| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.10.2012, 15:03
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? ok, dann ist ja gut adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.10.2012, 15:14
| #17 |
 | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Bittesehr:
__________________Code:
ATTFilter # AdwCleaner v2.005 - Datei am 15/10/2012 um 16:11:52 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Jack89 - JACK89-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack89\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Ask.com.tmp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Opera v12.2.1578.0
Datei : C:\Users\Jack89\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R4].txt - [1102 octets] - [15/10/2012 16:11:52]
########## EOF - C:\AdwCleaner[R4].txt - [1162 octets] ##########
|
|
15.10.2012, 15:22
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________
__________________ |
|
15.10.2012, 15:28
| #19 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?Code:
ATTFilter # AdwCleaner v2.005 - Datei am 15/10/2012 um 16:23:46 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Jack89 - JACK89-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack89\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Opera v12.2.1578.0
Datei : C:\Users\Jack89\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R4].txt - [1229 octets] - [15/10/2012 16:11:52]
AdwCleaner[S4].txt - [1164 octets] - [15/10/2012 16:23:46]
########## EOF - C:\AdwCleaner[S4].txt - [1224 octets] ##########
|
|
15.10.2012, 15:32
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!) 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 15:33
| #21 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? 1) Also irgendwie kommt mir ''alles'' wieder schneller vor, also der Start vom Notebook kommt mir schneller vor und auch Anwendungen wie das Öffnen des Arbeitsplatzes funktioniert wieder schneller 2) nein, ich vermisse nichts |
|
15.10.2012, 15:52
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 16:10
| #23 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Erledigt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.10.2012 16:59:01 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jack89\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 81,58% Memory free 15,82 Gb Paging File | 14,26 Gb Available in Paging File | 90,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 673,63 Gb Total Space | 628,95 Gb Free Space | 93,37% Space Free | Partition Type: NTFS Computer Name: JACK89-PC | User Name: Jack89 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jack89\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUS) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () ========== Services (SafeList) ========== SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (s1039unic) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation) DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation) DRV:64bit: - (s1039nd5) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation) DRV:64bit: - (s1039mgmt) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation) DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation) DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation) DRV:64bit: - (s1039bus) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 67 0C 48 AF 9C CD 01 [binary data] IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) O1 HOSTS File: ([2012.07.26 20:38:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O16:64bit: - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} hxxp://quickscan.bitdefender.com/qsax/qsax64.cab (Bitdefender QuickScan Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{809EEEC5-F37F-4F91-AE99-D63309AB3073}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk - C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - (ASUSTeK Computer Inc.) MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) MsConfig:64bit - StartUpReg: ATKMEDIA - hkey= - key= - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) MsConfig:64bit - StartUpReg: ATKOSD2 - hkey= - key= - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig:64bit - StartUpReg: IntelTBRunOnce - hkey= - key= - C:\Windows\SysNative\wscript.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: SonicMasterTray - hkey= - key= - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: Wireless Console 3 - hkey= - key= - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: hitmanpro36 - Reg Error: Value error. SafeBootMin:64bit: hitmanpro36.sys - Reg Error: Value error. SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: hitmanpro36 - Reg Error: Value error. SafeBootMin: hitmanpro36.sys - Reg Error: Value error. SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: hitmanpro36 - Reg Error: Value error. SafeBootNet:64bit: hitmanpro36.sys - Reg Error: Value error. SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: hitmanpro36 - Reg Error: Value error. SafeBootNet: hitmanpro36.sys - Reg Error: Value error. SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.15 16:56:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jack89\Desktop\OTL.exe [2012.10.14 20:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jack89\Desktop\Musik [2012.10.13 12:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.12 19:59:01 | 000,000,000 | ---D | C] -- C:\Users\Jack89\AppData\Roaming\Malwarebytes [2012.10.12 19:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.12 19:47:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.10.11 18:29:02 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.10.09 19:42:07 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2012.10.08 17:25:37 | 000,000,000 | ---D | C] -- C:\Users\Jack89\Documents\Anti-Malware [2012.10.06 11:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2012.10.06 11:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012.09.24 00:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.09.17 14:07:32 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jack89\Desktop\TDSSKiller.exe ========== Files - Modified Within 30 Days ========== [2012.10.15 16:56:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jack89\Desktop\OTL.exe [2012.10.15 16:39:19 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.15 16:39:19 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.15 16:25:07 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe [2012.10.15 16:25:06 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.15 16:24:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.15 16:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.15 16:10:56 | 000,538,941 | ---- | M] () -- C:\Users\Jack89\Desktop\adwcleaner.exe [2012.10.15 11:56:30 | 001,643,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.15 11:56:30 | 000,708,282 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.15 11:56:30 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.15 11:56:30 | 000,151,886 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.15 11:56:30 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.15 10:54:28 | 000,761,259 | ---- | M] () -- C:\Users\Jack89\Desktop\DSC00011.JPG [2012.10.14 23:25:52 | 000,038,781 | ---- | M] () -- C:\Users\Jack89\Desktop\Unbenannt1.jpg [2012.10.14 23:25:05 | 000,022,528 | -H-- | M] () -- C:\Users\Jack89\Desktop\photothumb.db [2012.10.09 19:42:07 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2012.10.08 11:42:54 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.10.02 21:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012.09.17 19:25:14 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jack89\Desktop\TDSSKiller.exe [2012.09.16 22:51:49 | 000,063,985 | ---- | M] () -- C:\Users\Jack89\Desktop\Vorlesung.jpg [2012.09.16 16:57:12 | 3298,785,299 | -H-- | M] () -- C:\Users\Jack89\Desktop\BlackMesa(1).zip ========== Files Created - No Company Name ========== [2012.10.15 16:24:46 | 000,274,464 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.15 16:10:56 | 000,538,941 | ---- | C] () -- C:\Users\Jack89\Desktop\adwcleaner.exe [2012.10.15 11:58:46 | 000,761,259 | ---- | C] () -- C:\Users\Jack89\Desktop\DSC00011.JPG [2012.10.14 23:25:52 | 000,038,781 | ---- | C] () -- C:\Users\Jack89\Desktop\Unbenannt1.jpg [2012.09.16 22:51:49 | 000,063,985 | ---- | C] () -- C:\Users\Jack89\Desktop\Vorlesung.jpg [2012.09.16 16:46:15 | 3298,785,299 | -H-- | C] () -- C:\Users\Jack89\Desktop\BlackMesa(1).zip [2012.07.26 20:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.07.26 20:34:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.07.26 20:34:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.07.26 20:34:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.07.26 20:34:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.06.23 17:33:49 | 000,000,036 | ---- | C] () -- C:\Users\Jack89\AppData\Local\housecall.guid.cache [2012.06.10 12:32:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2012.03.19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.03.19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.03.19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.11.15 06:12:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.10.19 06:11:04 | 001,673,966 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.10 12:38:16 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ASUS WebStorage [2012.09.09 19:52:47 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\DMCache [2012.06.23 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\f-secure [2012.09.15 01:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IDM [2012.08.28 14:46:05 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IObit [2012.08.01 00:24:36 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\JonDo [2012.09.13 23:24:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\LockHunter [2012.07.15 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Nuance [2012.06.10 12:47:00 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Opera [2012.09.15 01:13:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Orbit [2012.08.08 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\PhotoScape [2012.09.15 01:06:49 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ProgSense [2012.09.11 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\SoftGrid Client [2012.08.16 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TP [2012.06.15 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TuneUp Software [2012.06.15 14:18:56 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.06.10 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Adobe [2012.06.10 12:38:16 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ASUS WebStorage [2012.06.10 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Atheros [2012.06.10 13:57:31 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Avira [2012.09.09 19:52:47 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\DMCache [2012.09.28 23:20:35 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\dvdcss [2012.06.23 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\f-secure [2012.07.15 19:07:28 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\FLEXnet [2012.06.10 12:32:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Identities [2012.09.15 01:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IDM [2012.06.10 12:34:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Intel Corporation [2012.08.28 14:46:05 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IObit [2012.08.01 00:24:36 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\JonDo [2012.09.13 23:24:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\LockHunter [2012.06.10 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Macromedia [2012.10.12 19:59:01 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Malwarebytes [2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Media Center Programs [2012.09.12 16:26:53 | 000,000,000 | --SD | M] -- C:\Users\Jack89\AppData\Roaming\Microsoft [2012.07.15 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Nuance [2012.06.30 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\NVIDIA [2012.06.10 12:47:00 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Opera [2012.09.15 01:13:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Orbit [2012.08.08 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\PhotoScape [2012.09.15 01:06:49 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ProgSense [2012.08.07 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Skype [2012.09.11 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\SoftGrid Client [2012.08.16 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TP [2012.06.15 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TuneUp Software [2012.10.12 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\vlc [2012.06.13 20:12:52 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\WinRAR [2012.06.15 14:18:56 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Zeon < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll [2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll [2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll [2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll [2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll [2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll [2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe [2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe [2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe [2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,628 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.09.09 10:16:22 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < End of report > |
|
15.10.2012, 17:45
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Ist rel. unauffällig. Was hast du da schon mit dem TDSS-Killer gemacht? Log dazu oder hast du den noch nicht ausgeführt?`
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 17:48
| #25 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Hi, ich habe den vor ein paar Tagen mal benutzt und auch da wurde nichts gefunden.. Log habe ich leider ( ich Dummkopf ) gelöscht ( das war unter C: ) aber auch da bin ich mir sicher, dass damals nichts gefunden wurde Soll ich es erneut benutzen und dir einen Log posten? |
|
15.10.2012, 18:43
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 19:50
| #27 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Bittesehr: Code:
ATTFilter 20:47:32.0037 2164 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:47:32.0187 2164 ============================================================
20:47:32.0187 2164 Current date / time: 2012/10/15 20:47:32.0187
20:47:32.0187 2164 SystemInfo:
20:47:32.0187 2164
20:47:32.0187 2164 OS Version: 6.1.7601 ServicePack: 1.0
20:47:32.0187 2164 Product type: Workstation
20:47:32.0187 2164 ComputerName: JACK89-PC
20:47:32.0188 2164 UserName: Jack89
20:47:32.0188 2164 Windows directory: C:\Windows
20:47:32.0188 2164 System windows directory: C:\Windows
20:47:32.0188 2164 Running under WOW64
20:47:32.0188 2164 Processor architecture: Intel x64
20:47:32.0188 2164 Number of processors: 4
20:47:32.0188 2164 Page size: 0x1000
20:47:32.0188 2164 Boot type: Normal boot
20:47:32.0188 2164 ============================================================
20:47:32.0701 2164 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:47:32.0712 2164 ============================================================
20:47:32.0712 2164 \Device\Harddisk0\DR0:
20:47:32.0712 2164 MBR partitions:
20:47:32.0713 2164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54345000
20:47:32.0713 2164 ============================================================
20:47:32.0732 2164 C: <-> \Device\Harddisk0\DR0\Partition1
20:47:32.0732 2164 ============================================================
20:47:32.0732 2164 Initialize success
20:47:32.0732 2164 ============================================================
20:48:19.0310 1528 ============================================================
20:48:19.0310 1528 Scan started
20:48:19.0310 1528 Mode: Manual; SigCheck; TDLFS;
20:48:19.0310 1528 ============================================================
20:48:19.0560 1528 ================ Scan system memory ========================
20:48:19.0560 1528 System memory - ok
20:48:19.0560 1528 ================ Scan services =============================
20:48:19.0676 1528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:48:19.0730 1528 1394ohci - ok
20:48:19.0749 1528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:48:19.0762 1528 ACPI - ok
20:48:19.0778 1528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:48:19.0814 1528 AcpiPmi - ok
20:48:19.0879 1528 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:19.0888 1528 AdobeFlashPlayerUpdateSvc - ok
20:48:19.0923 1528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:48:19.0940 1528 adp94xx - ok
20:48:19.0969 1528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:48:19.0983 1528 adpahci - ok
20:48:19.0995 1528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:48:20.0005 1528 adpu320 - ok
20:48:20.0026 1528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:48:20.0058 1528 AeLookupSvc - ok
20:48:20.0102 1528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:48:20.0140 1528 AFD - ok
20:48:20.0151 1528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:48:20.0159 1528 agp440 - ok
20:48:20.0197 1528 [ 3F66D9AC081B495F91529C80BFA73E97 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
20:48:20.0206 1528 AiCharger - ok
20:48:20.0228 1528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:48:20.0250 1528 ALG - ok
20:48:20.0266 1528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:48:20.0274 1528 aliide - ok
20:48:20.0276 1528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:48:20.0283 1528 amdide - ok
20:48:20.0300 1528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:48:20.0329 1528 AmdK8 - ok
20:48:20.0344 1528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:48:20.0378 1528 AmdPPM - ok
20:48:20.0388 1528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:48:20.0397 1528 amdsata - ok
20:48:20.0413 1528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:48:20.0425 1528 amdsbs - ok
20:48:20.0438 1528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:48:20.0445 1528 amdxata - ok
20:48:20.0503 1528 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:48:20.0516 1528 AntiVirSchedulerService - ok
20:48:20.0549 1528 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:48:20.0558 1528 AntiVirService - ok
20:48:20.0581 1528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:48:20.0630 1528 AppID - ok
20:48:20.0652 1528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:48:20.0699 1528 AppIDSvc - ok
20:48:20.0711 1528 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:48:20.0756 1528 Appinfo - ok
20:48:20.0806 1528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:48:20.0818 1528 arc - ok
20:48:20.0832 1528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:48:20.0841 1528 arcsas - ok
20:48:20.0911 1528 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:48:20.0922 1528 ASLDRService - ok
20:48:20.0929 1528 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:48:20.0935 1528 ASMMAP64 - ok
20:48:21.0017 1528 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:48:21.0029 1528 aspnet_state - ok
20:48:21.0061 1528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:21.0106 1528 AsyncMac - ok
20:48:21.0125 1528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:48:21.0131 1528 atapi - ok
20:48:21.0170 1528 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:48:21.0177 1528 AthBTPort - ok
20:48:21.0229 1528 [ 397748353925A6602A6097FA92AF23BF ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:48:21.0238 1528 AtherosSvc - ok
20:48:21.0298 1528 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:48:21.0407 1528 athr - ok
20:48:21.0422 1528 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:48:21.0430 1528 ATKGFNEXSrv - ok
20:48:21.0455 1528 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:48:21.0461 1528 ATKWMIACPIIO - ok
20:48:21.0498 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:21.0552 1528 AudioEndpointBuilder - ok
20:48:21.0560 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:48:21.0589 1528 AudioSrv - ok
20:48:21.0632 1528 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:48:21.0640 1528 avgntflt - ok
20:48:21.0664 1528 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:48:21.0672 1528 avipbb - ok
20:48:21.0685 1528 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:48:21.0692 1528 avkmgr - ok
20:48:21.0723 1528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:48:21.0753 1528 AxInstSV - ok
20:48:21.0783 1528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:48:21.0823 1528 b06bdrv - ok
20:48:21.0866 1528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:48:21.0900 1528 b57nd60a - ok
20:48:21.0920 1528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:48:21.0951 1528 BDESVC - ok
20:48:21.0966 1528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:48:22.0015 1528 Beep - ok
20:48:22.0053 1528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:48:22.0090 1528 BFE - ok
20:48:22.0118 1528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:48:22.0178 1528 BITS - ok
20:48:22.0200 1528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:48:22.0226 1528 blbdrive - ok
20:48:22.0239 1528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:48:22.0260 1528 bowser - ok
20:48:22.0279 1528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:48:22.0320 1528 BrFiltLo - ok
20:48:22.0332 1528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:48:22.0362 1528 BrFiltUp - ok
20:48:22.0383 1528 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:48:22.0435 1528 BridgeMP - ok
20:48:22.0470 1528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:48:22.0494 1528 Browser - ok
20:48:22.0510 1528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:48:22.0536 1528 Brserid - ok
20:48:22.0544 1528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:22.0568 1528 BrSerWdm - ok
20:48:22.0581 1528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:22.0606 1528 BrUsbMdm - ok
20:48:22.0617 1528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:22.0646 1528 BrUsbSer - ok
20:48:22.0662 1528 [ B5D8C2E82F33E2385FA9F309B6356715 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:48:22.0673 1528 BTATH_A2DP - ok
20:48:22.0701 1528 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:48:22.0708 1528 btath_avdt - ok
20:48:22.0738 1528 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:48:22.0745 1528 BTATH_BUS - ok
20:48:22.0761 1528 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:48:22.0769 1528 BTATH_HCRP - ok
20:48:22.0778 1528 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:48:22.0782 1528 BTATH_LWFLT - ok
20:48:22.0793 1528 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:48:22.0801 1528 BTATH_RCP - ok
20:48:22.0847 1528 [ 0C3825703B5E4ADB5FB75A651E4682B7 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:48:22.0856 1528 BtFilter - ok
20:48:22.0882 1528 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:48:22.0939 1528 BthEnum - ok
20:48:22.0970 1528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:48:22.0994 1528 BTHMODEM - ok
20:48:23.0009 1528 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:48:23.0041 1528 BthPan - ok
20:48:23.0078 1528 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:48:23.0111 1528 BTHPORT - ok
20:48:23.0140 1528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:48:23.0182 1528 bthserv - ok
20:48:23.0195 1528 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:48:23.0227 1528 BTHUSB - ok
20:48:23.0247 1528 catchme - ok
20:48:23.0266 1528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:48:23.0319 1528 cdfs - ok
20:48:23.0359 1528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:48:23.0381 1528 cdrom - ok
20:48:23.0406 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:48:23.0436 1528 CertPropSvc - ok
20:48:23.0445 1528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:48:23.0457 1528 circlass - ok
20:48:23.0474 1528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:48:23.0486 1528 CLFS - ok
20:48:23.0527 1528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:23.0536 1528 clr_optimization_v2.0.50727_32 - ok
20:48:23.0571 1528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:48:23.0579 1528 clr_optimization_v2.0.50727_64 - ok
20:48:23.0882 1528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:23.0894 1528 clr_optimization_v4.0.30319_32 - ok
20:48:23.0931 1528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:48:23.0939 1528 clr_optimization_v4.0.30319_64 - ok
20:48:23.0962 1528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:48:23.0982 1528 CmBatt - ok
20:48:23.0991 1528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:48:23.0999 1528 cmdide - ok
20:48:24.0022 1528 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:48:24.0041 1528 CNG - ok
20:48:24.0073 1528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:48:24.0080 1528 Compbatt - ok
20:48:24.0090 1528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:48:24.0143 1528 CompositeBus - ok
20:48:24.0151 1528 COMSysApp - ok
20:48:24.0222 1528 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:48:24.0236 1528 cphs - ok
20:48:24.0246 1528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:48:24.0254 1528 crcdisk - ok
20:48:24.0286 1528 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:48:24.0320 1528 CryptSvc - ok
20:48:24.0356 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:48:24.0405 1528 DcomLaunch - ok
20:48:24.0433 1528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:48:24.0475 1528 defragsvc - ok
20:48:24.0513 1528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:48:24.0548 1528 DfsC - ok
20:48:24.0570 1528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:48:24.0611 1528 Dhcp - ok
20:48:24.0618 1528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:48:24.0667 1528 discache - ok
20:48:24.0696 1528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:48:24.0707 1528 Disk - ok
20:48:24.0716 1528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:48:24.0750 1528 Dnscache - ok
20:48:24.0771 1528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:48:24.0805 1528 dot3svc - ok
20:48:24.0816 1528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:48:24.0855 1528 DPS - ok
20:48:24.0882 1528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:48:24.0918 1528 drmkaud - ok
20:48:24.0943 1528 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:48:24.0961 1528 DXGKrnl - ok
20:48:24.0975 1528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:48:25.0020 1528 EapHost - ok
20:48:25.0085 1528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:48:25.0166 1528 ebdrv - ok
20:48:25.0191 1528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:48:25.0205 1528 EFS - ok
20:48:25.0295 1528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:48:25.0323 1528 ehRecvr - ok
20:48:25.0338 1528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:48:25.0354 1528 ehSched - ok
20:48:25.0404 1528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:48:25.0421 1528 elxstor - ok
20:48:25.0432 1528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:48:25.0451 1528 ErrDev - ok
20:48:25.0480 1528 [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:48:25.0488 1528 ETD - ok
20:48:25.0510 1528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:48:25.0549 1528 EventSystem - ok
20:48:25.0558 1528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:48:25.0595 1528 exfat - ok
20:48:25.0607 1528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:48:25.0640 1528 fastfat - ok
20:48:25.0671 1528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:48:25.0708 1528 Fax - ok
20:48:25.0728 1528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:48:25.0762 1528 fdc - ok
20:48:25.0771 1528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:48:25.0807 1528 fdPHost - ok
20:48:25.0816 1528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:48:25.0847 1528 FDResPub - ok
20:48:25.0863 1528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:48:25.0871 1528 FileInfo - ok
20:48:25.0886 1528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:48:25.0930 1528 Filetrace - ok
20:48:25.0944 1528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:48:25.0973 1528 flpydisk - ok
20:48:25.0989 1528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:48:26.0001 1528 FltMgr - ok
20:48:26.0034 1528 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:48:26.0068 1528 FontCache - ok
20:48:26.0104 1528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:26.0112 1528 FontCache3.0.0.0 - ok
20:48:26.0124 1528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:48:26.0132 1528 FsDepends - ok
20:48:26.0162 1528 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:48:26.0170 1528 fssfltr - ok
20:48:26.0226 1528 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:48:26.0264 1528 fsssvc - ok
20:48:26.0288 1528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:48:26.0295 1528 Fs_Rec - ok
20:48:26.0314 1528 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:48:26.0328 1528 fvevol - ok
20:48:26.0344 1528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:48:26.0353 1528 gagp30kx - ok
20:48:26.0379 1528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:48:26.0428 1528 gpsvc - ok
20:48:26.0438 1528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:48:26.0457 1528 hcw85cir - ok
20:48:26.0482 1528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:26.0506 1528 HdAudAddService - ok
20:48:26.0526 1528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:48:26.0549 1528 HDAudBus - ok
20:48:26.0559 1528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:48:26.0595 1528 HidBatt - ok
20:48:26.0613 1528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:48:26.0647 1528 HidBth - ok
20:48:26.0658 1528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:48:26.0680 1528 HidIr - ok
20:48:26.0700 1528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:48:26.0731 1528 hidserv - ok
20:48:26.0757 1528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:48:26.0779 1528 HidUsb - ok
20:48:26.0792 1528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:48:26.0835 1528 hkmsvc - ok
20:48:26.0845 1528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:48:26.0873 1528 HomeGroupListener - ok
20:48:26.0895 1528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:48:26.0923 1528 HomeGroupProvider - ok
20:48:26.0946 1528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:48:26.0955 1528 HpSAMD - ok
20:48:26.0988 1528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:48:27.0033 1528 HTTP - ok
20:48:27.0043 1528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:48:27.0050 1528 hwpolicy - ok
20:48:27.0073 1528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:48:27.0083 1528 i8042prt - ok
20:48:27.0114 1528 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:48:27.0126 1528 iaStor - ok
20:48:27.0167 1528 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:48:27.0175 1528 IAStorDataMgrSvc - ok
20:48:27.0196 1528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:48:27.0206 1528 iaStorV - ok
20:48:27.0248 1528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:48:27.0268 1528 idsvc - ok
20:48:27.0490 1528 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:48:27.0761 1528 igfx - ok
20:48:27.0772 1528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:48:27.0780 1528 iirsp - ok
20:48:27.0804 1528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:48:27.0849 1528 IKEEXT - ok
20:48:27.0918 1528 [ E53B926B51CF92F50A3AD0C5016805DD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:48:27.0955 1528 IntcAzAudAddService - ok
20:48:27.0993 1528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:48:28.0002 1528 intelide - ok
20:48:28.0023 1528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:48:28.0044 1528 intelppm - ok
20:48:28.0065 1528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:48:28.0097 1528 IPBusEnum - ok
20:48:28.0105 1528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:48:28.0149 1528 IpFilterDriver - ok
20:48:28.0169 1528 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:48:28.0206 1528 iphlpsvc - ok
20:48:28.0221 1528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:48:28.0239 1528 IPMIDRV - ok
20:48:28.0249 1528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:48:28.0292 1528 IPNAT - ok
20:48:28.0315 1528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:48:28.0346 1528 IRENUM - ok
20:48:28.0374 1528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:48:28.0382 1528 isapnp - ok
20:48:28.0398 1528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:48:28.0410 1528 iScsiPrt - ok
20:48:28.0432 1528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:48:28.0439 1528 kbdclass - ok
20:48:28.0449 1528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:48:28.0464 1528 kbdhid - ok
20:48:28.0483 1528 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
20:48:28.0491 1528 kbfiltr - ok
20:48:28.0502 1528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:48:28.0510 1528 KeyIso - ok
20:48:28.0533 1528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:48:28.0543 1528 KSecDD - ok
20:48:28.0560 1528 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:48:28.0569 1528 KSecPkg - ok
20:48:28.0579 1528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:48:28.0617 1528 ksthunk - ok
20:48:28.0634 1528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:48:28.0679 1528 KtmRm - ok
20:48:28.0704 1528 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:48:28.0718 1528 L1C - ok
20:48:28.0748 1528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:48:28.0782 1528 LanmanServer - ok
20:48:28.0796 1528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:48:28.0832 1528 LanmanWorkstation - ok
20:48:28.0868 1528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:48:28.0900 1528 lltdio - ok
20:48:28.0923 1528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:48:28.0971 1528 lltdsvc - ok
20:48:28.0980 1528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:48:29.0012 1528 lmhosts - ok
20:48:29.0047 1528 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:48:29.0056 1528 LMS - ok
20:48:29.0086 1528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:48:29.0094 1528 LSI_FC - ok
20:48:29.0108 1528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:48:29.0116 1528 LSI_SAS - ok
20:48:29.0130 1528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:48:29.0137 1528 LSI_SAS2 - ok
20:48:29.0154 1528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:48:29.0163 1528 LSI_SCSI - ok
20:48:29.0179 1528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:48:29.0208 1528 luafv - ok
20:48:29.0226 1528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:48:29.0236 1528 Mcx2Svc - ok
20:48:29.0250 1528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:48:29.0257 1528 megasas - ok
20:48:29.0266 1528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:48:29.0278 1528 MegaSR - ok
20:48:29.0311 1528 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:48:29.0320 1528 MEIx64 - ok
20:48:29.0327 1528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:48:29.0364 1528 MMCSS - ok
20:48:29.0374 1528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:48:29.0426 1528 Modem - ok
20:48:29.0436 1528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:48:29.0455 1528 monitor - ok
20:48:29.0474 1528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:48:29.0481 1528 mouclass - ok
20:48:29.0495 1528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:48:29.0532 1528 mouhid - ok
20:48:29.0542 1528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:48:29.0551 1528 mountmgr - ok
20:48:29.0559 1528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:48:29.0569 1528 mpio - ok
20:48:29.0578 1528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:48:29.0605 1528 mpsdrv - ok
20:48:29.0626 1528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:48:29.0667 1528 MpsSvc - ok
20:48:29.0679 1528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:48:29.0712 1528 MRxDAV - ok
20:48:29.0721 1528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:48:29.0762 1528 mrxsmb - ok
20:48:29.0797 1528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:48:29.0817 1528 mrxsmb10 - ok
20:48:29.0828 1528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:48:29.0849 1528 mrxsmb20 - ok
20:48:29.0871 1528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:48:29.0878 1528 msahci - ok
20:48:29.0894 1528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:48:29.0904 1528 msdsm - ok
20:48:29.0914 1528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:48:29.0944 1528 MSDTC - ok
20:48:29.0961 1528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:48:30.0001 1528 Msfs - ok
20:48:30.0017 1528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:48:30.0043 1528 mshidkmdf - ok
20:48:30.0050 1528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:48:30.0057 1528 msisadrv - ok
20:48:30.0080 1528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:48:30.0135 1528 MSiSCSI - ok
20:48:30.0137 1528 msiserver - ok
20:48:30.0156 1528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:48:30.0190 1528 MSKSSRV - ok
20:48:30.0199 1528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:48:30.0230 1528 MSPCLOCK - ok
20:48:30.0242 1528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:48:30.0275 1528 MSPQM - ok
20:48:30.0292 1528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:48:30.0305 1528 MsRPC - ok
20:48:30.0314 1528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:48:30.0321 1528 mssmbios - ok
20:48:30.0324 1528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:48:30.0359 1528 MSTEE - ok
20:48:30.0362 1528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:48:30.0376 1528 MTConfig - ok
20:48:30.0393 1528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:48:30.0400 1528 Mup - ok
20:48:30.0426 1528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:48:30.0465 1528 napagent - ok
20:48:30.0482 1528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:48:30.0510 1528 NativeWifiP - ok
20:48:30.0554 1528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:48:30.0576 1528 NDIS - ok
20:48:30.0593 1528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:48:30.0628 1528 NdisCap - ok
20:48:30.0644 1528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:48:30.0679 1528 NdisTapi - ok
20:48:30.0695 1528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:48:30.0727 1528 Ndisuio - ok
20:48:30.0736 1528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:48:30.0767 1528 NdisWan - ok
20:48:30.0780 1528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:48:30.0817 1528 NDProxy - ok
20:48:30.0824 1528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:48:30.0858 1528 NetBIOS - ok
20:48:30.0874 1528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:48:30.0908 1528 NetBT - ok
20:48:30.0914 1528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:48:30.0923 1528 Netlogon - ok
20:48:30.0953 1528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:48:30.0997 1528 Netman - ok
20:48:31.0030 1528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0036 1528 NetMsmqActivator - ok
20:48:31.0040 1528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0047 1528 NetPipeActivator - ok
20:48:31.0062 1528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:48:31.0109 1528 netprofm - ok
20:48:31.0118 1528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0125 1528 NetTcpActivator - ok
20:48:31.0128 1528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0135 1528 NetTcpPortSharing - ok
20:48:31.0152 1528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:48:31.0159 1528 nfrd960 - ok
20:48:31.0177 1528 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:48:31.0228 1528 NlaSvc - ok
20:48:31.0231 1528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:48:31.0262 1528 Npfs - ok
20:48:31.0275 1528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:48:31.0310 1528 nsi - ok
20:48:31.0327 1528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:48:31.0352 1528 nsiproxy - ok
20:48:31.0389 1528 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:48:31.0436 1528 Ntfs - ok
20:48:31.0443 1528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:48:31.0480 1528 Null - ok
20:48:31.0503 1528 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:48:31.0521 1528 nusb3hub - ok
20:48:31.0543 1528 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:48:31.0555 1528 nusb3xhc - ok
20:48:31.0584 1528 [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
20:48:31.0595 1528 nvkflt - ok
20:48:31.0812 1528 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:48:31.0962 1528 nvlddmkm - ok
20:48:31.0973 1528 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:48:31.0980 1528 nvpciflt - ok
20:48:32.0005 1528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:48:32.0016 1528 nvraid - ok
20:48:32.0023 1528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:48:32.0032 1528 nvstor - ok
20:48:32.0067 1528 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
20:48:32.0086 1528 nvsvc - ok
20:48:32.0141 1528 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:48:32.0166 1528 nvUpdatusService - ok
20:48:32.0184 1528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:48:32.0191 1528 nv_agp - ok
20:48:32.0201 1528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:48:32.0227 1528 ohci1394 - ok
20:48:32.0265 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:48:32.0281 1528 p2pimsvc - ok
20:48:32.0303 1528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:48:32.0323 1528 p2psvc - ok
20:48:32.0332 1528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:48:32.0345 1528 Parport - ok
20:48:32.0361 1528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:48:32.0369 1528 partmgr - ok
20:48:32.0382 1528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:48:32.0408 1528 PcaSvc - ok
20:48:32.0431 1528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:48:32.0442 1528 pci - ok
20:48:32.0448 1528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:48:32.0454 1528 pciide - ok
20:48:32.0469 1528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:48:32.0477 1528 pcmcia - ok
20:48:32.0487 1528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:48:32.0494 1528 pcw - ok
20:48:32.0513 1528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:48:32.0554 1528 PEAUTH - ok
20:48:32.0571 1528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:48:32.0588 1528 PerfHost - ok
20:48:32.0633 1528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:48:32.0700 1528 pla - ok
20:48:32.0729 1528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:48:32.0755 1528 PlugPlay - ok
20:48:32.0765 1528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:48:32.0790 1528 PNRPAutoReg - ok
20:48:32.0800 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:48:32.0810 1528 PNRPsvc - ok
20:48:32.0837 1528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:48:32.0876 1528 PolicyAgent - ok
20:48:32.0890 1528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:48:32.0924 1528 Power - ok
20:48:32.0945 1528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:48:32.0976 1528 PptpMiniport - ok
20:48:32.0990 1528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:48:33.0006 1528 Processor - ok
20:48:33.0032 1528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:48:33.0055 1528 ProfSvc - ok
20:48:33.0064 1528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:48:33.0072 1528 ProtectedStorage - ok
20:48:33.0096 1528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:48:33.0131 1528 Psched - ok
20:48:33.0177 1528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:48:33.0217 1528 ql2300 - ok
20:48:33.0232 1528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:48:33.0243 1528 ql40xx - ok
20:48:33.0265 1528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:48:33.0280 1528 QWAVE - ok
20:48:33.0291 1528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:48:33.0306 1528 QWAVEdrv - ok
20:48:33.0320 1528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:48:33.0356 1528 RasAcd - ok
20:48:33.0381 1528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:48:33.0429 1528 RasAgileVpn - ok
20:48:33.0441 1528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:48:33.0491 1528 RasAuto - ok
20:48:33.0511 1528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:48:33.0537 1528 Rasl2tp - ok
20:48:33.0550 1528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:48:33.0586 1528 RasMan - ok
20:48:33.0599 1528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:48:33.0634 1528 RasPppoe - ok
20:48:33.0662 1528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:48:33.0694 1528 RasSstp - ok
20:48:33.0711 1528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:48:33.0758 1528 rdbss - ok
20:48:33.0778 1528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:48:33.0802 1528 rdpbus - ok
20:48:33.0813 1528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:48:33.0844 1528 RDPCDD - ok
20:48:33.0862 1528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:48:33.0896 1528 RDPENCDD - ok
20:48:33.0906 1528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:48:33.0942 1528 RDPREFMP - ok
20:48:33.0964 1528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:48:34.0004 1528 RDPWD - ok
20:48:34.0037 1528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:48:34.0048 1528 rdyboost - ok
20:48:34.0064 1528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:48:34.0099 1528 RemoteAccess - ok
20:48:34.0123 1528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:48:34.0153 1528 RemoteRegistry - ok
20:48:34.0171 1528 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:48:34.0182 1528 RFCOMM - ok
20:48:34.0191 1528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:48:34.0225 1528 RpcEptMapper - ok
20:48:34.0236 1528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:48:34.0267 1528 RpcLocator - ok
20:48:34.0296 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:48:34.0326 1528 RpcSs - ok
20:48:34.0354 1528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:48:34.0394 1528 rspndr - ok
20:48:34.0422 1528 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
20:48:34.0436 1528 RSUSBVSTOR - ok
20:48:34.0459 1528 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:48:34.0470 1528 RTL8167 - ok
20:48:34.0505 1528 [ C92E383CDAFE94B0DA30CBFCD561ECF8 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
20:48:34.0512 1528 s1039bus - ok
20:48:34.0528 1528 [ CBACDDCE5FD32310FD5855E1FD8517E8 ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
20:48:34.0535 1528 s1039mdfl - ok
20:48:34.0553 1528 [ A339F1E0BC7AF29B2FDBA32AE4B9FCA4 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
20:48:34.0561 1528 s1039mdm - ok
20:48:34.0589 1528 [ 84E260AAD1BB19DFCC0DD333CB83BBA7 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
20:48:34.0596 1528 s1039mgmt - ok
20:48:34.0606 1528 [ 0772F403D615563E9D8D32BA7A132D1E ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
20:48:34.0613 1528 s1039nd5 - ok
20:48:34.0629 1528 [ 134EDBCE4DACD749FC508AFE1C512D09 ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
20:48:34.0638 1528 s1039obex - ok
20:48:34.0647 1528 [ BC54B27EC3900328BC390E98BBFC9D3A ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
20:48:34.0655 1528 s1039unic - ok
20:48:34.0661 1528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:48:34.0669 1528 SamSs - ok
20:48:34.0679 1528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:48:34.0688 1528 sbp2port - ok
20:48:34.0708 1528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:48:34.0744 1528 SCardSvr - ok
20:48:34.0760 1528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:48:34.0796 1528 scfilter - ok
20:48:34.0821 1528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:48:34.0870 1528 Schedule - ok
20:48:34.0885 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:48:34.0909 1528 SCPolicySvc - ok
20:48:34.0923 1528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:48:34.0947 1528 SDRSVC - ok
20:48:34.0958 1528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:48:35.0005 1528 secdrv - ok
20:48:35.0024 1528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:48:35.0062 1528 seclogon - ok
20:48:35.0078 1528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:48:35.0114 1528 SENS - ok
20:48:35.0128 1528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:48:35.0156 1528 SensrSvc - ok
20:48:35.0191 1528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:48:35.0205 1528 Serenum - ok
20:48:35.0222 1528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:48:35.0245 1528 Serial - ok
20:48:35.0260 1528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:48:35.0277 1528 sermouse - ok
20:48:35.0302 1528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:48:35.0338 1528 SessionEnv - ok
20:48:35.0348 1528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:48:35.0358 1528 sffdisk - ok
20:48:35.0367 1528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:48:35.0385 1528 sffp_mmc - ok
20:48:35.0391 1528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:48:35.0401 1528 sffp_sd - ok
20:48:35.0407 1528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:48:35.0424 1528 sfloppy - ok
20:48:35.0447 1528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:48:35.0488 1528 SharedAccess - ok
20:48:35.0505 1528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:48:35.0543 1528 ShellHWDetection - ok
20:48:35.0558 1528 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
20:48:35.0578 1528 SiSGbeLH - ok
20:48:35.0603 1528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:48:35.0611 1528 SiSRaid2 - ok
20:48:35.0621 1528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:48:35.0630 1528 SiSRaid4 - ok
20:48:35.0645 1528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:48:35.0672 1528 Smb - ok
20:48:35.0707 1528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:48:35.0730 1528 SNMPTRAP - ok
20:48:35.0747 1528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:48:35.0754 1528 spldr - ok
20:48:35.0773 1528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:48:35.0802 1528 Spooler - ok
20:48:35.0862 1528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:48:35.0954 1528 sppsvc - ok
20:48:35.0962 1528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:48:36.0010 1528 sppuinotify - ok
20:48:36.0045 1528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:48:36.0073 1528 srv - ok
20:48:36.0092 1528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:48:36.0127 1528 srv2 - ok
20:48:36.0139 1528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:48:36.0159 1528 srvnet - ok
20:48:36.0184 1528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:48:36.0212 1528 SSDPSRV - ok
20:48:36.0236 1528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:48:36.0271 1528 SstpSvc - ok
20:48:36.0327 1528 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:48:36.0342 1528 Stereo Service - ok
20:48:36.0348 1528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:48:36.0355 1528 stexstor - ok
20:48:36.0382 1528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:48:36.0408 1528 stisvc - ok
20:48:36.0427 1528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:48:36.0434 1528 swenum - ok
20:48:36.0461 1528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:48:36.0503 1528 swprv - ok
20:48:36.0537 1528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:48:36.0596 1528 SysMain - ok
20:48:36.0604 1528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:48:36.0625 1528 TabletInputService - ok
20:48:36.0638 1528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:48:36.0678 1528 TapiSrv - ok
20:48:36.0689 1528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:48:36.0727 1528 TBS - ok
20:48:36.0780 1528 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:48:36.0843 1528 Tcpip - ok
20:48:36.0885 1528 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:48:36.0912 1528 TCPIP6 - ok
20:48:36.0936 1528 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:48:36.0995 1528 tcpipreg - ok
20:48:37.0024 1528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:48:37.0034 1528 TDPIPE - ok
20:48:37.0054 1528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:48:37.0083 1528 TDTCP - ok
20:48:37.0101 1528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:48:37.0126 1528 tdx - ok
20:48:37.0136 1528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:48:37.0144 1528 TermDD - ok
20:48:37.0173 1528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:48:37.0216 1528 TermService - ok
20:48:37.0223 1528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:48:37.0243 1528 Themes - ok
20:48:37.0258 1528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:48:37.0284 1528 THREADORDER - ok
20:48:37.0310 1528 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
20:48:37.0326 1528 TPM - ok
20:48:37.0344 1528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:48:37.0379 1528 TrkWks - ok
20:48:37.0409 1528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:48:37.0455 1528 TrustedInstaller - ok
20:48:37.0470 1528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:48:37.0495 1528 tssecsrv - ok
20:48:37.0525 1528 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:48:37.0545 1528 TsUsbFlt - ok
20:48:37.0554 1528 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:48:37.0574 1528 TsUsbGD - ok
20:48:37.0590 1528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:48:37.0625 1528 tunnel - ok
20:48:37.0651 1528 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:48:37.0661 1528 TurboB - ok
20:48:37.0697 1528 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:48:37.0707 1528 TurboBoost - ok
20:48:37.0723 1528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:48:37.0732 1528 uagp35 - ok
20:48:37.0754 1528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:48:37.0809 1528 udfs - ok
20:48:37.0829 1528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:48:37.0848 1528 UI0Detect - ok
20:48:37.0864 1528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:48:37.0873 1528 uliagpkx - ok
20:48:37.0884 1528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:48:37.0903 1528 umbus - ok
20:48:37.0909 1528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:48:37.0923 1528 UmPass - ok
20:48:37.0993 1528 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:48:38.0048 1528 UNS - ok
20:48:38.0067 1528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:48:38.0105 1528 upnphost - ok
20:48:38.0128 1528 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:48:38.0141 1528 usbccgp - ok
20:48:38.0162 1528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:48:38.0182 1528 usbcir - ok
20:48:38.0193 1528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:48:38.0225 1528 usbehci - ok
20:48:38.0247 1528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:48:38.0269 1528 usbhub - ok
20:48:38.0280 1528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:48:38.0301 1528 usbohci - ok
20:48:38.0311 1528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:48:38.0327 1528 usbprint - ok
20:48:38.0342 1528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:48:38.0375 1528 USBSTOR - ok
20:48:38.0388 1528 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:48:38.0405 1528 usbuhci - ok
20:48:38.0432 1528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:48:38.0448 1528 usbvideo - ok
20:48:38.0465 1528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:48:38.0499 1528 UxSms - ok
20:48:38.0508 1528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:48:38.0516 1528 VaultSvc - ok
20:48:38.0530 1528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:48:38.0537 1528 vdrvroot - ok
20:48:38.0561 1528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:48:38.0599 1528 vds - ok
20:48:38.0616 1528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:48:38.0636 1528 vga - ok
20:48:38.0644 1528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:48:38.0675 1528 VgaSave - ok
20:48:38.0688 1528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:48:38.0696 1528 vhdmp - ok
20:48:38.0708 1528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:48:38.0716 1528 viaide - ok
20:48:38.0732 1528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:48:38.0741 1528 volmgr - ok
20:48:38.0753 1528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:48:38.0766 1528 volmgrx - ok
20:48:38.0784 1528 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:48:38.0795 1528 volsnap - ok
20:48:38.0812 1528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:48:38.0821 1528 vsmraid - ok
20:48:38.0858 1528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:48:38.0930 1528 VSS - ok
20:48:38.0942 1528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:48:38.0977 1528 vwifibus - ok
20:48:39.0002 1528 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:48:39.0026 1528 vwififlt - ok
20:48:39.0039 1528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:48:39.0088 1528 W32Time - ok
20:48:39.0119 1528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:48:39.0139 1528 WacomPen - ok
20:48:39.0162 1528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:48:39.0197 1528 WANARP - ok
20:48:39.0200 1528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:48:39.0224 1528 Wanarpv6 - ok
20:48:39.0271 1528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:48:39.0322 1528 wbengine - ok
20:48:39.0335 1528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:48:39.0364 1528 WbioSrvc - ok
20:48:39.0380 1528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:48:39.0435 1528 wcncsvc - ok
20:48:39.0449 1528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:48:39.0463 1528 WcsPlugInService - ok
20:48:39.0474 1528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:48:39.0481 1528 Wd - ok
20:48:39.0513 1528 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:48:39.0532 1528 Wdf01000 - ok
20:48:39.0546 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:48:39.0565 1528 WdiServiceHost - ok
20:48:39.0569 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:48:39.0582 1528 WdiSystemHost - ok
20:48:39.0601 1528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:48:39.0625 1528 WebClient - ok
20:48:39.0638 1528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:48:39.0676 1528 Wecsvc - ok
20:48:39.0690 1528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:48:39.0720 1528 wercplsupport - ok
20:48:39.0739 1528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:48:39.0774 1528 WerSvc - ok
20:48:39.0794 1528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:48:39.0820 1528 WfpLwf - ok
20:48:39.0840 1528 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:48:39.0850 1528 WimFltr - ok
20:48:39.0861 1528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:48:39.0869 1528 WIMMount - ok
20:48:39.0888 1528 WinDefend - ok
20:48:39.0892 1528 WinHttpAutoProxySvc - ok
20:48:39.0938 1528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:48:39.0977 1528 Winmgmt - ok
20:48:40.0019 1528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:48:40.0116 1528 WinRM - ok
20:48:40.0156 1528 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:48:40.0166 1528 WinUsb - ok
20:48:40.0184 1528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:48:40.0218 1528 Wlansvc - ok
20:48:40.0251 1528 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:48:40.0258 1528 wlcrasvc - ok
20:48:40.0350 1528 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:48:40.0401 1528 wlidsvc - ok
20:48:40.0419 1528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:48:40.0434 1528 WmiAcpi - ok
20:48:40.0450 1528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:48:40.0484 1528 wmiApSrv - ok
20:48:40.0514 1528 WMPNetworkSvc - ok
20:48:40.0523 1528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:48:40.0532 1528 WPCSvc - ok
20:48:40.0543 1528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:48:40.0553 1528 WPDBusEnum - ok
20:48:40.0562 1528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:48:40.0594 1528 ws2ifsl - ok
20:48:40.0609 1528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:48:40.0638 1528 wscsvc - ok
20:48:40.0640 1528 WSearch - ok
20:48:40.0703 1528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:48:40.0764 1528 wuauserv - ok
20:48:40.0779 1528 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:48:40.0813 1528 WudfPf - ok
20:48:40.0856 1528 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:48:40.0896 1528 WUDFRd - ok
20:48:40.0907 1528 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:48:40.0933 1528 wudfsvc - ok
20:48:40.0952 1528 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:48:40.0979 1528 WwanSvc - ok
20:48:41.0045 1528 [ 28B051B78471FC290C1790623D5908E1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:48:41.0054 1528 ZAtheros Bt&Wlan Coex Agent - ok
20:48:41.0066 1528 ================ Scan global ===============================
20:48:41.0088 1528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:48:41.0108 1528 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:48:41.0115 1528 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:48:41.0132 1528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:48:41.0148 1528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:48:41.0150 1528 [Global] - ok
20:48:41.0150 1528 ================ Scan MBR ==================================
20:48:41.0158 1528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:48:41.0531 1528 \Device\Harddisk0\DR0 - ok
20:48:41.0532 1528 ================ Scan VBR ==================================
20:48:41.0537 1528 [ 1E203E03CEB260DC5F95C1B35415DAAA ] \Device\Harddisk0\DR0\Partition1
20:48:41.0540 1528 \Device\Harddisk0\DR0\Partition1 - ok
20:48:41.0540 1528 ============================================================
20:48:41.0541 1528 Scan finished
20:48:41.0541 1528 ============================================================
20:48:41.0552 3860 Detected object count: 0
20:48:41.0552 3860 Actual detected object count: 0
20:49:08.0839 2600 Deinitialize success
|
|
15.10.2012, 21:02
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Ist auch unaufällig Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen. So kann man sehen ob sich da ein Hardwareproblem abzeichnet oder der Fehler eher in der Konfig in Windows und/oder im Dateisystem ist. Lad dir mal sowas wie Knoppix oder Ubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon. Teste dann mal ausgiebig das System unter Linux und berichte ob es dort normal läuft.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.10.2012, 15:31
| #29 |
| | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? Hey, ein Hardwareproblem schließe ich aus, weil dieses Problem erst seit ein paar Tagen besteht und manchmal bewegt sich die Schiebeleiste im Browser einfach wie von Geisterhand, also nach unten oder oben Oder wenn ich mit der Maus auf einen ( egal welchen ) Button klicken möchte, springt der Mauszeiger auch kurz weg, das ist schon komisch |
|
17.10.2012, 12:01
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?Zitat:
 Das hat mit Logik irgendwie nichts zu tiun - schon davon gehört dass Dinge ohne Voränkündigung von einem aud den anderen Tag kaputtgehen können? Aber gut, wenn du den Test mit Linux nicht machen willst treten wir eben auf der Stelle
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? |
| befall, dauert, ebook, einfach, fenster, gfnexsrv.exe, hintergrund, hochgefahren, klicke, komisch, lange, leute, malware, nodrives, notebook, nvpciflt.sys, plug-in, rechtsklick, sekunden, stören, systems, systemstart, troja, trojaner, usb 3.0, verdacht, verhält, viren, woche, wochen |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
