagent - ok
15:48:48.0246 4512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:48:48.0293 4512 NativeWifiP - ok
15:48:48.0371 4512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:48:48.0402 4512 NDIS - ok
15:48:48.0495 4512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:48.0573 4512 NdisCap - ok
15:48:48.0605 4512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:48.0667 4512 NdisTapi - ok
15:48:48.0761 4512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:48.0854 4512 Ndisuio - ok
15:48:48.0870 4512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:48.0932 4512 NdisWan - ok
15:48:49.0041 4512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:48:49.0119 4512 NDProxy - ok
15:48:49.0229 4512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:48:49.0338 4512 NetBIOS - ok
15:48:49.0369 4512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:48:49.0431 4512 NetBT - ok
15:48:49.0509 4512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:49.0541 4512 Netlogon - ok
15:48:49.0572 4512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:48:49.0665 4512 Netman - ok
15:48:49.0743 4512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:48:49.0821 4512 netprofm - ok
15:48:49.0946 4512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:49.0962 4512 NetTcpPortSharing - ok
15:48:50.0040 4512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:48:50.0071 4512 nfrd960 - ok
15:48:50.0149 4512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:48:50.0227 4512 NlaSvc - ok
15:48:50.0305 4512 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys
15:48:50.0383 4512 nmwcd - ok
15:48:50.0477 4512 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys
15:48:50.0555 4512 nmwcdc - ok
15:48:50.0570 4512 nmwcdnsucx64 (863aa6c58ac85a22355ae943c605e44b) C:\Windows\system32\drivers\nmwcdnsucx64.sys
15:48:50.0648 4512 nmwcdnsucx64 - ok
15:48:50.0726 4512 nmwcdnsux64 (7983d9201788407c4d1fc4d0baa04e32) C:\Windows\system32\drivers\nmwcdnsux64.sys
15:48:50.0789 4512 nmwcdnsux64 - ok
15:48:50.0820 4512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:48:50.0867 4512 Npfs - ok
15:48:50.0960 4512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:48:51.0038 4512 nsi - ok
15:48:51.0085 4512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:48:51.0147 4512 nsiproxy - ok
15:48:51.0288 4512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:48:51.0335 4512 Ntfs - ok
15:48:51.0413 4512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:48:51.0522 4512 Null - ok
15:48:51.0647 4512 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
15:48:51.0678 4512 NVHDA - ok
15:48:51.0990 4512 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:48:52.0208 4512 nvlddmkm - ok
15:48:52.0302 4512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:48:52.0333 4512 nvraid - ok
15:48:52.0364 4512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:48:52.0395 4512 nvstor - ok
15:48:52.0505 4512 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
15:48:52.0520 4512 nvstor64 - ok
15:48:52.0598 4512 NVSvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
15:48:52.0629 4512 NVSvc - ok
15:48:52.0723 4512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:48:52.0754 4512 nv_agp - ok
15:48:52.0832 4512 OberonGameConsoleService (649791f5b905e6a8ecced15ad8efd436) C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
15:48:52.0863 4512 OberonGameConsoleService - ok
15:48:52.0973 4512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:48:53.0019 4512 ohci1394 - ok
15:48:53.0113 4512 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:53.0144 4512 ose - ok
15:48:53.0363 4512 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:53.0534 4512 osppsvc - ok
15:48:53.0628 4512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:48:53.0690 4512 p2pimsvc - ok
15:48:53.0737 4512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:48:53.0768 4512 p2psvc - ok
15:48:53.0877 4512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:48:53.0924 4512 Parport - ok
15:48:53.0971 4512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:48:53.0987 4512 partmgr - ok
15:48:54.0049 4512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:48:54.0127 4512 PcaSvc - ok
15:48:54.0189 4512 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:48:54.0236 4512 pccsmcfd - ok
15:48:54.0330 4512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:48:54.0361 4512 pci - ok
15:48:54.0377 4512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:48:54.0392 4512 pciide - ok
15:48:54.0423 4512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:48:54.0439 4512 pcmcia - ok
15:48:54.0470 4512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:48:54.0486 4512 pcw - ok
15:48:54.0579 4512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:48:54.0657 4512 PEAUTH - ok
15:48:54.0751 4512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:48:54.0782 4512 PerfHost - ok
15:48:54.0907 4512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:48:54.0985 4512 pla - ok
15:48:55.0110 4512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:48:55.0172 4512 PlugPlay - ok
15:48:55.0203 4512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:48:55.0250 4512 PNRPAutoReg - ok
15:48:55.0328 4512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:48:55.0359 4512 PNRPsvc - ok
15:48:55.0406 4512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:48:55.0469 4512 PolicyAgent - ok
15:48:55.0562 4512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:48:55.0640 4512 Power - ok
15:48:55.0703 4512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:48:55.0781 4512 PptpMiniport - ok
15:48:55.0874 4512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:48:55.0921 4512 Processor - ok
15:48:56.0015 4512 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:48:56.0093 4512 ProfSvc - ok
15:48:56.0124 4512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:56.0139 4512 ProtectedStorage - ok
15:48:56.0249 4512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:48:56.0327 4512 Psched - ok
15:48:56.0405 4512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:48:56.0451 4512 ql2300 - ok
15:48:56.0545 4512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:48:56.0576 4512 ql40xx - ok
15:48:56.0623 4512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:48:56.0639 4512 QWAVE - ok
15:48:56.0732 4512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:48:56.0795 4512 QWAVEdrv - ok
15:48:56.0888 4512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:48:56.0951 4512 RasAcd - ok
15:48:57.0013 4512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:57.0060 4512 RasAgileVpn - ok
15:48:57.0153 4512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:48:57.0247 4512 RasAuto - ok
15:48:57.0309 4512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:57.0387 4512 Rasl2tp - ok
15:48:57.0481 4512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:48:57.0559 4512 RasMan - ok
15:48:57.0606 4512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:57.0684 4512 RasPppoe - ok
15:48:57.0762 4512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:48:57.0855 4512 RasSstp - ok
15:48:57.0902 4512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:48:57.0965 4512 rdbss - ok
15:48:58.0058 4512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:58.0105 4512 rdpbus - ok
15:48:58.0136 4512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:58.0199 4512 RDPCDD - ok
15:48:58.0292 4512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:48:58.0370 4512 RDPENCDD - ok
15:48:58.0464 4512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:48:58.0542 4512 RDPREFMP - ok
15:48:58.0589 4512 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:48:58.0635 4512 RDPWD - ok
15:48:58.0729 4512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:48:58.0776 4512 rdyboost - ok
15:48:58.0791 4512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:48:58.0854 4512 RemoteAccess - ok
15:48:58.0932 4512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:48:59.0025 4512 RemoteRegistry - ok
15:48:59.0057 4512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:48:59.0135 4512 RpcEptMapper - ok
15:48:59.0213 4512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:48:59.0259 4512 RpcLocator - ok
15:48:59.0306 4512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:48:59.0369 4512 RpcSs - ok
15:48:59.0462 4512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:48:59.0540 4512 rspndr - ok
15:48:59.0603 4512 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:48:59.0634 4512 RTL8167 - ok
15:48:59.0696 4512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:48:59.0712 4512 SamSs - ok
15:48:59.0774 4512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:48:59.0805 4512 sbp2port - ok
15:48:59.0837 4512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:48:59.0883 4512 SCardSvr - ok
15:48:59.0993 4512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:49:00.0071 4512 scfilter - ok
15:49:00.0133 4512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:49:00.0211 4512 Schedule - ok
15:49:00.0305 4512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:49:00.0351 4512 SCPolicySvc - ok
15:49:00.0398 4512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:49:00.0476 4512 SDRSVC - ok
15:49:00.0570 4512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:49:00.0632 4512 secdrv - ok
15:49:00.0695 4512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:49:00.0788 4512 seclogon - ok
15:49:00.0851 4512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:49:00.0913 4512 SENS - ok
15:49:00.0944 4512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:49:01.0007 4512 SensrSvc - ok
15:49:01.0085 4512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:49:01.0131 4512 Serenum - ok
15:49:01.0241 4512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:49:01.0272 4512 Serial - ok
15:49:01.0350 4512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:49:01.0397 4512 sermouse - ok
15:49:01.0475 4512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:49:01.0568 4512 SessionEnv - ok
15:49:01.0631 4512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:49:01.0709 4512 sffdisk - ok
15:49:01.0787 4512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:49:01.0833 4512 sffp_mmc - ok
15:49:01.0865 4512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:49:01.0927 4512 sffp_sd - ok
15:49:02.0021 4512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:49:02.0052 4512 sfloppy - ok
15:49:02.0114 4512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:49:02.0208 4512 SharedAccess - ok
15:49:02.0301 4512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:49:02.0411 4512 ShellHWDetection - ok
15:49:02.0520 4512 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
15:49:02.0567 4512 SiSGbeLH - ok
15:49:02.0676 4512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:49:02.0707 4512 SiSRaid2 - ok
15:49:02.0707 4512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:49:02.0723 4512 SiSRaid4 - ok
15:49:02.0738 4512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:49:02.0801 4512 Smb - ok
15:49:02.0894 4512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:49:02.0941 4512 SNMPTRAP - ok
15:49:03.0050 4512 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:49:03.0097 4512 SNP2UVC - ok
15:49:03.0191 4512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:49:03.0222 4512 spldr - ok
15:49:03.0300 4512 spmgr (739db668dbd812285ecc553e64a5e212) C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
15:49:03.0315 4512 spmgr - ok
15:49:03.0409 4512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:49:03.0471 4512 Spooler - ok
15:49:03.0643 4512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:49:03.0783 4512 sppsvc - ok
15:49:03.0861 4512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:49:03.0955 4512 sppuinotify - ok
15:49:04.0017 4512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:49:04.0111 4512 srv - ok
15:49:04.0205 4512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:49:04.0251 4512 srv2 - ok
15:49:04.0345 4512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:49:04.0392 4512 srvnet - ok
15:49:04.0439 4512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:49:04.0517 4512 SSDPSRV - ok
15:49:04.0579 4512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:49:04.0657 4512 SstpSvc - ok
15:49:04.0797 4512 Stereo Service (6086b60f2e36d06a063cb07ed0524332) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:49:04.0813 4512 Stereo Service - ok
15:49:04.0907 4512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:49:04.0938 4512 stexstor - ok
15:49:04.0985 4512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:49:05.0063 4512 stisvc - ok
15:49:05.0156 4512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:49:05.0172 4512 swenum - ok
15:49:05.0219 4512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:49:05.0297 4512 swprv - ok
15:49:05.0421 4512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:49:05.0484 4512 SysMain - ok
15:49:05.0562 4512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:49:05.0624 4512 TabletInputService - ok
15:49:05.0671 4512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:49:05.0733 4512 TapiSrv - ok
15:49:05.0811 4512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:49:05.0889 4512 TBS - ok
15:49:05.0967 4512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:49:06.0030 4512 Tcpip - ok
15:49:06.0186 4512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:49:06.0233 4512 TCPIP6 - ok
15:49:06.0326 4512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:49:06.0389 4512 tcpipreg - ok
15:49:06.0435 4512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:49:06.0482 4512 TDPIPE - ok
15:49:06.0560 4512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:49:06.0607 4512 TDTCP - ok
15:49:06.0669 4512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:49:06.0747 4512 tdx - ok
15:49:06.0825 4512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:49:06.0857 4512 TermDD - ok
15:49:06.0919 4512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:49:06.0997 4512 TermService - ok
15:49:07.0075 4512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:49:07.0122 4512 Themes - ok
15:49:07.0169 4512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:49:07.0215 4512 THREADORDER - ok
15:49:07.0231 4512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:49:07.0293 4512 TrkWks - ok
15:49:07.0387 4512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:49:07.0496 4512 TrustedInstaller - ok
15:49:07.0574 4512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:07.0652 4512 tssecsrv - ok
15:49:07.0761 4512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:49:07.0777 4512 TsUsbFlt - ok
15:49:07.0808 4512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:49:07.0871 4512 tunnel - ok
15:49:08.0058 4512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:49:08.0105 4512 uagp35 - ok
15:49:08.0339 4512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:49:08.0463 4512 udfs - ok
15:49:08.0619 4512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:49:08.0666 4512 UI0Detect - ok
15:49:08.0729 4512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:49:08.0760 4512 uliagpkx - ok
15:49:08.0853 4512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:49:08.0900 4512 umbus - ok
15:49:08.0978 4512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:49:09.0025 4512 UmPass - ok
15:49:09.0087 4512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:49:09.0150 4512 upnphost - ok
15:49:09.0212 4512 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:49:09.0259 4512 upperdev - ok
15:49:09.0337 4512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:09.0368 4512 usbccgp - ok
15:49:09.0446 4512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:49:09.0493 4512 usbcir - ok
15:49:09.0555 4512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:49:09.0602 4512 usbehci - ok
15:49:09.0727 4512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:49:09.0774 4512 usbhub - ok
15:49:09.0805 4512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:49:09.0852 4512 usbohci - ok
15:49:09.0945 4512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:49:09.0992 4512 usbprint - ok
15:49:10.0039 4512 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
15:49:10.0101 4512 usbser - ok
15:49:10.0211 4512 UsbserFilt (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:49:10.0273 4512 UsbserFilt - ok
15:49:10.0320 4512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:10.0367 4512 USBSTOR - ok
15:49:10.0460 4512 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:49:10.0538 4512 usbuhci - ok
15:49:10.0647 4512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:49:10.0694 4512 usbvideo - ok
15:49:10.0725 4512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:49:10.0788 4512 UxSms - ok
15:49:10.0850 4512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:49:10.0881 4512 VaultSvc - ok
15:49:10.0928 4512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:49:10.0944 4512 vdrvroot - ok
15:49:10.0991 4512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:49:11.0053 4512 vds - ok
15:49:11.0162 4512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:11.0193 4512 vga - ok
15:49:11.0225 4512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:49:11.0303 4512 VgaSave - ok
15:49:11.0412 4512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:49:11.0443 4512 vhdmp - ok
15:49:11.0459 4512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:49:11.0474 4512 viaide - ok
15:49:11.0505 4512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:49:11.0521 4512 volmgr - ok
15:49:11.0568 4512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:49:11.0599 4512 volmgrx - ok
15:49:11.0693 4512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:49:11.0739 4512 volsnap - ok
15:49:11.0771 4512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:49:11.0786 4512 vsmraid - ok
15:49:11.0895 4512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:49:11.0989 4512 VSS - ok
15:49:12.0067 4512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:49:12.0114 4512 vwifibus - ok
15:49:12.0161 4512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:49:12.0192 4512 vwififlt - ok
15:49:12.0270 4512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:49:12.0332 4512 W32Time - ok
15:49:12.0379 4512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:49:12.0410 4512 WacomPen - ok
15:49:12.0535 4512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:12.0613 4512 WANARP - ok
15:49:12.0629 4512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:12.0675 4512 Wanarpv6 - ok
15:49:12.0738 4512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:49:12.0831 4512 wbengine - ok
15:49:12.0894 4512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:49:12.0956 4512 WbioSrvc - ok
15:49:13.0003 4512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:49:13.0065 4512 wcncsvc - ok
15:49:13.0143 4512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:49:13.0206 4512 WcsPlugInService - ok
15:49:13.0237 4512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:49:13.0268 4512 Wd - ok
15:49:13.0299 4512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:49:13.0331 4512 Wdf01000 - ok
15:49:13.0409 4512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:49:13.0518 4512 WdiServiceHost - ok
15:49:13.0518 4512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:49:13.0549 4512 WdiSystemHost - ok
15:49:13.0627 4512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:49:13.0689 4512 WebClient - ok
15:49:13.0721 4512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:49:13.0783 4512 Wecsvc - ok
15:49:13.0861 4512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:49:13.0939 4512 wercplsupport - ok
15:49:13.0970 4512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:49:14.0017 4512 WerSvc - ok
15:49:14.0064 4512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:49:14.0126 4512 WfpLwf - ok
15:49:14.0220 4512 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:49:14.0251 4512 WimFltr - ok
15:49:14.0282 4512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:49:14.0298 4512 WIMMount - ok
15:49:14.0345 4512 WinDefend - ok
15:49:14.0360 4512 WinHttpAutoProxySvc - ok
15:49:14.0454 4512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:49:14.0625 4512 Winmgmt - ok
15:49:14.0750 4512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:49:14.0859 4512 WinRM - ok
15:49:14.0953 4512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:49:14.0984 4512 WinUsb - ok
15:49:15.0031 4512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:49:15.0062 4512 Wlansvc - ok
15:49:15.0249 4512 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:49:15.0312 4512 wlidsvc - ok
15:49:15.0390 4512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:49:15.0437 4512 WmiAcpi - ok
15:49:15.0483 4512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:49:15.0530 4512 wmiApSrv - ok
15:49:15.0577 4512 WMPNetworkSvc - ok
15:49:15.0655 4512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:49:15.0702 4512 WPCSvc - ok
15:49:15.0749 4512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:49:15.0795 4512 WPDBusEnum - ok
15:49:15.0873 4512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:49:15.0920 4512 ws2ifsl - ok
15:49:15.0951 4512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:49:15.0998 4512 wscsvc - ok
15:49:16.0045 4512 WSearch - ok
15:49:16.0154 4512 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:49:16.0248 4512 wuauserv - ok
15:49:16.0341 4512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:49:16.0404 4512 WudfPf - ok
15:49:16.0435 4512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:16.0497 4512 WUDFRd - ok
15:49:16.0575 4512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:49:16.0669 4512 wudfsvc - ok
15:49:16.0700 4512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:49:16.0747 4512 WwanSvc - ok
15:49:16.0778 4512 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:49:16.0965 4512 \Device\Harddisk0\DR0 - ok
15:49:16.0965 4512 Boot (0x1200) (1438de6e99a3fb027ab06c5b6841aefd) \Device\Harddisk0\DR0\Partition0
15:49:16.0965 4512 \Device\Harddisk0\DR0\Partition0 - ok
15:49:16.0981 4512 Boot (0x1200) (dc6acd86ebf4e8abd46f53ebb43bae09) \Device\Harddisk0\DR0\Partition1
15:49:16.0981 4512 \Device\Harddisk0\DR0\Partition1 - ok
15:49:16.0981 4512 ============================================================
15:49:16.0981 4512 Scan finished
15:49:16.0981 4512 ============================================================
15:49:16.0997 1792 Detected object count: 0
15:49:16.0997 1792 Actual detected object count: 0

markusg · 29.03.2012, 13:54

wieso nach dem zweiten, wo ist das erste...

Hipparchus · 29.03.2012, 20:33

Ach **** . Mein Fehler. Hab zunächst gedacht , dass der mir nach Neustart ein txt öffnet ,
aber Fehlanzeige. So hab ich einen zweiten Durchgang gestartet und dann aus dem Report-Fenster
kopiert. Hab mitlerweile allerdings festgestellt , dass die auf C hinterlegt wurden. Hier nun der erste:

15:31:20.0935 3716 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
15:31:20.0997 3716 ============================================================
15:31:20.0997 3716 Current date / time: 2012/03/29 15:31:20.0997
15:31:20.0997 3716 SystemInfo:
15:31:20.0997 3716
15:31:20.0997 3716 OS Version: 6.1.7601 ServicePack: 1.0
15:31:20.0997 3716 Product type: Workstation
15:31:20.0997 3716 ComputerName: DICKLI
15:31:20.0997 3716 UserName: Administrator
15:31:20.0997 3716 Windows directory: C:\Windows
15:31:20.0997 3716 System windows directory: C:\Windows
15:31:20.0997 3716 Running under WOW64
15:31:20.0997 3716 Processor architecture: Intel x64
15:31:20.0997 3716 Number of processors: 2
15:31:20.0997 3716 Page size: 0x1000
15:31:20.0997 3716 Boot type: Normal boot
15:31:20.0997 3716 ============================================================
15:31:22.0245 3716 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:22.0261 3716 \Device\Harddisk0\DR0:
15:31:22.0261 3716 MBR used
15:31:22.0261 3716 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0x950A600
15:31:22.0276 3716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xB2557B7, BlocksNum 0x1A1D7F0A
15:31:22.0401 3716 Initialize success
15:31:22.0401 3716 ============================================================
15:31:33.0134 2524 ============================================================
15:31:33.0134 2524 Scan started
15:31:33.0134 2524 Mode: Manual;
15:31:33.0134 2524 ============================================================
15:31:34.0819 2524 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:31:34.0834 2524 1394ohci - ok
15:31:34.0975 2524 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
15:31:35.0006 2524 acedrv11 - ok
15:31:35.0193 2524 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:31:35.0193 2524 ACPI - ok
15:31:35.0349 2524 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:31:35.0349 2524 AcpiPmi - ok
15:31:35.0536 2524 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:31:35.0552 2524 adp94xx - ok
15:31:35.0708 2524 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:31:35.0724 2524 adpahci - ok
15:31:35.0864 2524 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:31:35.0880 2524 adpu320 - ok
15:31:36.0004 2524 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
15:31:36.0004 2524 ADSMService - ok
15:31:36.0098 2524 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:31:36.0114 2524 AeLookupSvc - ok
15:31:36.0254 2524 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
15:31:36.0270 2524 AFBAgent - ok
15:31:36.0332 2524 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:31:36.0348 2524 AFD - ok
15:31:36.0504 2524 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:31:36.0535 2524 agp440 - ok
15:31:36.0613 2524 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:31:36.0613 2524 ALG - ok
15:31:36.0706 2524 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:31:36.0738 2524 aliide - ok
15:31:36.0847 2524 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:31:36.0862 2524 amdide - ok
15:31:37.0112 2524 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:31:37.0128 2524 AmdK8 - ok
15:31:37.0424 2524 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:31:37.0440 2524 AmdPPM - ok
15:31:37.0564 2524 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:31:37.0580 2524 amdsata - ok
15:31:37.0642 2524 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:31:37.0642 2524 amdsbs - ok
15:31:37.0876 2524 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:31:37.0876 2524 amdxata - ok
15:31:38.0110 2524 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:31:38.0126 2524 AntiVirSchedulerService - ok
15:31:38.0422 2524 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:31:38.0422 2524 AntiVirService - ok
15:31:38.0594 2524 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:31:38.0594 2524 AppID - ok
15:31:38.0734 2524 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:31:38.0750 2524 AppIDSvc - ok
15:31:38.0953 2524 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:31:38.0953 2524 Appinfo - ok
15:31:39.0140 2524 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:31:39.0171 2524 arc - ok
15:31:39.0296 2524 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:31:39.0296 2524 arcsas - ok
15:31:39.0343 2524 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
15:31:39.0358 2524 AsDsm - ok
15:31:39.0421 2524 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:31:39.0421 2524 ASLDRService - ok
15:31:39.0499 2524 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:31:39.0514 2524 ASMMAP64 - ok
15:31:39.0608 2524 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:39.0624 2524 AsyncMac - ok
15:31:39.0670 2524 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:31:39.0686 2524 atapi - ok
15:31:39.0873 2524 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
15:31:39.0951 2524 athr - ok
15:31:40.0060 2524 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:31:40.0060 2524 ATKGFNEXSrv - ok
15:31:40.0310 2524 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:31:40.0372 2524 AudioEndpointBuilder - ok
15:31:40.0435 2524 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:31:40.0435 2524 AudioSrv - ok
15:31:40.0669 2524 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:31:40.0684 2524 avgntflt - ok
15:31:40.0872 2524 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
15:31:40.0872 2524 avipbb - ok
15:31:41.0074 2524 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:31:41.0074 2524 avkmgr - ok
15:31:41.0324 2524 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:31:41.0324 2524 AxInstSV - ok
15:31:41.0511 2524 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:31:41.0527 2524 b06bdrv - ok
15:31:41.0636 2524 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:41.0652 2524 b57nd60a - ok
15:31:41.0839 2524 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:31:41.0839 2524 BBSvc - ok
15:31:42.0010 2524 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:31:42.0026 2524 BBUpdate - ok
15:31:42.0088 2524 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:31:42.0104 2524 BDESVC - ok
15:31:42.0166 2524 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:31:42.0166 2524 Beep - ok
15:31:42.0385 2524 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:31:42.0416 2524 BFE - ok
15:31:42.0588 2524 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:31:42.0603 2524 BITS - ok
15:31:42.0790 2524 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:42.0806 2524 blbdrive - ok
15:31:42.0993 2524 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:31:43.0009 2524 bowser - ok
15:31:43.0134 2524 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:31:43.0149 2524 BrFiltLo - ok
15:31:43.0368 2524 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:31:43.0368 2524 BrFiltUp - ok
15:31:43.0524 2524 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:31:43.0524 2524 BridgeMP - ok
15:31:43.0680 2524 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:31:43.0680 2524 Browser - ok
15:31:43.0836 2524 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:31:43.0851 2524 Brserid - ok
15:31:44.0194 2524 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:44.0241 2524 BrSerWdm - ok
15:31:44.0397 2524 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:44.0444 2524 BrUsbMdm - ok
15:31:44.0522 2524 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:44.0538 2524 BrUsbSer - ok
15:31:44.0600 2524 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:31:44.0616 2524 BTHMODEM - ok
15:31:44.0818 2524 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:31:44.0834 2524 bthserv - ok
15:31:44.0834 2524 catchme - ok
15:31:44.0990 2524 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:31:45.0021 2524 cdfs - ok
15:31:45.0333 2524 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:31:45.0380 2524 cdrom - ok
15:31:45.0552 2524 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:31:45.0583 2524 CertPropSvc - ok
15:31:45.0801 2524 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:31:45.0817 2524 circlass - ok
15:31:45.0988 2524 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:31:46.0020 2524 CLFS - ok
15:31:46.0191 2524 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:46.0191 2524 clr_optimization_v2.0.50727_32 - ok
15:31:46.0300 2524 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:46.0332 2524 clr_optimization_v2.0.50727_64 - ok
15:31:46.0503 2524 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:46.0503 2524 clr_optimization_v4.0.30319_32 - ok
15:31:46.0628 2524 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:46.0628 2524 clr_optimization_v4.0.30319_64 - ok
15:31:46.0737 2524 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:46.0737 2524 CmBatt - ok
15:31:46.0784 2524 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:31:46.0800 2524 cmdide - ok
15:31:46.0924 2524 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:31:46.0956 2524 CNG - ok
15:31:47.0065 2524 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:31:47.0080 2524 Compbatt - ok
15:31:47.0205 2524 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:31:47.0221 2524 CompositeBus - ok
15:31:47.0283 2524 COMSysApp - ok
15:31:47.0346 2524 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:31:47.0361 2524 crcdisk - ok
15:31:47.0470 2524 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:31:47.0486 2524 CryptSvc - ok
15:31:47.0548 2524 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:31:47.0564 2524 DcomLaunch - ok
15:31:47.0658 2524 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:31:47.0658 2524 defragsvc - ok
15:31:47.0720 2524 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:31:47.0736 2524 DfsC - ok
15:31:47.0860 2524 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:31:47.0860 2524 Dhcp - ok
15:31:47.0954 2524 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:31:47.0954 2524 discache - ok
15:31:48.0063 2524 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:31:48.0079 2524 Disk - ok
15:31:48.0172 2524 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:31:48.0188 2524 Dnscache - ok
15:31:48.0250 2524 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:31:48.0266 2524 dot3svc - ok
15:31:48.0344 2524 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:31:48.0344 2524 DPS - ok
15:31:48.0406 2524 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:31:48.0406 2524 drmkaud - ok
15:31:48.0562 2524 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:31:48.0578 2524 DXGKrnl - ok
15:31:48.0687 2524 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:31:48.0687 2524 EapHost - ok
15:31:48.0890 2524 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:31:48.0968 2524 ebdrv - ok
15:31:49.0062 2524 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:31:49.0077 2524 EFS - ok
15:31:49.0155 2524 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:31:49.0171 2524 ehRecvr - ok
15:31:49.0296 2524 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:31:49.0296 2524 ehSched - ok
15:31:49.0436 2524 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:31:49.0452 2524 elxstor - ok
15:31:49.0592 2524 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:31:49.0592 2524 ErrDev - ok
15:31:49.0732 2524 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
15:31:49.0764 2524 ETD - ok
15:31:49.0857 2524 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:31:49.0857 2524 EventSystem - ok
15:31:49.0904 2524 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:31:49.0920 2524 exfat - ok
15:31:49.0966 2524 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:31:49.0998 2524 fastfat - ok
15:31:50.0107 2524 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:31:50.0122 2524 Fax - ok
15:31:50.0278 2524 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:31:50.0278 2524 fdc - ok
15:31:50.0372 2524 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:31:50.0388 2524 fdPHost - ok
15:31:50.0419 2524 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:31:50.0419 2524 FDResPub - ok
15:31:50.0497 2524 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:31:50.0512 2524 FileInfo - ok
15:31:50.0622 2524 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:31:50.0622 2524 Filetrace - ok
15:31:50.0856 2524 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:31:50.0856 2524 FLEXnet Licensing Service - ok
15:31:50.0965 2524 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:50.0980 2524 flpydisk - ok
15:31:51.0043 2524 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:31:51.0043 2524 FltMgr - ok
15:31:51.0183 2524 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:31:51.0214 2524 FontCache - ok
15:31:51.0339 2524 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:51.0339 2524 FontCache3.0.0.0 - ok
15:31:51.0448 2524 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:31:51.0448 2524 FsDepends - ok
15:31:51.0558 2524 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:31:51.0573 2524 fssfltr - ok
15:31:51.0667 2524 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:31:51.0682 2524 fsssvc - ok
15:31:51.0807 2524 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:31:51.0807 2524 Fs_Rec - ok
15:31:51.0979 2524 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:31:51.0994 2524 fvevol - ok
15:31:52.0166 2524 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:31:52.0182 2524 gagp30kx - ok
15:31:52.0306 2524 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
15:31:52.0306 2524 ghaio - ok
15:31:52.0447 2524 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:31:52.0478 2524 gpsvc - ok
15:31:52.0681 2524 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:52.0681 2524 gupdate - ok
15:31:52.0728 2524 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:52.0728 2524 gupdatem - ok
15:31:52.0821 2524 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:31:52.0837 2524 hcw85cir - ok
15:31:53.0071 2524 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:31:53.0086 2524 HdAudAddService - ok
15:31:53.0274 2524 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:31:53.0274 2524 HDAudBus - ok
15:31:53.0414 2524 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:31:53.0430 2524 HidBatt - ok
15:31:53.0508 2524 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:31:53.0523 2524 HidBth - ok
15:31:53.0586 2524 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:31:53.0586 2524 HidIr - ok
15:31:53.0664 2524 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:31:53.0679 2524 hidserv - ok
15:31:53.0757 2524 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:31:53.0757 2524 HidUsb - ok
15:31:53.0835 2524 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:31:53.0851 2524 hkmsvc - ok
15:31:53.0929 2524 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:31:53.0944 2524 HomeGroupListener - ok
15:31:54.0054 2524 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:31:54.0054 2524 HomeGroupProvider - ok
15:31:54.0163 2524 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:31:54.0163 2524 HpSAMD - ok
15:31:54.0334 2524 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:31:54.0334 2524 HTTP - ok
15:31:54.0475 2524 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:31:54.0475 2524 hwpolicy - ok
15:31:54.0615 2524 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:31:54.0631 2524 i8042prt - ok
15:31:54.0678 2524 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:31:54.0678 2524 iaStorV - ok
15:31:54.0849 2524 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:31:54.0849 2524 IDriverT - ok
15:31:55.0021 2524 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:55.0052 2524 idsvc - ok
15:31:55.0161 2524 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:31:55.0161 2524 iirsp - ok
15:31:55.0255 2524 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:31:55.0286 2524 IKEEXT - ok
15:31:55.0473 2524 IntcAzAudAddService (181e4ff75674a7105ecd0a02c35ef43a) C:\Windows\system32\drivers\RTKVHD64.sys
15:31:55.0504 2524 IntcAzAudAddService - ok
15:31:55.0645 2524 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:31:55.0645 2524 intelide - ok
15:31:55.0863 2524 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:31:55.0863 2524 intelppm - ok
15:31:56.0004 2524 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:31:56.0004 2524 IPBusEnum - ok
15:31:56.0128 2524 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:56.0128 2524 IpFilterDriver - ok
15:31:56.0284 2524 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:31:56.0331 2524 iphlpsvc - ok
15:31:56.0440 2524 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:31:56.0456 2524 IPMIDRV - ok
15:31:56.0628 2524 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:31:56.0643 2524 IPNAT - ok
15:31:56.0768 2524 ipswuio - ok
15:31:56.0862 2524 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:31:56.0862 2524 IRENUM - ok
15:31:56.0924 2524 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:31:56.0924 2524 isapnp - ok
15:31:57.0033 2524 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:31:57.0049 2524 iScsiPrt - ok
15:31:57.0111 2524 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:31:57.0111 2524 kbdclass - ok
15:31:57.0252 2524 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:31:57.0252 2524 kbdhid - ok
15:31:57.0408 2524 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
15:31:57.0408 2524 kbfiltr - ok
15:31:57.0486 2524 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:31:57.0501 2524 KeyIso - ok
15:31:57.0532 2524 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:31:57.0548 2524 KSecDD - ok
15:31:57.0564 2524 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:31:57.0579 2524 KSecPkg - ok
15:31:57.0704 2524 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:31:57.0704 2524 ksthunk - ok
15:31:57.0798 2524 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:31:57.0829 2524 KtmRm - ok
15:31:57.0907 2524 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:31:57.0922 2524 LanmanServer - ok
15:31:58.0000 2524 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:31:58.0032 2524 LanmanWorkstation - ok
15:31:58.0110 2524 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:31:58.0110 2524 lltdio - ok
15:31:58.0188 2524 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:31:58.0219 2524 lltdsvc - ok
15:31:58.0234 2524 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:31:58.0250 2524 lmhosts - ok
15:31:58.0375 2524 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:31:58.0390 2524 LSI_FC - ok
15:31:58.0484 2524 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:31:58.0500 2524 LSI_SAS - ok
15:31:58.0500 2524 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:31:58.0515 2524 LSI_SAS2 - ok
15:31:58.0546 2524 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:31:58.0546 2524 LSI_SCSI - ok
15:31:58.0562 2524 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:31:58.0578 2524 luafv - ok
15:31:58.0609 2524 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:31:58.0624 2524 Mcx2Svc - ok
15:31:58.0718 2524 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:31:58.0734 2524 megasas - ok
15:31:58.0765 2524 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:31:58.0765 2524 MegaSR - ok
15:31:58.0890 2524 Microsoft SharePoint Workspace Audit Service - ok
15:31:58.0983 2524 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:31:58.0999 2524 MMCSS - ok
15:31:59.0046 2524 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:31:59.0061 2524 Modem - ok
15:31:59.0139 2524 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:31:59.0139 2524 monitor - ok
15:31:59.0202 2524 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:31:59.0217 2524 mouclass - ok
15:31:59.0326 2524 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:31:59.0358 2524 mouhid - ok
15:31:59.0467 2524 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:31:59.0467 2524 mountmgr - ok
15:31:59.0560 2524 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:31:59.0576 2524 mpio - ok
15:31:59.0623 2524 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:31:59.0638 2524 mpsdrv - ok
15:31:59.0748 2524 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:31:59.0763 2524 MpsSvc - ok
15:31:59.0904 2524 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:31:59.0919 2524 MRxDAV - ok
15:31:59.0982 2524 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:59.0997 2524 mrxsmb - ok
15:32:00.0122 2524 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:00.0138 2524 mrxsmb10 - ok
15:32:00.0184 2524 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:00.0200 2524 mrxsmb20 - ok
15:32:00.0325 2524 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:32:00.0325 2524 msahci - ok
15:32:00.0418 2524 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:32:00.0434 2524 msdsm - ok
15:32:00.0481 2524 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:32:00.0481 2524 MSDTC - ok
15:32:00.0574 2524 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:32:00.0590 2524 Msfs - ok
15:32:00.0730 2524 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:32:00.0730 2524 mshidkmdf - ok
15:32:00.0918 2524 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:32:00.0918 2524 msisadrv - ok
15:32:00.0980 2524 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:32:00.0980 2524 MSiSCSI - ok
15:32:01.0042 2524 msiserver - ok
15:32:01.0152 2524 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:32:01.0167 2524 MSKSSRV - ok
15:32:01.0339 2524 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:01.0339 2524 MSPCLOCK - ok
15:32:01.0495 2524 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:32:01.0495 2524 MSPQM - ok
15:32:01.0651 2524 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:32:01.0666 2524 MsRPC - ok
15:32:01.0822 2524 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:32:01.0822 2524 mssmbios - ok
15:32:01.0869 2524 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:32:01.0869 2524 MSTEE - ok
15:32:01.0932 2524 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:32:01.0932 2524 MTConfig - ok
15:32:01.0978 2524 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
15:32:01.0978 2524 MTsensor - ok
15:32:02.0010 2524 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:32:02.0025 2524 Mup - ok
15:32:02.0119 2524 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:32:02.0134 2524 napagent - ok
15:32:02.0244 2524 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:32:02.0259 2524 NativeWifiP - ok
15:32:02.0415 2524 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:32:02.0431 2524 NDIS - ok
15:32:02.0556 2524 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:32:02.0556 2524 NdisCap - ok
15:32:02.0680 2524 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:02.0680 2524 NdisTapi - ok
15:32:02.0805 2524 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:02.0805 2524 Ndisuio - ok
15:32:02.0836 2524 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:02.0852 2524 NdisWan - ok
15:32:02.0977 2524 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:32:02.0977 2524 NDProxy - ok
15:32:03.0070 2524 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:32:03.0070 2524 NetBIOS - ok
15:32:03.0148 2524 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:32:03.0148 2524 NetBT - ok
15:32:03.0226 2524 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:32:03.0242 2524 Netlogon - ok
15:32:03.0320 2524 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:32:03.0320 2524 Netman - ok
15:32:03.0351 2524 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:32:03.0351 2524 netprofm - ok
15:32:03.0507 2524 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:32:03.0507 2524 NetTcpPortSharing - ok
15:32:03.0694 2524 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:32:03.0694 2524 nfrd960 - ok
15:32:04.0131 2524 NIHardwareService (feec2e32343969019de5bd65ea46fe2c) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
15:32:04.0287 2524 NIHardwareService - ok
15:32:04.0381 2524 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:32:04.0396 2524 NlaSvc - ok
15:32:04.0428 2524 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys
15:32:04.0443 2524 nmwcd - ok
15:32:04.0459 2524 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys
15:32:04.0474 2524 nmwcdc - ok
15:32:04.0599 2524 nmwcdnsucx64 (863aa6c58ac85a22355ae943c605e44b) C:\Windows\system32\drivers\nmwcdnsucx64.sys
15:32:04.0599 2524 nmwcdnsucx64 - ok
15:32:04.0693 2524 nmwcdnsux64 (7983d9201788407c4d1fc4d0baa04e32) C:\Windows\system32\drivers\nmwcdnsux64.sys
15:32:04.0693 2524 nmwcdnsux64 - ok
15:32:04.0771 2524 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:32:04.0771 2524 Npfs - ok
15:32:04.0864 2524 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:32:04.0880 2524 nsi - ok
15:32:04.0927 2524 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:32:04.0927 2524 nsiproxy - ok
15:32:05.0114 2524 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:32:05.0161 2524 Ntfs - ok
15:32:05.0286 2524 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:32:05.0301 2524 Null - ok
15:32:05.0442 2524 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
15:32:05.0457 2524 NVHDA - ok
15:32:06.0190 2524 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:32:06.0284 2524 nvlddmkm - ok
15:32:06.0471 2524 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:32:06.0487 2524 nvraid - ok
15:32:06.0674 2524 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:32:06.0690 2524 nvstor - ok
15:32:06.0892 2524 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
15:32:06.0892 2524 nvstor64 - ok
15:32:07.0095 2524 NVSvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
15:32:07.0158 2524 NVSvc - ok
15:32:07.0251 2524 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:32:07.0267 2524 nv_agp - ok
15:32:07.0360 2524 OberonGameConsoleService (649791f5b905e6a8ecced15ad8efd436) C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
15:32:07.0360 2524 OberonGameConsoleService - ok
15:32:07.0485 2524 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:32:07.0485 2524 ohci1394 - ok
15:32:07.0579 2524 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:32:07.0594 2524 ose - ok
15:32:07.0891 2524 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:32:08.0016 2524 osppsvc - ok
15:32:08.0109 2524 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:32:08.0125 2524 p2pimsvc - ok
15:32:08.0187 2524 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:32:08.0187 2524 p2psvc - ok
15:32:08.0359 2524 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:32:08.0374 2524 Parport - ok
15:32:08.0515 2524 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:32:08.0515 2524 partmgr - ok
15:32:08.0593 2524 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:32:08.0593 2524 PcaSvc - ok
15:32:08.0655 2524 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:32:08.0655 2524 pccsmcfd - ok
15:32:08.0780 2524 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:32:08.0796 2524 pci - ok
15:32:08.0905 2524 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:32:08.0905 2524 pciide - ok
15:32:09.0030 2524 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:09.0045 2524 pcmcia - ok
15:32:09.0186 2524 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:32:09.0186 2524 pcw - ok
15:32:09.0373 2524 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:32:09.0404 2524 PEAUTH - ok
15:32:09.0498 2524 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:32:09.0498 2524 PerfHost - ok
15:32:09.0685 2524 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:32:09.0716 2524 pla - ok
15:32:09.0872 2524 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:32:09.0872 2524 PlugPlay - ok
15:32:09.0903 2524 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:32:09.0919 2524 PNRPAutoReg - ok
15:32:09.0997 2524 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:32:10.0012 2524 PNRPsvc - ok
15:32:10.0090 2524 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:32:10.0168 2524 PolicyAgent - ok
15:32:10.0402 2524 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:32:10.0418 2524 Power - ok
15:32:10.0480 2524 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:32:10.0496 2524 PptpMiniport - ok
15:32:10.0621 2524 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:32:10.0636 2524 Processor - ok
15:32:10.0746 2524 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:32:10.0761 2524 ProfSvc - ok
15:32:10.0792 2524 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:32:10.0792 2524 ProtectedStorage - ok
15:32:10.0855 2524 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:32:10.0870 2524 Psched - ok
15:32:10.0980 2524 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:32:11.0011 2524 ql2300 - ok
15:32:11.0136 2524 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:32:11.0151 2524 ql40xx - ok
15:32:11.0276 2524 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:32:11.0276 2524 QWAVE - ok
15:32:11.0370 2524 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:32:11.0370 2524 QWAVEdrv - ok
15:32:11.0463 2524 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:32:11.0463 2524 RasAcd - ok
15:32:11.0541 2524 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:32:11.0541 2524 RasAgileVpn - ok
15:32:11.0635 2524 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:32:11.0650 2524 RasAuto - ok
15:32:11.0713 2524 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:11.0728 2524 Rasl2tp - ok
15:32:11.0822 2524 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:32:11.0853 2524 RasMan - ok
15:32:11.0916 2524 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:11.0916 2524 RasPppoe - ok
15:32:12.0040 2524 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:32:12.0056 2524 RasSstp - ok
15:32:12.0150 2524 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:32:12.0165 2524 rdbss - ok
15:32:12.0196 2524 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:32:12.0196 2524 rdpbus - ok
15:32:12.0228 2524 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:12.0228 2524 RDPCDD - ok
15:32:12.0337 2524 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:32:12.0352 2524 RDPENCDD - ok
15:32:12.0508 2524 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:32:12.0508 2524 RDPREFMP - ok
15:32:12.0602 2524 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:32:12.0618 2524 RDPWD - ok
15:32:12.0696 2524 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:32:12.0696 2524 rdyboost - ok
15:32:12.0774 2524 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:32:12.0789 2524 RemoteAccess - ok
15:32:12.0820 2524 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:32:12.0820 2524 RemoteRegistry - ok
15:32:12.0914 2524 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:32:12.0930 2524 RpcEptMapper - ok
15:32:12.0961 2524 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:32:12.0961 2524 RpcLocator - ok
15:32:13.0023 2524 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:32:13.0039 2524 RpcSs - ok
15:32:13.0148 2524 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:32:13.0148 2524 rspndr - ok
15:32:13.0351 2524 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:32:13.0366 2524 RTL8167 - ok
15:32:13.0476 2524 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:32:13.0476 2524 SamSs - ok
15:32:13.0554 2524 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:32:13.0554 2524 sbp2port - ok
15:32:13.0663 2524 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:32:13.0678 2524 SCardSvr - ok
15:32:13.0741 2524 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:32:13.0756 2524 scfilter - ok
15:32:13.0866 2524 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:32:13.0881 2524 Schedule - ok
15:32:13.0959 2524 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:32:13.0959 2524 SCPolicySvc - ok
15:32:14.0022 2524 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:32:14.0037 2524 SDRSVC - ok
15:32:14.0100 2524 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:32:14.0100 2524 secdrv - ok
15:32:14.0240 2524 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:32:14.0240 2524 seclogon - ok
15:32:14.0287 2524 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:32:14.0287 2524 SENS - ok
15:32:14.0380 2524 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:32:14.0380 2524 SensrSvc - ok
15:32:14.0427 2524 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:32:14.0443 2524 Serenum - ok
15:32:14.0552 2524 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:32:14.0552 2524 Serial - ok
15:32:14.0630 2524 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:32:14.0630 2524 sermouse - ok
15:32:14.0739 2524 ServiceLayer (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:32:14.0755 2524 ServiceLayer - ok
15:32:14.0895 2524 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:32:14.0911 2524 SessionEnv - ok
15:32:14.0973 2524 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:32:14.0973 2524 sffdisk - ok
15:32:15.0036 2524 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:32:15.0051 2524 sffp_mmc - ok
15:32:15.0098 2524 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:32:15.0114 2524 sffp_sd - ok
15:32:15.0160 2524 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:15.0160 2524 sfloppy - ok
15:32:15.0238 2524 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:32:15.0254 2524 SharedAccess - ok
15:32:15.0316 2524 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:32:15.0332 2524 ShellHWDetection - ok
15:32:15.0457 2524 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
15:32:15.0472 2524 SiSGbeLH - ok
15:32:15.0519 2524 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:32:15.0519 2524 SiSRaid2 - ok
15:32:15.0535 2524 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:32:15.0550 2524 SiSRaid4 - ok
15:32:15.0597 2524 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:32:15.0597 2524 Smb - ok
15:32:15.0691 2524 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:32:15.0706 2524 SNMPTRAP - ok
15:32:15.0816 2524 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:32:15.0847 2524 SNP2UVC - ok
15:32:15.0940 2524 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:32:15.0956 2524 spldr - ok
15:32:16.0034 2524 spmgr (739db668dbd812285ecc553e64a5e212) C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
15:32:16.0034 2524 spmgr - ok
15:32:16.0159 2524 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:32:16.0174 2524 Spooler - ok
15:32:16.0315 2524 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:32:16.0393 2524 sppsvc - ok
15:32:16.0471 2524 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:32:16.0486 2524 sppuinotify - ok
15:32:16.0596 2524 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
15:32:16.0596 2524 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
15:32:16.0596 2524 sptd ( LockedFile.Multi.Generic ) - warning
15:32:16.0596 2524 sptd - detected LockedFile.Multi.Generic (1)
15:32:16.0705 2524 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:32:16.0720 2524 srv - ok
15:32:16.0783 2524 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:32:16.0798 2524 srv2 - ok
15:32:16.0861 2524 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:32:16.0876 2524 srvnet - ok
15:32:16.0939 2524 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:32:16.0954 2524 SSDPSRV - ok
15:32:16.0986 2524 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:32:16.0986 2524 SstpSvc - ok
15:32:17.0157 2524 Stereo Service (6086b60f2e36d06a063cb07ed0524332) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:32:17.0173 2524 Stereo Service - ok
15:32:17.0251 2524 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:32:17.0266 2524 stexstor - ok
15:32:17.0329 2524 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:32:17.0344 2524 stisvc - ok
15:32:17.0438 2524 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:32:17.0454 2524 swenum - ok
15:32:17.0563 2524 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:32:17.0578 2524 SwitchBoard - ok
15:32:17.0719 2524 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:32:17.0734 2524 swprv - ok
15:32:17.0875 2524 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:32:17.0906 2524 SysMain - ok
15:32:17.0984 2524 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:32:18.0000 2524 TabletInputService - ok
15:32:18.0046 2524 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:32:18.0062 2524 TapiSrv - ok
15:32:18.0156 2524 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:32:18.0156 2524 TBS - ok
15:32:18.0249 2524 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:32:18.0280 2524 Tcpip - ok
15:32:18.0452 2524 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:32:18.0468 2524 TCPIP6 - ok
15:32:18.0592 2524 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:32:18.0608 2524 tcpipreg - ok
15:32:18.0780 2524 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:32:18.0780 2524 TDPIPE - ok
15:32:18.0936 2524 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:32:18.0936 2524 TDTCP - ok
15:32:19.0138 2524 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:32:19.0138 2524 tdx - ok
15:32:19.0310 2524 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:32:19.0310 2524 TermDD - ok
15:32:19.0404 2524 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:32:19.0419 2524 TermService - ok
15:32:19.0544 2524 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:32:19.0560 2524 Themes - ok
15:32:19.0606 2524 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:32:19.0606 2524 THREADORDER - ok
15:32:19.0700 2524 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:32:19.0716 2524 TrkWks - ok
15:32:19.0809 2524 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:32:19.0825 2524 TrustedInstaller - ok
15:32:19.0950 2524 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:19.0950 2524 tssecsrv - ok
15:32:20.0074 2524 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:32:20.0090 2524 TsUsbFlt - ok
15:32:20.0199 2524 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:32:20.0199 2524 tunnel - ok
15:32:20.0324 2524 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:32:20.0340 2524 uagp35 - ok
15:32:20.0464 2524 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:32:20.0480 2524 udfs - ok
15:32:20.0558 2524 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:32:20.0558 2524 UI0Detect - ok
15:32:20.0605 2524 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:32:20.0605 2524 uliagpkx - ok
15:32:20.0667 2524 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:32:20.0667 2524 umbus - ok
15:32:20.0776 2524 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:32:20.0792 2524 UmPass - ok
15:32:20.0870 2524 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:32:20.0886 2524 upnphost - ok
15:32:20.0932 2524 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:32:20.0932 2524 upperdev - ok
15:32:20.0964 2524 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:20.0979 2524 usbccgp - ok
15:32:21.0104 2524 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:32:21.0120 2524 usbcir - ok
15:32:21.0213 2524 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:32:21.0229 2524 usbehci - ok
15:32:21.0338 2524 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:32:21.0354 2524 usbhub - ok
15:32:21.0463 2524 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:32:21.0463 2524 usbohci - ok
15:32:21.0588 2524 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:32:21.0588 2524 usbprint - ok
15:32:21.0712 2524 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
15:32:21.0712 2524 usbser - ok
15:32:21.0837 2524 UsbserFilt (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:32:21.0853 2524 UsbserFilt - ok
15:32:21.0946 2524 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:21.0962 2524 USBSTOR - ok
15:32:22.0009 2524 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:22.0024 2524 usbuhci - ok
15:32:22.0134 2524 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:32:22.0149 2524 usbvideo - ok
15:32:22.0180 2524 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:32:22.0196 2524 UxSms - ok
15:32:22.0243 2524 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:32:22.0243 2524 VaultSvc - ok
15:32:22.0383 2524 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:32:22.0383 2524 vdrvroot - ok
15:32:22.0446 2524 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:32:22.0461 2524 vds - ok
15:32:22.0602 2524 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:22.0617 2524 vga - ok
15:32:22.0711 2524 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:32:22.0711 2524 VgaSave - ok
15:32:22.0758 2524 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:32:22.0773 2524 vhdmp - ok
15:32:22.0851 2524 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:32:22.0851 2524 viaide - ok
15:32:22.0898 2524 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:32:22.0914 2524 volmgr - ok
15:32:22.0960 2524 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:32:22.0960 2524 volmgrx - ok
15:32:23.0070 2524 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:32:23.0085 2524 volsnap - ok
15:32:23.0132 2524 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:32:23.0132 2524 vsmraid - ok
15:32:23.0210 2524 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:32:23.0241 2524 VSS - ok
15:32:23.0319 2524 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:32:23.0319 2524 vwifibus - ok
15:32:23.0350 2524 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:32:23.0350 2524 vwififlt - ok
15:32:23.0382 2524 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:32:23.0397 2524 W32Time - ok
15:32:23.0491 2524 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:32:23.0491 2524 WacomPen - ok
15:32:23.0584 2524 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:23.0600 2524 WANARP - ok
15:32:23.0600 2524 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:23.0600 2524 Wanarpv6 - ok
15:32:23.0725 2524 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:32:23.0756 2524 wbengine - ok
15:32:23.0834 2524 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:32:23.0850 2524 WbioSrvc - ok
15:32:23.0912 2524 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:32:23.0928 2524 wcncsvc - ok
15:32:23.0959 2524 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:32:23.0974 2524 WcsPlugInService - ok
15:32:24.0006 2524 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:32:24.0006 2524 Wd - ok
15:32:24.0068 2524 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:32:24.0099 2524 Wdf01000 - ok
15:32:24.0130 2524 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:32:24.0146 2524 WdiServiceHost - ok
15:32:24.0162 2524 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:32:24.0162 2524 WdiSystemHost - ok
15:32:24.0240 2524 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:32:24.0255 2524 WebClient - ok
15:32:24.0302 2524 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:32:24.0318 2524 Wecsvc - ok
15:32:24.0333 2524 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:32:24.0349 2524 wercplsupport - ok
15:32:24.0396 2524 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:32:24.0411 2524 WerSvc - ok
15:32:24.0474 2524 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:32:24.0474 2524 WfpLwf - ok
15:32:24.0520 2524 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:32:24.0536 2524 WimFltr - ok
15:32:24.0645 2524 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:32:24.0661 2524 WIMMount - ok
15:32:24.0723 2524 WinDefend - ok
15:32:24.0739 2524 WinHttpAutoProxySvc - ok
15:32:24.0832 2524 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:32:24.0926 2524 Winmgmt - ok
15:32:25.0051 2524 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:32:25.0098 2524 WinRM - ok
15:32:25.0207 2524 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:32:25.0207 2524 WinUsb - ok
15:32:25.0254 2524 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:32:25.0269 2524 Wlansvc - ok
15:32:25.0472 2524 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:32:25.0488 2524 wlidsvc - ok
15:32:25.0628 2524 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:32:25.0628 2524 WmiAcpi - ok
15:32:25.0690 2524 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:32:25.0690 2524 wmiApSrv - ok
15:32:25.0722 2524 WMPNetworkSvc - ok
15:32:25.0815 2524 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:32:25.0815 2524 WPCSvc - ok
15:32:25.0862 2524 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:32:25.0878 2524 WPDBusEnum - ok
15:32:25.0924 2524 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:32:25.0924 2524 ws2ifsl - ok
15:32:26.0002 2524 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:32:26.0018 2524 wscsvc - ok
15:32:26.0034 2524 WSearch - ok
15:32:26.0143 2524 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:32:26.0174 2524 wuauserv - ok
15:32:26.0268 2524 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:32:26.0283 2524 WudfPf - ok
15:32:26.0314 2524 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:26.0330 2524 WUDFRd - ok
15:32:26.0408 2524 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:32:26.0424 2524 wudfsvc - ok
15:32:26.0470 2524 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:32:26.0486 2524 WwanSvc - ok
15:32:26.0533 2524 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:32:26.0595 2524 \Device\Harddisk0\DR0 - ok
15:32:26.0595 2524 Boot (0x1200) (1438de6e99a3fb027ab06c5b6841aefd) \Device\Harddisk0\DR0\Partition0
15:32:26.0611 2524 \Device\Harddisk0\DR0\Partition0 - ok
15:32:26.0642 2524 Boot (0x1200) (dc6acd86ebf4e8abd46f53ebb43bae09) \Device\Harddisk0\DR0\Partition1
15:32:26.0642 2524 \Device\Harddisk0\DR0\Partition1 - ok
15:32:26.0642 2524 ============================================================
15:32:26.0642 2524 Scan finished
15:32:26.0642 2524 ============================================================
15:32:26.0673 4040 Detected object count: 1
15:32:26.0673 4040 Actual detected object count: 1
15:33:05.0829 4040 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
15:33:05.0829 4040 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
15:33:05.0860 4040 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
15:33:06.0032 4040 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
15:33:06.0032 4040 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
15:33:35.0173 3896 Deinitialize success

markusg · 30.03.2012, 10:13

lade den CCleaner standard:
CCleaner Download - CCleaner 3.17.1689
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hipparchus · 01.04.2012, 12:23

Ich habe jetzt nur die markiert , die ich nicht kenne. Der Rest
ist entweder nicht notwendig oder es sind Controller für xy.

Acrobat.com Adobe Systems Incorporated 10.02.2010 1,61 MB 1.6.65
Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 11.02.2010
Adobe AIR Adobe Systems Inc. 07.05.2011 1.5.3.9120
Adobe Community Help Adobe Systems Incorporated 07.05.2011 3.0.0.400
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 11.02.2010 10.0.32.18
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 22.02.2012 6,00 MB 11.1.102.62
Adobe Media Player Adobe Systems Incorporated 07.05.2011 1.8
Adobe Photoshop CS5 Adobe Systems Incorporated 07.05.2011 2.595 MB 12.0
Adobe Reader 9.1 MUI Adobe Systems Incorporated 10.02.2010 650 MB 9.1.0
Alcor Micro USB Card Reader Alcor Micro Corp. 10.02.2010 2,89 MB 1.5.17.25482
Alice Greenfingers Oberon Media 11.02.2010
ASUS AI Recovery ASUS 10.02.2010 2,89 MB 1.0.6
ASUS AP Bank ASUSTEK 10.02.2010 1.0.0.0
ASUS Data Security Manager ASUS 14.09.2010 15,1 MB 1.00.0013
ASUS FancyStart ASUSTeK Computer Inc. 10.02.2010 10,5 MB 1.0.6
ASUS LifeFrame3 ASUS 10.02.2010 27,7 MB 3.0.20
ASUS Live Update ASUS 11.02.2010 2.5.9
ASUS MultiFrame ASUS 11.02.2010 1.0.0019
ASUS Power4Gear Hybrid ASUS 10.02.2010 11,9 MB 1.1.26
ASUS SmartLogon ASUS 10.02.2010 10,9 MB 1.0.0008
ASUS Splendid Video Enhancement Technology ASUS 10.02.2010 24,4 MB 1.02.0028
ASUS Virtual Camera asus 10.02.2010 3,12 MB 1.0.19
ASUS WebStorage eCareme Technologies, Inc. 11.02.2010 2.0.36.1260
ASUS_Screensaver 11.02.2010
ATK Package ASUS 10.02.2010 13,5 MB 1.0.0001
Avira Free Antivirus Avira 27.03.2012 109,5 MB 12.0.0.898
Bing Bar Microsoft Corporation 21.01.2012 26,8 MB 7.0.850.0
CCleaner Piriform 31.03.2012 3.17
Chicken Invaders 2 Oberon Media 11.02.2010
ControlDeck ASUS 10.02.2010 1,87 MB 1.0.5
CyberLink Power2Go CyberLink Corp. 10.02.2010 110,1 MB 6.1.3509a
Dream Day Wedding Married in Manhattan Oberon Media 11.02.2010
ETDWare PS/2-x64 7.0.5.9_WHQL 11.02.2010 UNBEKANNT
Fast Boot ASUS 10.02.2010 1,45 MB 1.0.4
Google Earth Plug-in Google 18.11.2011 40,9 MB 6.1.0.5001
IL Download Manager Image-Line 08.01.2011
intelliScore Ensemble 26.09.2010
Island Wars 2 Oberon Media 11.02.2010
Java(TM) 6 Update 26 Sun Microsystems, Inc. 14.09.2010 94,5 MB 6.0.260
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.09.2010 38,8 MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.09.2010 2,94 MB 4.0.30319
Microsoft Office File Validation Add-In Microsoft Corporation 14.09.2011 7,95 MB 14.0.5130.5003
Microsoft Office Live Add-in 1.5 Microsoft Corporation 14.09.2010 0,50 MB 2.0.4024.1
Microsoft Office Outlook Connector Microsoft Corporation 14.09.2010 6,14 MB 12.0.6414.1000
Microsoft Office Professional Plus 2010 Microsoft Corporation 31.10.2011 14.0.6029.1000
Microsoft Silverlight Microsoft Corporation 15.02.2012 171,8 MB 4.1.10111.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 14.09.2010 1,72 MB 3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 14.09.2010 0,61 MB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 14.09.2010 1,45 MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 30.09.2010 0,25 MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.06.2011 0,29 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 01.01.2011 0,61 MB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 12.04.2011 0,57 MB 8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 02.01.2011 0,21 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 12.04.2011 0,77 MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 12.04.2011 0,58 MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 01.01.2011 0,77 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 18.06.2011 0,77 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 14.09.2010 0,23 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 14.09.2010 0,58 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 18.06.2011 0,59 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 12.04.2011 13,7 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 14.10.2011 12,3 MB 10.0.40219
Mozilla Firefox 11.0 (x86 de) Mozilla 17.03.2012 44,1 MB 11.0
Mozilla Firefox 4.0.1 (x86 de) Mozilla 03.05.2011 30,3 MB 4.0.1
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 10.02.2010 1,53 MB 4.30.2107.0
NB Probe 14.09.2010
Net4Switch ASUS 14.09.2010 1.00.0019
Nokia Connectivity Cable Driver Nokia 22.10.2011 4,21 MB 7.1.45.0
Nokia Ovi Suite Nokia 22.10.2011 3.1.1.90
Nokia Ovi Suite Software Updater Nokia Corporation 22.10.2011 43,3 MB 02.07.004.45780
NVIDIA 3D Vision Controller-Treiber 275.33 NVIDIA Corporation 25.06.2011 275.33
NVIDIA 3D Vision Treiber 275.33 NVIDIA Corporation 25.06.2011 275.33
NVIDIA Grafiktreiber 275.33 NVIDIA Corporation 25.06.2011 275.33
NVIDIA HD-Audiotreiber 1.2.23.3 NVIDIA Corporation 25.06.2011 1.2.23.3
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 25.06.2011 9.10.0514
OpenAL 07.05.2011 UNBEKANNT
PC Connectivity Solution Nokia 22.10.2011 19,9 MB 11.4.21.0
Protect Disc License Helper 1.0.125 (IE) Protect Disc 17.12.2010 1.0.125
ProtectDisc Driver, Version 11 ProtectDisc Software GmbH 17.12.2010 11.0.0.14
Puzzle Agent - The Mystery of Scoggins Telltale Games 18.10.2011 1.0.0.0
Realtek Ethernet Controller Driver Realtek 10.02.2010 1.00.0008
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 10.02.2010 6.0.1.6010
Smileyville Oberon Media 11.02.2010
SRS Premium Sound Control Panel SRS Labs, Inc. 10.02.2010 1,87 MB 1.8.2900
TotalAudioConverter Helmsman, Inc. 30.09.2010
USB 2.0 1.3M UVC WebCam 11.02.2010 UNBEKANNT
VLC media player 1.1.4 VideoLAN 14.09.2010 1.1.4
Win7codecs Shark007 14.09.2010 59,7 MB 2.6.3
Windows Live Essentials Microsoft Corporation 14.09.2010 14.0.8050.1202
Windows Live ID-Anmelde-Assistent Microsoft Corporation 14.09.2010 10,0 MB 6.500.3165.0
Windows Live Sync Microsoft Corporation 14.09.2010 2,80 MB 14.0.8050.1202
Windows Live-Uploadtool Microsoft Corporation 14.09.2010 0,22 MB 14.0.8014.1029
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Nokia 22.10.2011 08/22/2008 7.0.0.0
WinFlash ASUS 10.02.2010 1,29 MB 2.29.0
WinRAR 16.09.2010
Wireless Console 3 ASUS 10.02.2010 2,43 MB 3.0.14

27.03.2012, 17:55	#6
markusg /// Malware-holic	TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz melde dich mal im selben konto an, wo combofix lief, wenn das nicht klappt, im abgesicherten modus mit netzwerk starten, evtl. auch mal als admin, und dann wieder in den normalen modus, geht es wieder? __________________ --> TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz

29.03.2012, 13:54	#12
markusg /// Malware-holic	TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz wieso nach dem zweiten, wo ist das erste... __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz

Log-Analyse und Auswertung: TR/Crypt.XPACK.Gen , Dateien versteckt, Desktop schwarz