svhost.exe fordert mehr cpu als Crysis 3 auf Ultra (Beim Start)

Iceinsky69 · 28.05.2013, 13:58

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 13-05-28.02 - ff0 28.05.2013  14:49:58.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8173.6026 [GMT 2:00]
ausgeführt von:: c:\users\ff0\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\coonytiynnueotiosave
c:\programdata\coonytiynnueotiosave\518bd3bf1123b.dll
c:\programdata\coonytiynnueotiosave\518bd3bf1123b.tlb
c:\programdata\coonytiynnueotiosave\data\coonytiynnueotiosave.dat
c:\programdata\coonytiynnueotiosave\settings.ini
c:\programdata\SearchNewTab
c:\programdata\SearchNewTab\518bd3cc3b005.dll
c:\programdata\SearchNewTab\518bd3cc3b005.tlb
c:\programdata\SearchNewTab\data\SearchNewTab.dat
c:\programdata\SearchNewTab\settings.ini
c:\users\ff0\AppData\Roaming\Microsoft\svhost.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-28  ))))))))))))))))))))))))))))))
.
.
2013-05-28 12:52 . 2013-05-28 12:52	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-05-28 12:52 . 2013-05-28 12:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-28 11:59 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{707F0F57-A19C-4587-A585-CA90C1FA51E5}\mpengine.dll
2013-05-27 16:16 . 2013-05-27 16:16	36680	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-05-27 16:16 . 2013-05-27 16:16	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	c:\windows\ERUNT
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	C:\JRT
2013-05-26 13:25 . 2013-05-26 13:25	--------	d-----w-	c:\users\ff0\AppData\Local\NVIDIA
2013-05-26 13:24 . 2013-05-26 13:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-05-26 13:22 . 2013-02-25 05:27	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-26 13:22 . 2013-02-25 05:27	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-25 14:08 . 2013-05-25 14:09	--------	d-----w-	c:\users\ff0\AppData\Roaming\Minecraft Version Changer
2013-05-25 09:08 . 2013-05-28 12:47	--------	d-----w-	c:\users\ff0\AppData\Roaming\.minecraft
2013-05-24 11:57 . 2013-05-24 11:57	55296	----a-r-	c:\users\ff0\AppData\Roaming\Microsoft\Installer\{D1FD3035-DD6F-4A17-BC30-784E97EFBC68}\IconD1FD3035.exe
2013-05-24 11:54 . 2013-05-24 11:54	--------	d-----w-	c:\programdata\OUTLAWS
2013-05-23 22:12 . 2013-05-23 22:12	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-23 22:06 . 2013-05-23 22:06	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-05-23 21:57 . 2013-05-23 21:57	--------	d-----w-	c:\program files (x86)\Terraria
2013-05-23 16:23 . 2004-07-15 22:20	733184	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2013-05-23 16:23 . 2004-07-15 22:20	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2013-05-23 16:23 . 2004-07-15 22:19	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2013-05-23 16:23 . 2004-07-15 22:18	172032	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2013-05-23 16:23 . 2004-07-15 22:18	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2013-05-23 16:23 . 2013-05-23 16:23	180356	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2013-05-23 16:23 . 2013-05-23 16:23	303236	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2013-05-21 20:24 . 2013-04-23 15:03	87054	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dll
2013-05-21 20:24 . 2013-04-23 15:03	45056	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
2013-05-21 20:24 . 2013-04-23 15:03	435712	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
2013-05-21 20:24 . 2013-04-23 15:03	323584	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	309248	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
2013-05-21 20:24 . 2013-04-23 15:03	224256	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
2013-05-21 20:24 . 2013-04-23 15:03	1479680	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	122368	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
2013-05-21 20:24 . 2013-04-23 15:03	104960	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
2013-05-21 20:24 . 2013-05-28 11:55	587776	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe
2013-05-20 12:19 . 2013-05-20 12:20	--------	d-----w-	c:\program files (x86)\TornTV.com
2013-05-20 09:18 . 2013-05-20 09:18	--------	d-----w-	c:\users\ff0\AppData\Roaming\Atari
2013-05-19 14:47 . 2013-05-19 14:47	--------	d-----w-	c:\program files (x86)\Halycon Media
2013-05-19 13:48 . 2013-05-19 13:48	--------	d-----w-	c:\users\ff0\AppData\Roaming\Leadertech
2013-05-19 12:03 . 2013-05-19 12:03	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-05-19 12:02 . 2013-05-19 12:02	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-18 08:46 . 2013-05-18 08:46	--------	d-----w-	c:\program files\CCleaner
2013-05-17 12:33 . 2013-05-17 12:35	--------	d-----w-	c:\users\ff0\AppData\Roaming\skyz
2013-05-16 11:59 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 19:43 . 2013-05-27 13:10	--------	d-----w-	c:\users\ff0\AppData\Roaming\FileZilla
2013-05-15 19:43 . 2013-05-15 19:43	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2013-05-15 12:11 . 2013-05-15 12:11	103736	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-05-15 12:11 . 2013-05-15 12:11	669184	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-05-15 12:11 . 2013-05-15 12:11	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-05-13 17:06 . 2013-05-16 15:38	--------	d-----w-	c:\programdata\Avira
2013-05-13 17:03 . 2013-05-13 17:03	--------	d-----w-	c:\program files (x86)\MSECache
2013-05-13 13:39 . 2013-05-13 13:39	--------	d-----w-	c:\programdata\Orbit
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\users\ff0\AppData\Local\Ubisoft Game Launcher
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\users\ff0\AppData\Roaming\WindSolutions
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\programdata\WindSolutions
2013-05-12 13:43 . 2013-05-12 13:43	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-05-12 08:53 . 2013-05-12 17:27	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-05-12 08:51 . 2013-05-12 08:51	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2013-05-11 08:36 . 2013-05-11 08:36	--------	d-----w-	c:\users\ff0\AppData\Roaming\Dream Aquarium
2013-05-10 20:16 . 2013-05-10 20:16	--------	d-----w-	c:\users\ff0\AppData\Roaming\Publish Providers
2013-05-10 19:57 . 2013-05-12 09:22	--------	d-----w-	c:\users\ff0\AppData\Local\Sony
2013-05-10 19:56 . 2013-05-10 20:20	--------	d-----w-	c:\users\ff0\AppData\Roaming\Sony
2013-05-10 19:06 . 2013-05-10 19:14	--------	d-----w-	c:\users\ff0\AppData\Roaming\Teeworlds
2013-05-10 13:08 . 2013-05-10 13:08	--------	d-----w-	c:\program files (x86)\Clownfish
2013-05-10 11:33 . 2013-05-10 11:35	--------	d-----w-	c:\users\ff0\AppData\Local\mcpatcher
2013-05-09 17:32 . 2013-05-09 19:02	--------	d-----w-	c:\users\ff0\.aria2
2013-05-09 17:02 . 2013-05-07 17:26	1751552	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe
2013-05-09 17:02 . 2013-05-09 17:02	--------	d-----w-	c:\users\ff0\AppData\Roaming\EvolutionClips
2013-05-09 16:18 . 2013-05-09 16:18	--------	d-----w-	c:\programdata\StarApp
2013-05-09 12:45 . 2013-05-09 12:45	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-05-09 12:44 . 2013-05-09 12:44	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-05-09 12:44 . 2013-05-09 12:44	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-06 15:52 . 2013-05-06 15:52	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-06 12:45	--------	d-----w-	c:\users\ff0\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-12 09:32	--------	d-----w-	c:\programdata\Microsoft Help
2013-05-05 04:54 . 2013-05-05 04:54	--------	d-sh--w-	c:\programdata\SecuROM
2013-05-05 04:52 . 2013-05-05 04:54	--------	d-----w-	c:\users\ff0\AppData\Local\Rockstar Games
2013-05-05 04:48 . 2013-05-05 04:48	--------	d--h--r-	c:\users\ff0\AppData\Roaming\SecuROM
2013-05-04 10:32 . 2013-05-04 10:32	--------	d-----w-	C:\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Roaming\ATI
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\ATI
2013-05-04 08:12 . 2013-05-04 10:35	--------	d-----w-	c:\programdata\AMD
2013-05-03 04:43 . 2013-05-03 04:43	--------	d-----w-	c:\users\ff0\AppData\Local\Programs
2013-04-30 21:41 . 2013-04-30 21:41	--------	d-----w-	c:\windows\system32\wbem\Framework
2013-04-30 04:41 . 2013-05-12 09:26	--------	d-----w-	c:\users\ff0\AppData\Local\GameSpy
2013-04-30 04:41 . 2013-05-01 09:05	--------	d-----w-	c:\users\ff0\AppData\Local\ApplicationHistory
2013-04-30 03:53 . 2013-04-30 03:53	--------	d-----w-	c:\program files (x86)\Electronic Arts
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\program files (x86)\Google
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\users\ff0\AppData\Local\Google
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-28 11:55 . 2013-04-12 19:21	25640	----a-w-	c:\windows\gdrv.sys
2013-05-19 13:17 . 2013-04-12 16:57	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-19 13:17 . 2013-04-12 16:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 11:59 . 2013-04-14 08:54	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-12 21:42 . 2013-04-13 16:16	27775776	----a-w-	c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-04-12 15:49	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-12 15:49	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-12 15:49	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-12 21:42 . 2013-04-12 15:49	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-05-12 21:42 . 2013-02-25 22:32	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-25 22:32	15143904	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-05-12 20:34 . 2013-04-12 15:49	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-04-12 15:49	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-04-12 15:49	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-04-12 15:49	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-04-12 15:49	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-04-12 15:49	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-11 06:59 . 2013-04-12 16:36	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-05-10 20:36 . 2013-04-12 16:39	25640	----a-w-	c:\windows\etdrv.sys
2013-05-08 14:13 . 2013-04-12 15:49	3165737	----a-w-	c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-27 14:09 . 2013-04-27 14:09	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-24 15:01 . 2013-04-24 15:01	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2013-04-22 17:03 . 2013-04-22 17:03	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-04-13 21:47 . 2013-04-13 21:47	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-04-13 19:18 . 2013-04-12 16:20	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 19:18 . 2013-04-12 16:20	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:07	310688	----a-w-	c:\windows\system32\javaws.exe
2013-04-13 19:07 . 2013-04-13 19:07	188832	----a-w-	c:\windows\system32\javaw.exe
2013-04-13 19:07 . 2013-04-13 19:07	188320	----a-w-	c:\windows\system32\java.exe
2013-04-13 19:07 . 2013-04-13 19:07	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-13 19:07 . 2013-04-13 19:05	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:05	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-16 11:59	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 11:59	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 11:59	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 11:59	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 16:06 . 2013-04-12 16:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-12 16:06 . 2013-04-12 16:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-12 16:06 . 2013-04-12 16:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-12 16:06 . 2013-04-12 16:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-12 16:06 . 2013-04-12 16:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-12 16:06 . 2013-04-12 16:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-12 16:06 . 2013-04-12 16:06	441856	----a-w-	c:\windows\system32\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-12 16:06 . 2013-04-12 16:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-12 16:06 . 2013-04-12 16:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-12 16:06 . 2013-04-12 16:06	235008	----a-w-	c:\windows\system32\url.dll
2013-04-12 16:06 . 2013-04-12 16:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-12 16:06 . 2013-04-12 16:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-12 16:06 . 2013-04-12 16:06	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-12 16:06 . 2013-04-12 16:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-12 16:06 . 2013-04-12 16:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-12 16:06 . 2013-04-12 16:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-12 16:06 . 2013-04-12 16:06	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-12 16:04 . 2013-04-12 16:04	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"VSA"="c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe" [2013-05-07 1751552]
"uTorrent"="c:\users\ff0\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-04 802136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-11 5119600]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files (x86)\Hama\Common\RaUI.exe [2013-4-12 1597440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys [2011-02-08 66160]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2013-05-10 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-05-11 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-05-27 36680]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2008-09-10 1286656]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\ff0\AppData\Local\Temp\tmp7000.tmp [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2_x64\RPMKickstart.exe" [2010-11-04 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - i:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - i:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\
FF - ExtSQL: 2013-05-20 14:19; torntv2@torntv.com; c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\extensions\torntv2@torntv.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Clownfish - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{053E605B-B075-C3EF-2B7E-BB5425783284} - c:\progra~3\INSTAL~2\{99A4A~1\Setup.exe
AddRemove-{45775808-A88C-9CC7-B700-7D5690B949C0} - c:\progra~3\INSTAL~2\{72FA5~1\Setup.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\ff0\AppData\Local\Temp\tmp7000.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:f3,75,5a,2a,cc,39,8d,ab,14,16,02,01,25,ca,c0,10,86,b6,0f,0b,14,99,8d,
   8f,45,b6,9b,37,4a,79,97,0f,be,e5,43,fe,93,45,51,90,21,f4,b9,ad,a8,6a,6f,62,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,24,34,58,7f,0f,9d,5e,35,d6,05,59,40,23,6e,cd,77,99,ba,db,8e,
   d1,1d,02,3a,4d,fe,19,cf,bf,c7,f7,2f,73,3f,b5,ff,fb,db,46,27,a6,a2,49,16,15,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-28  14:54:22
ComboFix-quarantined-files.txt  2013-05-28 12:54
.
Vor Suchlauf: 15 Verzeichnis(se), 37.758.414.848 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 38.119.243.776 Bytes frei
.
- - End Of File - - E7299349D7266C58B6C8A6B06B85529B
         
 --- --- ---

cosinus · 28.05.2013, 15:09

Combofix-Skript

WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link

Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
Code:
ATTFilter
Dirlook::
c:\users\ff0\AppData\Roaming\skyz

Filelook::
c:\windows\system32\drivers\dxgmms1.sys
         
Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Speichere dies als CFScript.txt auf deinem Desktop.

Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!

Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.

Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:

Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.

Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.
Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

Iceinsky69 · 28.05.2013, 17:42

Code:

ATTFilter

 
Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 13-05-28.02 - ff0 28.05.2013  18:36:24.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8173.6681 [GMT 2:00]
ausgeführt von:: c:\users\ff0\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\ff0\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\coonytiynnueotiosave
c:\programdata\coonytiynnueotiosave\518bd3bf1123b.dll
c:\programdata\coonytiynnueotiosave\518bd3bf1123b.tlb
c:\programdata\coonytiynnueotiosave\settings.ini
c:\programdata\SearchNewTab
c:\programdata\SearchNewTab\518bd3cc3b005.dll
c:\programdata\SearchNewTab\518bd3cc3b005.tlb
c:\programdata\SearchNewTab\settings.ini
c:\users\ff0\AppData\Roaming\Microsoft\svhost.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-28  ))))))))))))))))))))))))))))))
.
.
2013-05-28 16:39 . 2013-05-28 16:39	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-05-28 16:39 . 2013-05-28 16:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-27 16:16 . 2013-05-27 16:16	36680	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-05-27 16:16 . 2013-05-27 16:16	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	c:\windows\ERUNT
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	C:\JRT
2013-05-26 13:25 . 2013-05-26 13:25	--------	d-----w-	c:\users\ff0\AppData\Local\NVIDIA
2013-05-26 13:24 . 2013-05-26 13:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-05-26 13:22 . 2013-02-25 05:27	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-26 13:22 . 2013-02-25 05:27	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-25 14:08 . 2013-05-25 14:09	--------	d-----w-	c:\users\ff0\AppData\Roaming\Minecraft Version Changer
2013-05-25 09:08 . 2013-05-28 16:15	--------	d-----w-	c:\users\ff0\AppData\Roaming\.minecraft
2013-05-24 11:57 . 2013-05-24 11:57	55296	----a-r-	c:\users\ff0\AppData\Roaming\Microsoft\Installer\{D1FD3035-DD6F-4A17-BC30-784E97EFBC68}\IconD1FD3035.exe
2013-05-24 11:54 . 2013-05-24 11:54	--------	d-----w-	c:\programdata\OUTLAWS
2013-05-23 22:12 . 2013-05-23 22:12	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-23 22:06 . 2013-05-23 22:06	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-05-23 21:57 . 2013-05-23 21:57	--------	d-----w-	c:\program files (x86)\Terraria
2013-05-23 16:23 . 2004-07-15 22:20	733184	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2013-05-23 16:23 . 2004-07-15 22:20	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2013-05-23 16:23 . 2004-07-15 22:19	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2013-05-23 16:23 . 2004-07-15 22:18	172032	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2013-05-23 16:23 . 2004-07-15 22:18	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2013-05-23 16:23 . 2013-05-23 16:23	180356	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2013-05-23 16:23 . 2013-05-23 16:23	303236	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2013-05-21 20:24 . 2013-04-23 15:03	87054	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dll
2013-05-21 20:24 . 2013-04-23 15:03	45056	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
2013-05-21 20:24 . 2013-04-23 15:03	435712	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
2013-05-21 20:24 . 2013-04-23 15:03	323584	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	309248	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
2013-05-21 20:24 . 2013-04-23 15:03	224256	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
2013-05-21 20:24 . 2013-04-23 15:03	1479680	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	122368	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
2013-05-21 20:24 . 2013-04-23 15:03	104960	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
2013-05-21 20:24 . 2013-05-28 14:21	587776	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe
2013-05-20 12:19 . 2013-05-20 12:20	--------	d-----w-	c:\program files (x86)\TornTV.com
2013-05-20 09:18 . 2013-05-20 09:18	--------	d-----w-	c:\users\ff0\AppData\Roaming\Atari
2013-05-19 14:47 . 2013-05-19 14:47	--------	d-----w-	c:\program files (x86)\Halycon Media
2013-05-19 13:48 . 2013-05-19 13:48	--------	d-----w-	c:\users\ff0\AppData\Roaming\Leadertech
2013-05-19 12:03 . 2013-05-19 12:03	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-05-19 12:02 . 2013-05-19 12:02	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-18 08:46 . 2013-05-18 08:46	--------	d-----w-	c:\program files\CCleaner
2013-05-17 12:33 . 2013-05-17 12:35	--------	d-----w-	c:\users\ff0\AppData\Roaming\skyz
2013-05-16 11:59 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 19:43 . 2013-05-27 13:10	--------	d-----w-	c:\users\ff0\AppData\Roaming\FileZilla
2013-05-15 19:43 . 2013-05-15 19:43	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2013-05-15 12:11 . 2013-05-15 12:11	103736	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-05-15 12:11 . 2013-05-15 12:11	669184	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-05-15 12:11 . 2013-05-15 12:11	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-05-13 17:06 . 2013-05-16 15:38	--------	d-----w-	c:\programdata\Avira
2013-05-13 17:03 . 2013-05-13 17:03	--------	d-----w-	c:\program files (x86)\MSECache
2013-05-13 13:39 . 2013-05-13 13:39	--------	d-----w-	c:\programdata\Orbit
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\users\ff0\AppData\Local\Ubisoft Game Launcher
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\users\ff0\AppData\Roaming\WindSolutions
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\programdata\WindSolutions
2013-05-12 13:43 . 2013-05-12 13:43	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-05-12 08:53 . 2013-05-12 17:27	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-05-12 08:51 . 2013-05-12 08:51	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2013-05-11 08:36 . 2013-05-11 08:36	--------	d-----w-	c:\users\ff0\AppData\Roaming\Dream Aquarium
2013-05-10 20:16 . 2013-05-10 20:16	--------	d-----w-	c:\users\ff0\AppData\Roaming\Publish Providers
2013-05-10 19:57 . 2013-05-12 09:22	--------	d-----w-	c:\users\ff0\AppData\Local\Sony
2013-05-10 19:56 . 2013-05-10 20:20	--------	d-----w-	c:\users\ff0\AppData\Roaming\Sony
2013-05-10 19:06 . 2013-05-10 19:14	--------	d-----w-	c:\users\ff0\AppData\Roaming\Teeworlds
2013-05-10 13:08 . 2013-05-10 13:08	--------	d-----w-	c:\program files (x86)\Clownfish
2013-05-10 11:33 . 2013-05-10 11:35	--------	d-----w-	c:\users\ff0\AppData\Local\mcpatcher
2013-05-09 17:32 . 2013-05-09 19:02	--------	d-----w-	c:\users\ff0\.aria2
2013-05-09 17:02 . 2013-05-07 17:26	1751552	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe
2013-05-09 17:02 . 2013-05-09 17:02	--------	d-----w-	c:\users\ff0\AppData\Roaming\EvolutionClips
2013-05-09 16:18 . 2013-05-09 16:18	--------	d-----w-	c:\programdata\StarApp
2013-05-09 12:45 . 2013-05-09 12:45	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-05-09 12:44 . 2013-05-09 12:44	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-05-09 12:44 . 2013-05-09 12:44	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-06 15:52 . 2013-05-06 15:52	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-06 12:45	--------	d-----w-	c:\users\ff0\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-12 09:32	--------	d-----w-	c:\programdata\Microsoft Help
2013-05-05 04:54 . 2013-05-05 04:54	--------	d-sh--w-	c:\programdata\SecuROM
2013-05-05 04:52 . 2013-05-05 04:54	--------	d-----w-	c:\users\ff0\AppData\Local\Rockstar Games
2013-05-05 04:48 . 2013-05-05 04:48	--------	d--h--r-	c:\users\ff0\AppData\Roaming\SecuROM
2013-05-04 10:32 . 2013-05-04 10:32	--------	d-----w-	C:\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Roaming\ATI
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\ATI
2013-05-04 08:12 . 2013-05-04 10:35	--------	d-----w-	c:\programdata\AMD
2013-05-03 04:43 . 2013-05-03 04:43	--------	d-----w-	c:\users\ff0\AppData\Local\Programs
2013-04-30 21:41 . 2013-04-30 21:41	--------	d-----w-	c:\windows\system32\wbem\Framework
2013-04-30 04:41 . 2013-05-12 09:26	--------	d-----w-	c:\users\ff0\AppData\Local\GameSpy
2013-04-30 04:41 . 2013-05-01 09:05	--------	d-----w-	c:\users\ff0\AppData\Local\ApplicationHistory
2013-04-30 03:53 . 2013-04-30 03:53	--------	d-----w-	c:\program files (x86)\Electronic Arts
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\program files (x86)\Google
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\users\ff0\AppData\Local\Google
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-28 14:21 . 2013-04-12 19:21	25640	----a-w-	c:\windows\gdrv.sys
2013-05-19 13:17 . 2013-04-12 16:57	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-19 13:17 . 2013-04-12 16:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 11:59 . 2013-04-14 08:54	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-12 21:42 . 2013-04-13 16:16	27775776	----a-w-	c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-04-12 15:49	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-12 15:49	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-12 15:49	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-12 21:42 . 2013-04-12 15:49	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-05-12 21:42 . 2013-02-25 22:32	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-25 22:32	15143904	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-05-12 20:34 . 2013-04-12 15:49	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-04-12 15:49	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-04-12 15:49	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-04-12 15:49	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-04-12 15:49	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-04-12 15:49	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-11 06:59 . 2013-04-12 16:36	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-05-10 20:36 . 2013-04-12 16:39	25640	----a-w-	c:\windows\etdrv.sys
2013-05-08 14:13 . 2013-04-12 15:49	3165737	----a-w-	c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-27 14:09 . 2013-04-27 14:09	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-24 15:01 . 2013-04-24 15:01	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2013-04-22 17:03 . 2013-04-22 17:03	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-04-13 21:47 . 2013-04-13 21:47	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-04-13 19:18 . 2013-04-12 16:20	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 19:18 . 2013-04-12 16:20	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:07	310688	----a-w-	c:\windows\system32\javaws.exe
2013-04-13 19:07 . 2013-04-13 19:07	188832	----a-w-	c:\windows\system32\javaw.exe
2013-04-13 19:07 . 2013-04-13 19:07	188320	----a-w-	c:\windows\system32\java.exe
2013-04-13 19:07 . 2013-04-13 19:07	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-13 19:07 . 2013-04-13 19:05	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:05	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-16 11:59	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 11:59	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 11:59	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 11:59	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 16:06 . 2013-04-12 16:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-12 16:06 . 2013-04-12 16:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-12 16:06 . 2013-04-12 16:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-12 16:06 . 2013-04-12 16:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-12 16:06 . 2013-04-12 16:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-12 16:06 . 2013-04-12 16:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-12 16:06 . 2013-04-12 16:06	441856	----a-w-	c:\windows\system32\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-12 16:06 . 2013-04-12 16:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-12 16:06 . 2013-04-12 16:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-12 16:06 . 2013-04-12 16:06	235008	----a-w-	c:\windows\system32\url.dll
2013-04-12 16:06 . 2013-04-12 16:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-12 16:06 . 2013-04-12 16:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-12 16:06 . 2013-04-12 16:06	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-12 16:06 . 2013-04-12 16:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-12 16:06 . 2013-04-12 16:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-12 16:06 . 2013-04-12 16:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-12 16:06 . 2013-04-12 16:06	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-12 16:04 . 2013-04-12 16:04	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--- c:\windows\system32\drivers\dxgmms1.sys ---
Company: Microsoft Corporation
File Description: DirectX Graphics MMS
File Version: 6.1.7601.18126 (win7sp1_gdr.130409-1534)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: dxgmms1.sys
File size: 265064
Created time: 2013-05-16 11:59
Modified time: 2013-04-10 06:01
MD5: 1F04CFB79DD5FB7694468CE3FB3DCC31
SHA1: 16F3E761BD01CD3804A1EFA73E2A3D53593F99BC
.
---- Directory of c:\users\ff0\AppData\Roaming\skyz ----
.
2013-05-17 12:35 . 2013-05-17 12:36	501090	----a-w-	c:\users\ff0\AppData\Roaming\skyz\mod_temp\CampfireMod1.5.2.zip
2013-05-17 12:33 . 2013-05-17 12:35	1996771	----a-w-	c:\users\ff0\AppData\Roaming\skyz\mod_prerequisites\ForgeV684.zip
2013-05-17 12:33 . 2013-05-17 12:33	0	----a-w-	c:\users\ff0\AppData\Roaming\skyz\mod_prerequisites\AuxFix\aux9.class
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AdobeBridge"="" [BU]
"VSA"="c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe" [2013-05-07 1751552]
"Clownfish"="" [BU]
"uTorrent"="c:\users\ff0\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-04 802136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-11 5119600]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files (x86)\Hama\Common\RaUI.exe [2013-4-12 1597440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys [2011-02-08 66160]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2013-05-10 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-05-11 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-05-27 36680]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2008-09-10 1286656]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\ff0\AppData\Local\Temp\tmp7000.tmp [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2_x64\RPMKickstart.exe" [2010-11-04 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - i:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - i:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\
FF - ExtSQL: 2013-05-20 14:19; torntv2@torntv.com; c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\extensions\torntv2@torntv.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{053E605B-B075-C3EF-2B7E-BB5425783284} - c:\progra~3\INSTAL~2\{99A4A~1\Setup.exe
AddRemove-{45775808-A88C-9CC7-B700-7D5690B949C0} - c:\progra~3\INSTAL~2\{72FA5~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\ff0\AppData\Local\Temp\tmp7000.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:f3,75,5a,2a,cc,39,8d,ab,14,16,02,01,25,ca,c0,10,86,b6,0f,0b,14,99,8d,
   8f,45,b6,9b,37,4a,79,97,0f,be,e5,43,fe,93,45,51,90,21,f4,b9,ad,a8,6a,6f,62,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,24,34,58,7f,0f,9d,5e,35,d6,05,59,40,23,6e,cd,77,99,ba,db,8e,
   d1,1d,02,3a,4d,fe,19,cf,bf,c7,f7,2f,73,3f,b5,ff,fb,db,46,27,a6,a2,49,16,15,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-28  18:40:41
ComboFix-quarantined-files.txt  2013-05-28 16:40
ComboFix2.txt  2013-05-28 12:54
.
Vor Suchlauf: 16 Verzeichnis(se), 38.010.847.232 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 37.400.358.912 Bytes frei
.
- - End Of File - - 0A5C3F20FE28096285C07BE71015DF7C
         
 --- --- ---

cosinus · 28.05.2013, 23:23

Combofix-Skript

WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link

Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
Code:
ATTFilter
Filelook::
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dl
c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe

Dirlook::
c:\users\ff0\AppData\Roaming\Microsoft\IE10
         
Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Speichere dies als CFScript.txt auf deinem Desktop.

Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!

Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.

Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:

Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.

Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.
Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

Iceinsky69 · 29.05.2013, 13:10

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 13-05-29.01 - ff0 29.05.2013  14:00:02.3.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8173.6372 [GMT 2:00]
ausgeführt von:: c:\users\ff0\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\ff0\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ff0\AppData\Roaming\Microsoft\svhost.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-29  ))))))))))))))))))))))))))))))
.
.
2013-05-29 12:02 . 2013-05-29 12:02	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-05-29 12:02 . 2013-05-29 12:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-28 14:26 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{11712E1A-A37E-43D6-87F9-4D52C598B81D}\mpengine.dll
2013-05-27 16:16 . 2013-05-27 16:16	36680	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-05-27 16:16 . 2013-05-27 16:16	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	c:\windows\ERUNT
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	C:\JRT
2013-05-26 13:25 . 2013-05-26 13:25	--------	d-----w-	c:\users\ff0\AppData\Local\NVIDIA
2013-05-26 13:24 . 2013-05-26 13:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-05-26 13:22 . 2013-02-25 05:27	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-26 13:22 . 2013-02-25 05:27	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-25 14:08 . 2013-05-25 14:09	--------	d-----w-	c:\users\ff0\AppData\Roaming\Minecraft Version Changer
2013-05-25 09:08 . 2013-05-28 16:15	--------	d-----w-	c:\users\ff0\AppData\Roaming\.minecraft
2013-05-24 11:57 . 2013-05-24 11:57	55296	----a-r-	c:\users\ff0\AppData\Roaming\Microsoft\Installer\{D1FD3035-DD6F-4A17-BC30-784E97EFBC68}\IconD1FD3035.exe
2013-05-24 11:54 . 2013-05-24 11:54	--------	d-----w-	c:\programdata\OUTLAWS
2013-05-23 22:12 . 2013-05-23 22:12	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-23 22:06 . 2013-05-23 22:06	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-05-23 21:57 . 2013-05-23 21:57	--------	d-----w-	c:\program files (x86)\Terraria
2013-05-23 16:23 . 2004-07-15 22:20	733184	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2013-05-23 16:23 . 2004-07-15 22:20	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2013-05-23 16:23 . 2004-07-15 22:19	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2013-05-23 16:23 . 2004-07-15 22:18	172032	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2013-05-23 16:23 . 2004-07-15 22:18	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2013-05-23 16:23 . 2013-05-23 16:23	180356	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2013-05-23 16:23 . 2013-05-23 16:23	303236	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2013-05-21 20:24 . 2013-04-23 15:03	87054	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dll
2013-05-21 20:24 . 2013-04-23 15:03	45056	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
2013-05-21 20:24 . 2013-04-23 15:03	435712	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
2013-05-21 20:24 . 2013-04-23 15:03	323584	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	309248	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
2013-05-21 20:24 . 2013-04-23 15:03	224256	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
2013-05-21 20:24 . 2013-04-23 15:03	1479680	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	122368	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
2013-05-21 20:24 . 2013-04-23 15:03	104960	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
2013-05-21 20:24 . 2013-05-29 11:51	587776	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe
2013-05-20 12:19 . 2013-05-20 12:20	--------	d-----w-	c:\program files (x86)\TornTV.com
2013-05-20 09:18 . 2013-05-20 09:18	--------	d-----w-	c:\users\ff0\AppData\Roaming\Atari
2013-05-19 14:47 . 2013-05-19 14:47	--------	d-----w-	c:\program files (x86)\Halycon Media
2013-05-19 13:48 . 2013-05-19 13:48	--------	d-----w-	c:\users\ff0\AppData\Roaming\Leadertech
2013-05-19 12:03 . 2013-05-19 12:03	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-05-19 12:02 . 2013-05-19 12:02	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-18 08:46 . 2013-05-18 08:46	--------	d-----w-	c:\program files\CCleaner
2013-05-17 12:33 . 2013-05-17 12:35	--------	d-----w-	c:\users\ff0\AppData\Roaming\skyz
2013-05-16 11:59 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 19:43 . 2013-05-27 13:10	--------	d-----w-	c:\users\ff0\AppData\Roaming\FileZilla
2013-05-15 19:43 . 2013-05-15 19:43	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2013-05-15 12:11 . 2013-05-15 12:11	103736	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-05-15 12:11 . 2013-05-15 12:11	669184	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-05-15 12:11 . 2013-05-15 12:11	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-05-13 17:06 . 2013-05-16 15:38	--------	d-----w-	c:\programdata\Avira
2013-05-13 17:03 . 2013-05-13 17:03	--------	d-----w-	c:\program files (x86)\MSECache
2013-05-13 13:39 . 2013-05-13 13:39	--------	d-----w-	c:\programdata\Orbit
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\users\ff0\AppData\Local\Ubisoft Game Launcher
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\users\ff0\AppData\Roaming\WindSolutions
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\programdata\WindSolutions
2013-05-12 13:43 . 2013-05-12 13:43	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-05-12 08:53 . 2013-05-12 17:27	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-05-12 08:51 . 2013-05-12 08:51	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2013-05-11 08:36 . 2013-05-11 08:36	--------	d-----w-	c:\users\ff0\AppData\Roaming\Dream Aquarium
2013-05-10 20:16 . 2013-05-10 20:16	--------	d-----w-	c:\users\ff0\AppData\Roaming\Publish Providers
2013-05-10 19:57 . 2013-05-12 09:22	--------	d-----w-	c:\users\ff0\AppData\Local\Sony
2013-05-10 19:56 . 2013-05-10 20:20	--------	d-----w-	c:\users\ff0\AppData\Roaming\Sony
2013-05-10 19:06 . 2013-05-10 19:14	--------	d-----w-	c:\users\ff0\AppData\Roaming\Teeworlds
2013-05-10 13:08 . 2013-05-10 13:08	--------	d-----w-	c:\program files (x86)\Clownfish
2013-05-10 11:33 . 2013-05-10 11:35	--------	d-----w-	c:\users\ff0\AppData\Local\mcpatcher
2013-05-09 17:32 . 2013-05-09 19:02	--------	d-----w-	c:\users\ff0\.aria2
2013-05-09 17:02 . 2013-05-07 17:26	1751552	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe
2013-05-09 17:02 . 2013-05-09 17:02	--------	d-----w-	c:\users\ff0\AppData\Roaming\EvolutionClips
2013-05-09 16:18 . 2013-05-09 16:18	--------	d-----w-	c:\programdata\StarApp
2013-05-09 12:45 . 2013-05-09 12:45	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-05-09 12:44 . 2013-05-09 12:44	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-05-09 12:44 . 2013-05-09 12:44	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-06 15:52 . 2013-05-06 15:52	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-06 12:45	--------	d-----w-	c:\users\ff0\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-12 09:32	--------	d-----w-	c:\programdata\Microsoft Help
2013-05-05 04:54 . 2013-05-05 04:54	--------	d-sh--w-	c:\programdata\SecuROM
2013-05-05 04:52 . 2013-05-05 04:54	--------	d-----w-	c:\users\ff0\AppData\Local\Rockstar Games
2013-05-05 04:48 . 2013-05-05 04:48	--------	d--h--r-	c:\users\ff0\AppData\Roaming\SecuROM
2013-05-04 10:32 . 2013-05-04 10:32	--------	d-----w-	C:\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Roaming\ATI
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\ATI
2013-05-04 08:12 . 2013-05-04 10:35	--------	d-----w-	c:\programdata\AMD
2013-05-03 04:43 . 2013-05-03 04:43	--------	d-----w-	c:\users\ff0\AppData\Local\Programs
2013-04-30 21:41 . 2013-04-30 21:41	--------	d-----w-	c:\windows\system32\wbem\Framework
2013-04-30 04:41 . 2013-05-12 09:26	--------	d-----w-	c:\users\ff0\AppData\Local\GameSpy
2013-04-30 04:41 . 2013-05-01 09:05	--------	d-----w-	c:\users\ff0\AppData\Local\ApplicationHistory
2013-04-30 03:53 . 2013-04-30 03:53	--------	d-----w-	c:\program files (x86)\Electronic Arts
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\program files (x86)\Google
2013-04-29 12:20 . 2013-05-12 09:27	--------	d-----w-	c:\users\ff0\AppData\Local\Google
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-29 11:51 . 2013-04-12 19:21	25640	----a-w-	c:\windows\gdrv.sys
2013-05-19 13:17 . 2013-04-12 16:57	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-19 13:17 . 2013-04-12 16:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 11:59 . 2013-04-14 08:54	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-12 21:42 . 2013-04-13 16:16	27775776	----a-w-	c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-04-12 15:49	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-12 15:49	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-12 15:49	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-12 21:42 . 2013-04-12 15:49	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-05-12 21:42 . 2013-02-25 22:32	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-25 22:32	15143904	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-05-12 20:34 . 2013-04-12 15:49	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-04-12 15:49	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-04-12 15:49	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-04-12 15:49	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-04-12 15:49	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-04-12 15:49	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-11 06:59 . 2013-04-12 16:36	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-05-10 20:36 . 2013-04-12 16:39	25640	----a-w-	c:\windows\etdrv.sys
2013-05-08 14:13 . 2013-04-12 15:49	3165737	----a-w-	c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-27 14:09 . 2013-04-27 14:09	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-24 15:01 . 2013-04-24 15:01	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2013-04-22 17:03 . 2013-04-22 17:03	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-04-13 21:47 . 2013-04-13 21:47	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-04-13 19:18 . 2013-04-12 16:20	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 19:18 . 2013-04-12 16:20	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:07	310688	----a-w-	c:\windows\system32\javaws.exe
2013-04-13 19:07 . 2013-04-13 19:07	188832	----a-w-	c:\windows\system32\javaw.exe
2013-04-13 19:07 . 2013-04-13 19:07	188320	----a-w-	c:\windows\system32\java.exe
2013-04-13 19:07 . 2013-04-13 19:07	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-13 19:07 . 2013-04-13 19:05	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:05	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-16 11:59	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 11:59	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 11:59	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 11:59	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 16:06 . 2013-04-12 16:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-12 16:06 . 2013-04-12 16:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-12 16:06 . 2013-04-12 16:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-12 16:06 . 2013-04-12 16:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-12 16:06 . 2013-04-12 16:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-12 16:06 . 2013-04-12 16:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-12 16:06 . 2013-04-12 16:06	441856	----a-w-	c:\windows\system32\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-12 16:06 . 2013-04-12 16:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-12 16:06 . 2013-04-12 16:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-12 16:06 . 2013-04-12 16:06	235008	----a-w-	c:\windows\system32\url.dll
2013-04-12 16:06 . 2013-04-12 16:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-12 16:06 . 2013-04-12 16:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-12 16:06 . 2013-04-12 16:06	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-12 16:06 . 2013-04-12 16:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-12 16:06 . 2013-04-12 16:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-12 16:06 . 2013-04-12 16:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-12 16:06 . 2013-04-12 16:06	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-12 16:04 . 2013-04-12 16:04	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe ---
Company: Igor Pavlov
File Description: 7-Zip Standalone Console
File Version: 9.20
Product Name: 7-Zip
Copyright: Copyright (c) 1999-2010 Igor Pavlov
Original Filename: 7za.exe
File size: 587776
Created time: 2013-05-21 20:24
Modified time: 2013-05-29 11:51
MD5: 42BADC1D2F03A8B1E4875740D3D49336
SHA1: CEE178DA1FB05F99AF7A3547093122893BD1EB46
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 309248
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: 134A6BF76C7C7DB9B349F0BE2EC92528
SHA1: 25F032971FEAD32A7E3A2CCCB4FD2DE72BF45C5A
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll ---
Company: The OpenSSL Project, hxxp://www.openssl.org/
File Description: OpenSSL shared library
File Version: 1.0.0e
Product Name: The OpenSSL Toolkit
Copyright: Copyright © 1998-2006 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.
Original Filename: libeay32.dll
File size: 1479680
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: F97C5A0361729887362A85708B39D440
SHA1: C0629CF6791CA1C7DBF29CD6A49251791E2649F4
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 224256
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: 3E11E8BCC624D690EDF3DA210BE360D0
SHA1: 71F3565255049B04D7DC6B3FA13F233D4E0A4016
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll ---
Company: libusb.org
File Description: C library for writing portable USB drivers in userspace
File Version: 1.0.9
Product Name: libusb-1.0
Copyright: See individual source files, GNU LGPL v2.1 or later.
Original Filename: libusb-1.0.dll
File size: 104960
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: 30ECEA142EEF36FB158799D60E2099BF
SHA1: 0FFCBF0083FE7E37B2D8A75F0841D9C5676F0C67
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll ---
Company: Open Source Software community LGPL
File Description: GNU C x86 (mingw32)
File Version: 2, 9, 1, 0
Product Name: POSIX Threads for Windows LPGL
Copyright: Copyright (C) Project contributors 2012
Original Filename: pthreadGC2.DLL
File size: 45056
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: 1C5EE5206A752563ED3401FF66D8A552
SHA1: 35603DE0C28069186A88822E7D816705A521EFE8
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll ---
Company: The OpenSSL Project, hxxp://www.openssl.org/
File Description: OpenSSL shared library
File Version: 1.0.0e
Product Name: The OpenSSL Toolkit
Copyright: Copyright © 1998-2006 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.
Original Filename: ssleay32.dll
File size: 323584
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: DD565926C537A8084DDDE6B3C528C666
SHA1: 4B940C739BBE140A5ED6D9C3B0DEAF83814A466A
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 435712
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: CDBB2D86AC108D86DC9EE673BA18D424
SHA1: 9CEE2928374F54B72DB9E7F9F412F3966AAD3ADE
.
.
--- c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll ---
Company: 
File Description: zlib data compression library
File Version: 1.2.5
Product Name: zlib
Copyright: (C) 1995-2006 Jean-loup Gailly & Mark Adler
Original Filename: zlib1.dll
File size: 122368
Created time: 2013-05-21 20:24
Modified time: 2013-04-23 15:03
MD5: 75409CCF3029355AF336CFE9BDB74651
SHA1: 775ED1977537E02909F0A7E74B196E9AC39F2E1D
.
---- Directory of c:\users\ff0\AppData\Roaming\Microsoft\IE10 ----
.
2013-05-22 15:59 . 2013-05-22 15:59	232904	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\poclbm121016GeForce GTX 660gv1w256l4.bin
2013-05-21 20:24 . 2013-04-23 15:03	122368	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
2013-05-21 20:24 . 2013-04-23 15:03	45056	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
2013-05-21 20:24 . 2013-04-23 15:03	323584	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	87054	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dll
2013-05-21 20:24 . 2013-04-23 15:03	104960	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
2013-05-21 20:24 . 2013-04-23 15:03	224256	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
2013-05-21 20:24 . 2013-04-23 15:03	1479680	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
2013-05-21 20:24 . 2013-04-23 15:03	309248	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
2013-05-21 20:24 . 2013-04-23 15:03	30802	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\diakgcn121016.cl
2013-05-21 20:24 . 2013-04-23 15:03	13062	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\phatk121016.cl
2013-05-21 20:24 . 2013-04-23 15:03	42958	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\poclbm121016.cl
2013-05-21 20:24 . 2013-04-23 15:03	435712	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
2013-05-21 20:24 . 2013-05-29 11:51	1132104	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\archiv.2ev
2013-05-21 20:24 . 2013-05-29 11:51	587776	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe
2013-05-21 12:30 . 2013-05-21 12:30	3	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\IE10\err.txt
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AdobeBridge"="" [BU]
"VSA"="c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe" [2013-05-07 1751552]
"Clownfish"="" [BU]
"uTorrent"="c:\users\ff0\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-04 802136]
"DAEMON Tools Lite"="i:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-11 5119600]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files (x86)\Hama\Common\RaUI.exe [2013-4-12 1597440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys [2011-02-08 66160]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2013-05-10 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-05-11 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-05-27 36680]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2008-09-10 1286656]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\ff0\AppData\Local\Temp\tmp7000.tmp [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2_x64\RPMKickstart.exe" [2010-11-04 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - i:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - i:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\
FF - ExtSQL: 2013-05-20 14:19; torntv2@torntv.com; c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\extensions\torntv2@torntv.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{053E605B-B075-C3EF-2B7E-BB5425783284} - c:\progra~3\INSTAL~2\{99A4A~1\Setup.exe
AddRemove-{45775808-A88C-9CC7-B700-7D5690B949C0} - c:\progra~3\INSTAL~2\{72FA5~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\ff0\AppData\Local\Temp\tmp7000.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:f3,75,5a,2a,cc,39,8d,ab,14,16,02,01,25,ca,c0,10,86,b6,0f,0b,14,99,8d,
   8f,45,b6,9b,37,4a,79,97,0f,be,e5,43,fe,93,45,51,90,21,f4,b9,ad,a8,6a,6f,62,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,24,34,58,7f,0f,9d,5e,35,d6,05,59,40,23,6e,cd,77,99,ba,db,8e,
   d1,1d,02,3a,4d,fe,19,cf,bf,c7,f7,2f,73,3f,b5,ff,fb,db,46,27,a6,a2,49,16,15,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-29  14:04:03
ComboFix-quarantined-files.txt  2013-05-29 12:04
ComboFix2.txt  2013-05-28 17:02
ComboFix3.txt  2013-05-28 12:54
.
Vor Suchlauf: 18 Verzeichnis(se), 34.161.971.200 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 34.106.777.600 Bytes frei
.
- - End Of File - - 51AFD662EDD620564015F76F545A4188
         
 --- --- ---

cosinus · 29.05.2013, 13:31

Combofix-Skript

WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link

Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
Code:
ATTFilter
Folder::
c:\users\ff0\AppData\Roaming\Microsoft\IE10

File::
c:\users\ff0\AppData\Local\Temp\tmp7000.tmp
c:\windows\SysWOW64\Drivers\X6va012

Driver::
WinRing0_1_2_0
X6va012
         
Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Speichere dies als CFScript.txt auf deinem Desktop.

Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!

Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.

Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:

Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.

Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.
Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

Iceinsky69 · 29.05.2013, 15:01

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 13-05-29.01 - ff0 29.05.2013  15:52:44.4.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8173.6481 [GMT 2:00]
ausgeführt von:: c:\users\ff0\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\ff0\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\ff0\AppData\Local\Temp\tmp7000.tmp"
"c:\windows\SysWOW64\Drivers\X6va012"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ff0\AppData\Roaming\Microsoft\IE10
c:\users\ff0\AppData\Roaming\Microsoft\IE10\7z.exe
c:\users\ff0\AppData\Roaming\Microsoft\IE10\archiv.2ev
c:\users\ff0\AppData\Roaming\Microsoft\IE10\diakgcn121016.cl
c:\users\ff0\AppData\Roaming\Microsoft\IE10\err.txt
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libcurl-4.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libeay32.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libidn-11.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libpdcurses.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\libusb-1.0.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\phatk121016.cl
c:\users\ff0\AppData\Roaming\Microsoft\IE10\poclbm121016.cl
c:\users\ff0\AppData\Roaming\Microsoft\IE10\poclbm121016GeForce GTX 660gv1w256l4.bin
c:\users\ff0\AppData\Roaming\Microsoft\IE10\pthreadGC2.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\ssleay32.dll
c:\users\ff0\AppData\Roaming\Microsoft\IE10\svhost.exe
c:\users\ff0\AppData\Roaming\Microsoft\IE10\zlib1.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINRING0_1_2_0
-------\Legacy_X6VA012
-------\Service_WinRing0_1_2_0
-------\Service_X6va012
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-29  ))))))))))))))))))))))))))))))
.
.
2013-05-29 13:55 . 2013-05-29 13:55	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-05-29 13:55 . 2013-05-29 13:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-29 13:00 . 2013-05-29 13:00	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-05-28 14:26 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{11712E1A-A37E-43D6-87F9-4D52C598B81D}\mpengine.dll
2013-05-27 16:16 . 2013-05-27 16:16	36680	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-05-27 16:16 . 2013-05-27 16:16	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	c:\windows\ERUNT
2013-05-26 13:44 . 2013-05-26 13:44	--------	d-----w-	C:\JRT
2013-05-26 13:25 . 2013-05-26 13:25	--------	d-----w-	c:\users\ff0\AppData\Local\NVIDIA
2013-05-26 13:24 . 2013-05-26 13:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-05-26 13:22 . 2013-02-25 05:27	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-26 13:22 . 2013-02-25 05:27	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-25 14:08 . 2013-05-25 14:09	--------	d-----w-	c:\users\ff0\AppData\Roaming\Minecraft Version Changer
2013-05-25 09:08 . 2013-05-29 13:51	--------	d-----w-	c:\users\ff0\AppData\Roaming\.minecraft
2013-05-24 11:57 . 2013-05-24 11:57	55296	----a-r-	c:\users\ff0\AppData\Roaming\Microsoft\Installer\{D1FD3035-DD6F-4A17-BC30-784E97EFBC68}\IconD1FD3035.exe
2013-05-24 11:54 . 2013-05-24 11:54	--------	d-----w-	c:\programdata\OUTLAWS
2013-05-23 22:12 . 2013-05-23 22:12	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-23 22:06 . 2013-05-23 22:06	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-05-23 21:57 . 2013-05-23 21:57	--------	d-----w-	c:\program files (x86)\Terraria
2013-05-23 16:23 . 2004-07-15 22:20	733184	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2013-05-23 16:23 . 2004-07-15 22:20	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2013-05-23 16:23 . 2004-07-15 22:19	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2013-05-23 16:23 . 2004-07-15 22:18	172032	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2013-05-23 16:23 . 2004-07-15 22:18	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2013-05-23 16:23 . 2013-05-23 16:23	180356	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2013-05-23 16:23 . 2013-05-23 16:23	303236	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2013-05-20 12:19 . 2013-05-20 12:20	--------	d-----w-	c:\program files (x86)\TornTV.com
2013-05-20 09:18 . 2013-05-20 09:18	--------	d-----w-	c:\users\ff0\AppData\Roaming\Atari
2013-05-19 14:47 . 2013-05-19 14:47	--------	d-----w-	c:\program files (x86)\Halycon Media
2013-05-19 13:48 . 2013-05-19 13:48	--------	d-----w-	c:\users\ff0\AppData\Roaming\Leadertech
2013-05-19 12:03 . 2013-05-19 12:03	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-05-19 12:02 . 2013-05-19 12:02	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-18 08:46 . 2013-05-18 08:46	--------	d-----w-	c:\program files\CCleaner
2013-05-17 12:33 . 2013-05-17 12:35	--------	d-----w-	c:\users\ff0\AppData\Roaming\skyz
2013-05-16 11:59 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 19:43 . 2013-05-27 13:10	--------	d-----w-	c:\users\ff0\AppData\Roaming\FileZilla
2013-05-15 19:43 . 2013-05-15 19:43	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2013-05-15 12:11 . 2013-05-15 12:11	103736	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-05-15 12:11 . 2013-05-15 12:11	669184	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-05-15 12:11 . 2013-05-15 12:11	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-05-13 17:06 . 2013-05-16 15:38	--------	d-----w-	c:\programdata\Avira
2013-05-13 17:03 . 2013-05-13 17:03	--------	d-----w-	c:\program files (x86)\MSECache
2013-05-13 13:39 . 2013-05-13 13:39	--------	d-----w-	c:\programdata\Orbit
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\users\ff0\AppData\Local\Ubisoft Game Launcher
2013-05-13 13:38 . 2013-05-13 13:38	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\users\ff0\AppData\Roaming\WindSolutions
2013-05-12 15:08 . 2013-05-12 15:08	--------	d-----w-	c:\programdata\WindSolutions
2013-05-12 13:43 . 2013-05-12 13:43	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-05-12 08:53 . 2013-05-12 17:27	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-05-12 08:51 . 2013-05-12 08:51	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2013-05-11 08:36 . 2013-05-11 08:36	--------	d-----w-	c:\users\ff0\AppData\Roaming\Dream Aquarium
2013-05-10 20:16 . 2013-05-10 20:16	--------	d-----w-	c:\users\ff0\AppData\Roaming\Publish Providers
2013-05-10 19:57 . 2013-05-12 09:22	--------	d-----w-	c:\users\ff0\AppData\Local\Sony
2013-05-10 19:56 . 2013-05-10 20:20	--------	d-----w-	c:\users\ff0\AppData\Roaming\Sony
2013-05-10 19:06 . 2013-05-10 19:14	--------	d-----w-	c:\users\ff0\AppData\Roaming\Teeworlds
2013-05-10 13:08 . 2013-05-10 13:08	--------	d-----w-	c:\program files (x86)\Clownfish
2013-05-10 11:33 . 2013-05-10 11:35	--------	d-----w-	c:\users\ff0\AppData\Local\mcpatcher
2013-05-09 17:32 . 2013-05-09 19:02	--------	d-----w-	c:\users\ff0\.aria2
2013-05-09 17:02 . 2013-05-07 17:26	1751552	----a-w-	c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe
2013-05-09 17:02 . 2013-05-09 17:02	--------	d-----w-	c:\users\ff0\AppData\Roaming\EvolutionClips
2013-05-09 16:18 . 2013-05-09 16:18	--------	d-----w-	c:\programdata\StarApp
2013-05-09 12:45 . 2013-05-29 13:00	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-05-09 12:44 . 2013-05-29 13:00	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-05-09 12:44 . 2013-05-09 12:44	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-06 15:52 . 2013-05-06 15:52	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-06 12:45	--------	d-----w-	c:\users\ff0\AppData\Local\Microsoft Help
2013-05-06 12:38 . 2013-05-12 09:32	--------	d-----w-	c:\programdata\Microsoft Help
2013-05-05 04:54 . 2013-05-05 04:54	--------	d-sh--w-	c:\programdata\SecuROM
2013-05-05 04:52 . 2013-05-05 04:54	--------	d-----w-	c:\users\ff0\AppData\Local\Rockstar Games
2013-05-05 04:48 . 2013-05-05 04:48	--------	d--h--r-	c:\users\ff0\AppData\Roaming\SecuROM
2013-05-04 10:32 . 2013-05-04 10:32	--------	d-----w-	C:\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\AMD
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Roaming\ATI
2013-05-04 08:12 . 2013-05-04 08:12	--------	d-----w-	c:\users\ff0\AppData\Local\ATI
2013-05-04 08:12 . 2013-05-04 10:35	--------	d-----w-	c:\programdata\AMD
2013-05-03 04:43 . 2013-05-03 04:43	--------	d-----w-	c:\users\ff0\AppData\Local\Programs
2013-04-30 21:41 . 2013-04-30 21:41	--------	d-----w-	c:\windows\system32\wbem\Framework
2013-04-30 04:41 . 2013-05-12 09:26	--------	d-----w-	c:\users\ff0\AppData\Local\GameSpy
2013-04-30 04:41 . 2013-05-01 09:05	--------	d-----w-	c:\users\ff0\AppData\Local\ApplicationHistory
2013-04-30 03:53 . 2013-04-30 03:53	--------	d-----w-	c:\program files (x86)\Electronic Arts
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-29 13:56 . 2013-04-12 19:21	25640	----a-w-	c:\windows\gdrv.sys
2013-05-19 13:17 . 2013-04-12 16:57	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-19 13:17 . 2013-04-12 16:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 11:59 . 2013-04-14 08:54	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-12 21:42 . 2013-04-13 16:16	27775776	----a-w-	c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-04-12 15:49	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-04-12 15:49	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-12 15:49	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-12 15:49	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-12 21:42 . 2013-04-12 15:49	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-05-12 21:42 . 2013-02-25 22:32	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-25 22:32	15143904	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-05-12 20:34 . 2013-04-12 15:49	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-04-12 15:49	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-04-12 15:49	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-04-12 15:49	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-04-12 15:49	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-04-12 15:49	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-11 06:59 . 2013-04-12 16:36	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-05-10 20:36 . 2013-04-12 16:39	25640	----a-w-	c:\windows\etdrv.sys
2013-05-08 14:13 . 2013-04-12 15:49	3165737	----a-w-	c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-27 14:09 . 2013-04-27 14:09	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-24 15:01 . 2013-04-24 15:01	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-04-24 15:01 . 2013-04-24 15:01	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2013-04-22 17:03 . 2013-04-22 17:03	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-04-13 21:47 . 2013-04-13 21:47	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-04-13 19:18 . 2013-04-12 16:20	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 19:18 . 2013-04-12 16:20	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:07	310688	----a-w-	c:\windows\system32\javaws.exe
2013-04-13 19:07 . 2013-04-13 19:07	188832	----a-w-	c:\windows\system32\javaw.exe
2013-04-13 19:07 . 2013-04-13 19:07	188320	----a-w-	c:\windows\system32\java.exe
2013-04-13 19:07 . 2013-04-13 19:07	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-13 19:07 . 2013-04-13 19:05	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-13 19:07 . 2013-04-13 19:05	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-16 11:59	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 11:59	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 11:59	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 11:59	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 11:59	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 16:06 . 2013-04-12 16:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-12 16:06 . 2013-04-12 16:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-12 16:06 . 2013-04-12 16:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-12 16:06 . 2013-04-12 16:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-12 16:06 . 2013-04-12 16:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-12 16:06 . 2013-04-12 16:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-12 16:06 . 2013-04-12 16:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-12 16:06 . 2013-04-12 16:06	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-12 16:06 . 2013-04-12 16:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-12 16:06 . 2013-04-12 16:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-12 16:06 . 2013-04-12 16:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-12 16:06 . 2013-04-12 16:06	441856	----a-w-	c:\windows\system32\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-12 16:06 . 2013-04-12 16:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-12 16:06 . 2013-04-12 16:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-12 16:06 . 2013-04-12 16:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-12 16:06 . 2013-04-12 16:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-12 16:06 . 2013-04-12 16:06	235008	----a-w-	c:\windows\system32\url.dll
2013-04-12 16:06 . 2013-04-12 16:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-12 16:06 . 2013-04-12 16:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-12 16:06 . 2013-04-12 16:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-12 16:06 . 2013-04-12 16:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-12 16:06 . 2013-04-12 16:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-12 16:06 . 2013-04-12 16:06	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-12 16:06 . 2013-04-12 16:06	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-12 16:06 . 2013-04-12 16:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-12 16:06 . 2013-04-12 16:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-12 16:06 . 2013-04-12 16:06	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-12 16:06 . 2013-04-12 16:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-12 16:06 . 2013-04-12 16:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-12 16:06 . 2013-04-12 16:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-12 16:06 . 2013-04-12 16:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-12 16:06 . 2013-04-12 16:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-12 16:06 . 2013-04-12 16:06	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-12 16:04 . 2013-04-12 16:04	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-12 16:04 . 2013-04-12 16:04	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AdobeBridge"="" [BU]
"VSA"="c:\users\ff0\AppData\Roaming\Microsoft\VSA\9.0\VSA.exe" [2013-05-07 1751552]
"Clownfish"="" [BU]
"uTorrent"="c:\users\ff0\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-04 802136]
"DAEMON Tools Lite"="i:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-11 5119600]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files (x86)\Hama\Common\RaUI.exe [2013-4-12 1597440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys [2011-02-08 66160]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2013-05-10 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-05-11 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-05-27 36680]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2008-09-10 1286656]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2_x64\RPMKickstart.exe" [2010-11-04 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - i:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - i:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\
FF - ExtSQL: 2013-05-20 14:19; torntv2@torntv.com; c:\users\ff0\AppData\Roaming\Mozilla\Firefox\Profiles\pht6t3i2.default\extensions\torntv2@torntv.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{053E605B-B075-C3EF-2B7E-BB5425783284} - c:\progra~3\INSTAL~2\{99A4A~1\Setup.exe
AddRemove-{45775808-A88C-9CC7-B700-7D5690B949C0} - c:\progra~3\INSTAL~2\{72FA5~1\Setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:f3,75,5a,2a,cc,39,8d,ab,14,16,02,01,25,ca,c0,10,86,b6,0f,0b,14,99,8d,
   8f,45,b6,9b,37,4a,79,97,0f,be,e5,43,fe,93,45,51,90,21,f4,b9,ad,a8,6a,6f,62,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1574366264-1366440450-3420834865-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,24,34,58,7f,0f,9d,5e,35,d6,05,59,40,23,6e,cd,77,99,ba,db,8e,
   d1,1d,02,3a,4d,fe,19,cf,bf,c7,f7,2f,73,3f,b5,ff,fb,db,46,27,a6,a2,49,16,15,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Hama\Common\RalinkRegistryWriter.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-29  15:57:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-05-29 13:57
ComboFix2.txt  2013-05-28 17:02
ComboFix3.txt  2013-05-28 12:54
.
Vor Suchlauf: 17 Verzeichnis(se), 34.295.283.712 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 33.792.606.208 Bytes frei
.
- - End Of File - - 1333ABFE3CCD4C07DDB14F29B972667E
         
 --- --- ---

cosinus · 29.05.2013, 15:29

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten

MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Iceinsky69 · 29.05.2013, 16:47

1. Malwarebytes hat nix gefunden und damit anscheinend keine Datei ausgespuckt.
2.Eig kommen keine Fehler mehr (las zwischenstand) also svhost ist weg , der prozessor läuft wieder generel ruhiger und die Grafikprobleme sind Behoben .

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-29 17:38:26
-----------------------------
17:38:26.960    OS Version: Windows x64 6.1.7601 Service Pack 1
17:38:26.960    Number of processors: 4 586 0x200
17:38:26.961    ComputerName: FLORIAN-PC  UserName: ff0
17:38:27.276    Initialize success
17:41:59.523    AVAST engine defs: 13052900
17:42:32.107    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:42:32.108    Disk 0 Vendor: KINGSTON_SH103S3120G 506ABBF0 Size: 114473MB BusType: 11
17:42:32.110    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-5
17:42:32.112    Disk 1 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 11
17:42:32.118    Disk 0 MBR read successfully
17:42:32.121    Disk 0 MBR scan
17:42:32.123    Disk 0 Windows 7 default MBR code
17:42:32.126    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
17:42:32.130    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       114371 MB offset 206848
17:42:32.137    Disk 0 scanning C:\Windows\system32\drivers
17:42:34.356    Service scanning
17:42:40.515    Modules scanning
17:42:40.520    Disk 0 trace - called modules:
17:42:40.526    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
17:42:40.530    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800720f060]
17:42:40.533    3 CLASSPNP.SYS[fffff880019b643f] -> nt!IofCallDriver -> [0xfffffa8006ad3380]
17:42:40.537    5 ACPI.sys[fffff88000f6c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8007011680]
17:42:40.828    AVAST engine scan C:\Windows
17:42:41.422    AVAST engine scan C:\Windows\system32
17:43:41.848    AVAST engine scan C:\Windows\system32\drivers
17:43:45.038    AVAST engine scan C:\Users\ff0
17:44:00.372    AVAST engine scan C:\ProgramData
17:44:08.007    Scan finished successfully
17:44:14.590    Disk 0 MBR has been saved successfully to "C:\Users\ff0\Desktop\MBR.dat"
17:44:14.594    The log file has been saved successfully to "C:\Users\ff0\Desktop\aswMBR.txt"

Code:

ATTFilter

 

17:44:37.0752 2600  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:44:38.0089 2600  ============================================================
17:44:38.0089 2600  Current date / time: 2013/05/29 17:44:38.0089
17:44:38.0089 2600  SystemInfo:
17:44:38.0089 2600  
17:44:38.0089 2600  OS Version: 6.1.7601 ServicePack: 1.0
17:44:38.0089 2600  Product type: Workstation
17:44:38.0089 2600  ComputerName: FLORIAN-PC
17:44:38.0089 2600  UserName: ff0
17:44:38.0089 2600  Windows directory: C:\Windows
17:44:38.0089 2600  System windows directory: C:\Windows
17:44:38.0089 2600  Running under WOW64
17:44:38.0089 2600  Processor architecture: Intel x64
17:44:38.0089 2600  Number of processors: 4
17:44:38.0089 2600  Page size: 0x1000
17:44:38.0089 2600  Boot type: Normal boot
17:44:38.0089 2600  ============================================================
17:44:38.0258 2600  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:44:38.0258 2600  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:44:38.0273 2600  Drive \Device\Harddisk6\DR10 - Size: 0x3B6000000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x791, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:44:38.0276 2600  ============================================================
17:44:38.0276 2600  \Device\Harddisk0\DR0:
17:44:38.0276 2600  MBR partitions:
17:44:38.0276 2600  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:44:38.0276 2600  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
17:44:38.0276 2600  \Device\Harddisk1\DR1:
17:44:38.0276 2600  MBR partitions:
17:44:38.0276 2600  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
17:44:38.0276 2600  \Device\Harddisk6\DR10:
17:44:38.0276 2600  MBR partitions:
17:44:38.0276 2600  \Device\Harddisk6\DR10\Partition1: MBR, Type 0xC, StartLBA 0x30, BlocksNum 0x1DAFFD0
17:44:38.0276 2600  ============================================================
17:44:38.0277 2600  C: <-> \Device\Harddisk0\DR0\Partition2
17:44:38.0317 2600  I: <-> \Device\Harddisk1\DR1\Partition1
17:44:38.0317 2600  ============================================================
17:44:38.0317 2600  Initialize success
17:44:38.0317 2600  ============================================================
17:44:56.0240 5592  ============================================================
17:44:56.0240 5592  Scan started
17:44:56.0240 5592  Mode: Manual; 
17:44:56.0240 5592  ============================================================
17:44:56.0581 5592  ================ Scan system memory ========================
17:44:56.0581 5592  System memory - ok
17:44:56.0581 5592  ================ Scan services =============================
17:44:56.0610 5592  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:44:56.0611 5592  1394ohci - ok
17:44:56.0616 5592  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:44:56.0618 5592  ACPI - ok
17:44:56.0621 5592  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:44:56.0621 5592  AcpiPmi - ok
17:44:56.0627 5592  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:44:56.0630 5592  adp94xx - ok
17:44:56.0635 5592  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:44:56.0636 5592  adpahci - ok
17:44:56.0640 5592  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:44:56.0641 5592  adpu320 - ok
17:44:56.0646 5592  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:44:56.0646 5592  AeLookupSvc - ok
17:44:56.0652 5592  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:44:56.0655 5592  AFD - ok
17:44:56.0657 5592  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:44:56.0658 5592  agp440 - ok
17:44:56.0661 5592  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:44:56.0662 5592  ALG - ok
17:44:56.0665 5592  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:44:56.0665 5592  aliide - ok
17:44:56.0667 5592  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:44:56.0667 5592  amdide - ok
17:44:56.0671 5592  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:44:56.0671 5592  AmdK8 - ok
17:44:56.0673 5592  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:44:56.0673 5592  AmdPPM - ok
17:44:56.0677 5592  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
17:44:56.0677 5592  amdsata - ok
17:44:56.0682 5592  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:44:56.0683 5592  amdsbs - ok
17:44:56.0686 5592  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:44:56.0687 5592  amdxata - ok
17:44:56.0690 5592  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:44:56.0690 5592  AppID - ok
17:44:56.0692 5592  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:44:56.0693 5592  AppIDSvc - ok
17:44:56.0696 5592  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:44:56.0697 5592  Appinfo - ok
17:44:56.0702 5592  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:56.0702 5592  Apple Mobile Device - ok
17:44:56.0706 5592  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:44:56.0707 5592  AppMgmt - ok
17:44:56.0711 5592  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
17:44:56.0711 5592  arc - ok
17:44:56.0715 5592  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:44:56.0715 5592  arcsas - ok
17:44:56.0725 5592  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:44:56.0725 5592  aspnet_state - ok
17:44:56.0729 5592  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:56.0729 5592  AsyncMac - ok
17:44:56.0731 5592  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:44:56.0731 5592  atapi - ok
17:44:56.0739 5592  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:56.0742 5592  AudioEndpointBuilder - ok
17:44:56.0749 5592  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:44:56.0752 5592  AudioSrv - ok
17:44:56.0756 5592  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:44:56.0756 5592  AxInstSV - ok
17:44:56.0762 5592  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:44:56.0765 5592  b06bdrv - ok
17:44:56.0770 5592  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:44:56.0771 5592  b57nd60a - ok
17:44:56.0775 5592  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:44:56.0776 5592  BDESVC - ok
17:44:56.0779 5592  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:44:56.0779 5592  Beep - ok
17:44:56.0786 5592  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:44:56.0790 5592  BFE - ok
17:44:56.0800 5592  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
17:44:56.0804 5592  BITS - ok
17:44:56.0807 5592  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:56.0807 5592  blbdrive - ok
17:44:56.0814 5592  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:44:56.0816 5592  Bonjour Service - ok
17:44:56.0819 5592  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:44:56.0820 5592  bowser - ok
17:44:56.0822 5592  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:44:56.0822 5592  BrFiltLo - ok
17:44:56.0825 5592  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:44:56.0825 5592  BrFiltUp - ok
17:44:56.0829 5592  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:44:56.0829 5592  BridgeMP - ok
17:44:56.0832 5592  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:44:56.0834 5592  Browser - ok
17:44:56.0837 5592  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:44:56.0839 5592  Brserid - ok
17:44:56.0842 5592  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:44:56.0842 5592  BrSerWdm - ok
17:44:56.0845 5592  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:44:56.0845 5592  BrUsbMdm - ok
17:44:56.0847 5592  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:44:56.0849 5592  BrUsbSer - ok
17:44:56.0852 5592  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:44:56.0854 5592  BTHMODEM - ok
17:44:56.0857 5592  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:44:56.0857 5592  bthserv - ok
17:44:56.0860 5592  catchme - ok
17:44:56.0864 5592  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:44:56.0864 5592  cdfs - ok
17:44:56.0867 5592  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:44:56.0869 5592  cdrom - ok
17:44:56.0871 5592  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:44:56.0872 5592  CertPropSvc - ok
17:44:56.0875 5592  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:44:56.0875 5592  circlass - ok
17:44:56.0880 5592  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:44:56.0882 5592  CLFS - ok
17:44:56.0886 5592  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:56.0887 5592  clr_optimization_v2.0.50727_32 - ok
17:44:56.0891 5592  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:56.0892 5592  clr_optimization_v2.0.50727_64 - ok
17:44:56.0899 5592  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:56.0899 5592  clr_optimization_v4.0.30319_32 - ok
17:44:56.0902 5592  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:56.0904 5592  clr_optimization_v4.0.30319_64 - ok
17:44:56.0906 5592  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:44:56.0906 5592  CmBatt - ok
17:44:56.0909 5592  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:44:56.0910 5592  cmdide - ok
17:44:56.0916 5592  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:44:56.0917 5592  CNG - ok
17:44:56.0921 5592  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:44:56.0921 5592  Compbatt - ok
17:44:56.0924 5592  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:44:56.0924 5592  CompositeBus - ok
17:44:56.0926 5592  COMSysApp - ok
17:44:56.0930 5592  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:44:56.0930 5592  crcdisk - ok
17:44:56.0935 5592  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:44:56.0936 5592  CryptSvc - ok
17:44:56.0942 5592  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
17:44:56.0945 5592  CSC - ok
17:44:56.0952 5592  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
17:44:56.0956 5592  CscService - ok
17:44:56.0964 5592  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:44:56.0966 5592  DcomLaunch - ok
17:44:56.0971 5592  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:44:56.0974 5592  defragsvc - ok
17:44:56.0976 5592  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:44:56.0977 5592  DfsC - ok
17:44:56.0982 5592  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:44:56.0984 5592  Dhcp - ok
17:44:56.0987 5592  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:44:56.0987 5592  discache - ok
17:44:56.0991 5592  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:44:56.0991 5592  Disk - ok
17:44:56.0995 5592  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:44:56.0995 5592  dmvsc - ok
17:44:57.0000 5592  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:44:57.0000 5592  Dnscache - ok
17:44:57.0005 5592  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:44:57.0006 5592  dot3svc - ok
17:44:57.0010 5592  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:44:57.0011 5592  DPS - ok
17:44:57.0014 5592  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:44:57.0015 5592  drmkaud - ok
17:44:57.0019 5592  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:44:57.0020 5592  dtsoftbus01 - ok
17:44:57.0030 5592  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:44:57.0035 5592  DXGKrnl - ok
17:44:57.0039 5592  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:44:57.0040 5592  EapHost - ok
17:44:57.0067 5592  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:44:57.0082 5592  ebdrv - ok
17:44:57.0086 5592  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:44:57.0087 5592  EFS - ok
17:44:57.0096 5592  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:44:57.0099 5592  ehRecvr - ok
17:44:57.0102 5592  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:44:57.0102 5592  ehSched - ok
17:44:57.0109 5592  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:44:57.0111 5592  elxstor - ok
17:44:57.0114 5592  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:44:57.0115 5592  ErrDev - ok
17:44:57.0117 5592  [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
17:44:57.0117 5592  ES lite Service - ok
17:44:57.0121 5592  [ 84486624268E078255BC7AA47F0960BC ] etdrv           C:\Windows\etdrv.sys
17:44:57.0121 5592  etdrv - ok
17:44:57.0125 5592  [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
17:44:57.0125 5592  EtronHub3 - ok
17:44:57.0127 5592  [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
17:44:57.0129 5592  EtronXHCI - ok
17:44:57.0135 5592  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:44:57.0137 5592  EventSystem - ok
17:44:57.0142 5592  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:44:57.0142 5592  exfat - ok
17:44:57.0147 5592  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:44:57.0149 5592  fastfat - ok
17:44:57.0156 5592  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:44:57.0160 5592  Fax - ok
17:44:57.0162 5592  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
17:44:57.0162 5592  fdc - ok
17:44:57.0166 5592  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:44:57.0166 5592  fdPHost - ok
17:44:57.0169 5592  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:44:57.0170 5592  FDResPub - ok
17:44:57.0172 5592  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:44:57.0172 5592  FileInfo - ok
17:44:57.0175 5592  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:44:57.0176 5592  Filetrace - ok
17:44:57.0179 5592  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:44:57.0179 5592  flpydisk - ok
17:44:57.0184 5592  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:44:57.0185 5592  FltMgr - ok
17:44:57.0196 5592  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:44:57.0202 5592  FontCache - ok
17:44:57.0205 5592  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:57.0205 5592  FontCache3.0.0.0 - ok
17:44:57.0209 5592  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:44:57.0209 5592  FsDepends - ok
17:44:57.0211 5592  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:44:57.0211 5592  Fs_Rec - ok
17:44:57.0216 5592  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:44:57.0217 5592  fvevol - ok
17:44:57.0220 5592  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:44:57.0220 5592  gagp30kx - ok
17:44:57.0222 5592  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
17:44:57.0222 5592  gdrv - ok
17:44:57.0226 5592  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:44:57.0226 5592  GEARAspiWDM - ok
17:44:57.0235 5592  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:44:57.0239 5592  gpsvc - ok
17:44:57.0242 5592  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:57.0242 5592  gupdate - ok
17:44:57.0245 5592  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:57.0246 5592  gupdatem - ok
17:44:57.0249 5592  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
17:44:57.0249 5592  GVTDrv64 - ok
17:44:57.0252 5592  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
17:44:57.0252 5592  hamachi - ok
17:44:57.0274 5592  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:44:57.0285 5592  Hamachi2Svc - ok
17:44:57.0290 5592  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:44:57.0290 5592  hcw85cir - ok
17:44:57.0296 5592  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:44:57.0297 5592  HdAudAddService - ok
17:44:57.0301 5592  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:57.0301 5592  HDAudBus - ok
17:44:57.0304 5592  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:44:57.0305 5592  HidBatt - ok
17:44:57.0307 5592  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:44:57.0309 5592  HidBth - ok
17:44:57.0311 5592  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:44:57.0311 5592  HidIr - ok
17:44:57.0315 5592  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
17:44:57.0315 5592  hidserv - ok
17:44:57.0317 5592  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:44:57.0319 5592  HidUsb - ok
17:44:57.0321 5592  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:44:57.0322 5592  hkmsvc - ok
17:44:57.0326 5592  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:44:57.0327 5592  HomeGroupListener - ok
17:44:57.0332 5592  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:44:57.0334 5592  HomeGroupProvider - ok
17:44:57.0337 5592  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:44:57.0337 5592  HpSAMD - ok
17:44:57.0345 5592  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:44:57.0349 5592  HTTP - ok
17:44:57.0351 5592  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:44:57.0351 5592  hwpolicy - ok
17:44:57.0355 5592  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:44:57.0355 5592  i8042prt - ok
17:44:57.0361 5592  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:44:57.0362 5592  iaStorV - ok
17:44:57.0366 5592  [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:44:57.0367 5592  ICCS - ok
17:44:57.0370 5592  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:44:57.0371 5592  IDriverT - ok
17:44:57.0380 5592  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:57.0384 5592  idsvc - ok
17:44:57.0386 5592  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:44:57.0387 5592  iirsp - ok
17:44:57.0396 5592  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:44:57.0400 5592  IKEEXT - ok
17:44:57.0405 5592  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:44:57.0405 5592  intelide - ok
17:44:57.0407 5592  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:44:57.0407 5592  intelppm - ok
17:44:57.0411 5592  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:44:57.0412 5592  IPBusEnum - ok
17:44:57.0415 5592  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:57.0416 5592  IpFilterDriver - ok
17:44:57.0422 5592  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:44:57.0425 5592  iphlpsvc - ok
17:44:57.0429 5592  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:44:57.0429 5592  IPMIDRV - ok
17:44:57.0432 5592  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:44:57.0432 5592  IPNAT - ok
17:44:57.0440 5592  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:44:57.0442 5592  iPod Service - ok
17:44:57.0446 5592  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:44:57.0446 5592  IRENUM - ok
17:44:57.0449 5592  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:44:57.0449 5592  isapnp - ok
17:44:57.0454 5592  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:44:57.0455 5592  iScsiPrt - ok
17:44:57.0457 5592  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:57.0457 5592  kbdclass - ok
17:44:57.0460 5592  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:44:57.0461 5592  kbdhid - ok
17:44:57.0464 5592  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:44:57.0464 5592  KeyIso - ok
17:44:57.0467 5592  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:44:57.0467 5592  KSecDD - ok
17:44:57.0471 5592  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:44:57.0472 5592  KSecPkg - ok
17:44:57.0476 5592  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:44:57.0477 5592  ksthunk - ok
17:44:57.0482 5592  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:44:57.0485 5592  KtmRm - ok
17:44:57.0489 5592  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:44:57.0491 5592  LanmanServer - ok
17:44:57.0495 5592  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:44:57.0496 5592  LanmanWorkstation - ok
17:44:57.0500 5592  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:44:57.0500 5592  lltdio - ok
17:44:57.0505 5592  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:44:57.0507 5592  lltdsvc - ok
17:44:57.0510 5592  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:44:57.0510 5592  lmhosts - ok
17:44:57.0515 5592  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:44:57.0515 5592  LSI_FC - ok
17:44:57.0519 5592  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:44:57.0519 5592  LSI_SAS - ok
17:44:57.0521 5592  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:44:57.0522 5592  LSI_SAS2 - ok
17:44:57.0525 5592  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:44:57.0526 5592  LSI_SCSI - ok
17:44:57.0529 5592  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:44:57.0530 5592  luafv - ok
17:44:57.0532 5592  mbamswissarmy - ok
17:44:57.0536 5592  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:44:57.0537 5592  Mcx2Svc - ok
17:44:57.0540 5592  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:44:57.0540 5592  megasas - ok
17:44:57.0545 5592  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:44:57.0546 5592  MegaSR - ok
17:44:57.0550 5592  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:44:57.0551 5592  MMCSS - ok
17:44:57.0554 5592  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:44:57.0554 5592  Modem - ok
17:44:57.0556 5592  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:44:57.0556 5592  monitor - ok
17:44:57.0559 5592  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:44:57.0560 5592  mouclass - ok
17:44:57.0562 5592  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:44:57.0562 5592  mouhid - ok
17:44:57.0565 5592  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:44:57.0566 5592  mountmgr - ok
17:44:57.0570 5592  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:44:57.0570 5592  mpio - ok
17:44:57.0574 5592  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:44:57.0574 5592  mpsdrv - ok
17:44:57.0582 5592  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:44:57.0587 5592  MpsSvc - ok
17:44:57.0590 5592  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:44:57.0591 5592  MRxDAV - ok
17:44:57.0595 5592  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:57.0596 5592  mrxsmb - ok
17:44:57.0601 5592  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:57.0602 5592  mrxsmb10 - ok
17:44:57.0605 5592  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:57.0606 5592  mrxsmb20 - ok
17:44:57.0609 5592  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:44:57.0609 5592  msahci - ok
17:44:57.0612 5592  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:44:57.0614 5592  msdsm - ok
17:44:57.0617 5592  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:44:57.0619 5592  MSDTC - ok
17:44:57.0622 5592  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:44:57.0624 5592  Msfs - ok
17:44:57.0626 5592  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:44:57.0626 5592  mshidkmdf - ok
17:44:57.0629 5592  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:44:57.0629 5592  msisadrv - ok
17:44:57.0632 5592  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:44:57.0634 5592  MSiSCSI - ok
17:44:57.0636 5592  msiserver - ok
17:44:57.0639 5592  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:44:57.0639 5592  MSKSSRV - ok
17:44:57.0641 5592  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:57.0641 5592  MSPCLOCK - ok
17:44:57.0644 5592  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:44:57.0644 5592  MSPQM - ok
17:44:57.0650 5592  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:44:57.0651 5592  MsRPC - ok
17:44:57.0655 5592  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:44:57.0656 5592  mssmbios - ok
17:44:57.0657 5592  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:44:57.0659 5592  MSTEE - ok
17:44:57.0660 5592  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:44:57.0661 5592  MTConfig - ok
17:44:57.0665 5592  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:44:57.0665 5592  Mup - ok
17:44:57.0671 5592  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:44:57.0674 5592  napagent - ok
17:44:57.0680 5592  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:44:57.0681 5592  NativeWifiP - ok
17:44:57.0691 5592  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:44:57.0695 5592  NDIS - ok
17:44:57.0699 5592  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:57.0699 5592  NdisCap - ok
17:44:57.0701 5592  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:57.0701 5592  NdisTapi - ok
17:44:57.0704 5592  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:57.0705 5592  Ndisuio - ok
17:44:57.0709 5592  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:57.0709 5592  NdisWan - ok
17:44:57.0712 5592  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:44:57.0712 5592  NDProxy - ok
17:44:57.0715 5592  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:44:57.0715 5592  NetBIOS - ok
17:44:57.0720 5592  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:44:57.0721 5592  NetBT - ok
17:44:57.0724 5592  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:44:57.0725 5592  Netlogon - ok
17:44:57.0730 5592  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:44:57.0732 5592  Netman - ok
17:44:57.0735 5592  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:57.0736 5592  NetMsmqActivator - ok
17:44:57.0739 5592  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:57.0740 5592  NetPipeActivator - ok
17:44:57.0746 5592  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:44:57.0749 5592  netprofm - ok
17:44:57.0759 5592  [ 618C55B392238B9467F9113E13525C49 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
17:44:57.0762 5592  netr28ux - ok
17:44:57.0765 5592  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:57.0766 5592  NetTcpActivator - ok
17:44:57.0769 5592  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:57.0769 5592  NetTcpPortSharing - ok
17:44:57.0772 5592  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:44:57.0772 5592  nfrd960 - ok
17:44:57.0777 5592  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:44:57.0780 5592  NlaSvc - ok
17:44:57.0782 5592  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:44:57.0782 5592  Npfs - ok
17:44:57.0785 5592  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:44:57.0786 5592  nsi - ok
17:44:57.0789 5592  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:44:57.0789 5592  nsiproxy - ok
17:44:57.0805 5592  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:44:57.0814 5592  Ntfs - ok
17:44:57.0816 5592  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:44:57.0816 5592  Null - ok
17:44:57.0820 5592  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
17:44:57.0820 5592  nusb3hub - ok
17:44:57.0824 5592  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
17:44:57.0825 5592  nusb3xhc - ok
17:44:57.0829 5592  [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:44:57.0830 5592  NVHDA - ok
17:44:57.0919 5592  [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:57.0970 5592  nvlddmkm - ok
17:44:57.0979 5592  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:44:57.0980 5592  nvraid - ok
17:44:57.0984 5592  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:44:57.0985 5592  nvstor - ok
17:44:57.0995 5592  [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:44:58.0000 5592  nvsvc - ok
17:44:58.0016 5592  [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:44:58.0025 5592  nvUpdatusService - ok
17:44:58.0029 5592  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:44:58.0030 5592  nv_agp - ok
17:44:58.0032 5592  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:44:58.0032 5592  ohci1394 - ok
17:44:58.0039 5592  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:44:58.0040 5592  p2pimsvc - ok
17:44:58.0046 5592  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:44:58.0050 5592  p2psvc - ok
17:44:58.0052 5592  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
17:44:58.0054 5592  Parport - ok
17:44:58.0056 5592  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:44:58.0056 5592  partmgr - ok
17:44:58.0060 5592  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:44:58.0062 5592  PcaSvc - ok
17:44:58.0066 5592  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:44:58.0066 5592  pci - ok
17:44:58.0069 5592  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:44:58.0070 5592  pciide - ok
17:44:58.0074 5592  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:44:58.0075 5592  pcmcia - ok
17:44:58.0077 5592  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:44:58.0079 5592  pcw - ok
17:44:58.0085 5592  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:44:58.0087 5592  PEAUTH - ok
17:44:58.0101 5592  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:44:58.0107 5592  PeerDistSvc - ok
17:44:58.0126 5592  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:44:58.0127 5592  PerfHost - ok
17:44:58.0144 5592  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:44:58.0151 5592  pla - ok
17:44:58.0157 5592  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:44:58.0160 5592  PlugPlay - ok
17:44:58.0164 5592  PnkBstrA - ok
17:44:58.0166 5592  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:44:58.0167 5592  PNRPAutoReg - ok
17:44:58.0172 5592  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:44:58.0175 5592  PNRPsvc - ok
17:44:58.0181 5592  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:44:58.0185 5592  PolicyAgent - ok
17:44:58.0190 5592  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:44:58.0191 5592  Power - ok
17:44:58.0195 5592  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:44:58.0195 5592  PptpMiniport - ok
17:44:58.0199 5592  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
17:44:58.0199 5592  Processor - ok
17:44:58.0202 5592  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:44:58.0205 5592  ProfSvc - ok
17:44:58.0207 5592  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:44:58.0209 5592  ProtectedStorage - ok
17:44:58.0211 5592  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:44:58.0212 5592  Psched - ok
17:44:58.0226 5592  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:44:58.0234 5592  ql2300 - ok
17:44:58.0237 5592  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:44:58.0237 5592  ql40xx - ok
17:44:58.0242 5592  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:44:58.0245 5592  QWAVE - ok
17:44:58.0247 5592  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:44:58.0247 5592  QWAVEdrv - ok
17:44:58.0251 5592  [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RalinkRegistryWriter.exe
17:44:58.0251 5592  RalinkRegistryWriter - ok
17:44:58.0254 5592  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:44:58.0254 5592  RasAcd - ok
17:44:58.0257 5592  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:58.0257 5592  RasAgileVpn - ok
17:44:58.0261 5592  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:44:58.0262 5592  RasAuto - ok
17:44:58.0265 5592  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:58.0266 5592  Rasl2tp - ok
17:44:58.0271 5592  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:44:58.0274 5592  RasMan - ok
17:44:58.0276 5592  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:58.0277 5592  RasPppoe - ok
17:44:58.0280 5592  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:44:58.0280 5592  RasSstp - ok
17:44:58.0285 5592  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:44:58.0286 5592  rdbss - ok
17:44:58.0290 5592  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:58.0290 5592  rdpbus - ok
17:44:58.0292 5592  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:58.0292 5592  RDPCDD - ok
17:44:58.0297 5592  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:44:58.0299 5592  RDPDR - ok
17:44:58.0301 5592  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:44:58.0301 5592  RDPENCDD - ok
17:44:58.0305 5592  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:44:58.0305 5592  RDPREFMP - ok
17:44:58.0309 5592  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:44:58.0310 5592  RdpVideoMiniport - ok
17:44:58.0314 5592  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:44:58.0315 5592  RDPWD - ok
17:44:58.0319 5592  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:44:58.0320 5592  rdyboost - ok
17:44:58.0324 5592  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:44:58.0324 5592  RemoteAccess - ok
17:44:58.0327 5592  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:44:58.0330 5592  RemoteRegistry - ok
17:44:58.0332 5592  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:44:58.0334 5592  RpcEptMapper - ok
17:44:58.0336 5592  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:44:58.0337 5592  RpcLocator - ok
17:44:58.0342 5592  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:44:58.0346 5592  RpcSs - ok
17:44:58.0350 5592  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:44:58.0350 5592  rspndr - ok
17:44:58.0356 5592  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:44:58.0360 5592  RTL8167 - ok
17:44:58.0362 5592  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:44:58.0362 5592  s3cap - ok
17:44:58.0365 5592  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:44:58.0366 5592  SamSs - ok
17:44:58.0369 5592  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:44:58.0370 5592  sbp2port - ok
17:44:58.0374 5592  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:44:58.0375 5592  SCardSvr - ok
17:44:58.0379 5592  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:44:58.0379 5592  scfilter - ok
17:44:58.0389 5592  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:44:58.0395 5592  Schedule - ok
17:44:58.0399 5592  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:44:58.0400 5592  SCPolicySvc - ok
17:44:58.0402 5592  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:44:58.0405 5592  SDRSVC - ok
17:44:58.0407 5592  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:44:58.0407 5592  secdrv - ok
17:44:58.0410 5592  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:44:58.0412 5592  seclogon - ok
17:44:58.0415 5592  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
17:44:58.0416 5592  SENS - ok
17:44:58.0419 5592  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:44:58.0420 5592  SensrSvc - ok
17:44:58.0422 5592  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:44:58.0422 5592  Serenum - ok
17:44:58.0426 5592  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:44:58.0426 5592  Serial - ok
17:44:58.0429 5592  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:44:58.0430 5592  sermouse - ok
17:44:58.0436 5592  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:44:58.0437 5592  SessionEnv - ok
17:44:58.0440 5592  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:44:58.0441 5592  sffdisk - ok
17:44:58.0442 5592  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:44:58.0444 5592  sffp_mmc - ok
17:44:58.0446 5592  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:44:58.0446 5592  sffp_sd - ok
17:44:58.0449 5592  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:44:58.0449 5592  sfloppy - ok
17:44:58.0454 5592  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:44:58.0456 5592  SharedAccess - ok
17:44:58.0461 5592  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:44:58.0464 5592  ShellHWDetection - ok
17:44:58.0467 5592  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:44:58.0467 5592  SiSRaid2 - ok
17:44:58.0470 5592  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:44:58.0471 5592  SiSRaid4 - ok
17:44:58.0475 5592  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:44:58.0475 5592  SkypeUpdate - ok
17:44:58.0479 5592  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:44:58.0480 5592  Smb - ok
17:44:58.0485 5592  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:44:58.0486 5592  SNMPTRAP - ok
17:44:58.0489 5592  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:44:58.0489 5592  spldr - ok
17:44:58.0495 5592  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:44:58.0499 5592  Spooler - ok
17:44:58.0530 5592  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:44:58.0547 5592  sppsvc - ok
17:44:58.0551 5592  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:44:58.0552 5592  sppuinotify - ok
17:44:58.0559 5592  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:44:58.0561 5592  srv - ok
17:44:58.0567 5592  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:44:58.0569 5592  srv2 - ok
17:44:58.0572 5592  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:44:58.0574 5592  srvnet - ok
17:44:58.0577 5592  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:44:58.0580 5592  SSDPSRV - ok
17:44:58.0582 5592  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:44:58.0585 5592  SstpSvc - ok
17:44:58.0586 5592  Steam Client Service - ok
17:44:58.0592 5592  [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:44:58.0595 5592  Stereo Service - ok
17:44:58.0599 5592  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:44:58.0599 5592  stexstor - ok
17:44:58.0605 5592  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:44:58.0609 5592  stisvc - ok
17:44:58.0612 5592  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:44:58.0612 5592  storflt - ok
17:44:58.0616 5592  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:44:58.0616 5592  storvsc - ok
17:44:58.0619 5592  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:44:58.0619 5592  swenum - ok
17:44:58.0626 5592  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:44:58.0629 5592  SwitchBoard - ok
17:44:58.0635 5592  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:44:58.0637 5592  swprv - ok
17:44:58.0641 5592  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
17:44:58.0642 5592  Synth3dVsc - ok
17:44:58.0657 5592  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:44:58.0666 5592  SysMain - ok
17:44:58.0670 5592  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:44:58.0672 5592  TabletInputService - ok
17:44:58.0676 5592  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:44:58.0679 5592  TapiSrv - ok
17:44:58.0682 5592  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:44:58.0684 5592  TBS - ok
17:44:58.0700 5592  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:44:58.0710 5592  Tcpip - ok
17:44:58.0727 5592  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:44:58.0736 5592  TCPIP6 - ok
17:44:58.0741 5592  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:44:58.0741 5592  tcpipreg - ok
17:44:58.0745 5592  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:44:58.0745 5592  TDPIPE - ok
17:44:58.0749 5592  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:44:58.0749 5592  TDTCP - ok
17:44:58.0751 5592  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:44:58.0752 5592  tdx - ok
17:44:58.0782 5592  [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:44:58.0799 5592  TeamViewer8 - ok
17:44:58.0802 5592  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:44:58.0804 5592  TermDD - ok
17:44:58.0806 5592  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
17:44:58.0806 5592  terminpt - ok
17:44:58.0814 5592  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:44:58.0819 5592  TermService - ok
17:44:58.0821 5592  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:44:58.0822 5592  Themes - ok
17:44:58.0825 5592  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:44:58.0826 5592  THREADORDER - ok
17:44:58.0830 5592  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:44:58.0831 5592  TrkWks - ok
17:44:58.0835 5592  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:44:58.0836 5592  TrustedInstaller - ok
17:44:58.0840 5592  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:58.0840 5592  tssecsrv - ok
17:44:58.0842 5592  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:44:58.0844 5592  TsUsbFlt - ok
17:44:58.0846 5592  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:44:58.0846 5592  TsUsbGD - ok
17:44:58.0850 5592  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
17:44:58.0850 5592  tsusbhub - ok
17:44:58.0854 5592  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:44:58.0855 5592  tunnel - ok
17:44:58.0857 5592  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:44:58.0857 5592  uagp35 - ok
17:44:58.0862 5592  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:44:58.0865 5592  udfs - ok
17:44:58.0870 5592  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:44:58.0871 5592  UI0Detect - ok
17:44:58.0874 5592  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:44:58.0874 5592  uliagpkx - ok
17:44:58.0877 5592  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:44:58.0877 5592  umbus - ok
17:44:58.0880 5592  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:44:58.0880 5592  UmPass - ok
17:44:58.0884 5592  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
17:44:58.0886 5592  UmRdpService - ok
17:44:58.0891 5592  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:44:58.0894 5592  upnphost - ok
17:44:58.0899 5592  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:44:58.0899 5592  USBAAPL64 - ok
17:44:58.0902 5592  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:58.0904 5592  usbccgp - ok
17:44:58.0906 5592  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:44:58.0906 5592  usbcir - ok
17:44:58.0910 5592  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:44:58.0910 5592  usbehci - ok
17:44:58.0915 5592  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:44:58.0916 5592  usbhub - ok
17:44:58.0920 5592  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:44:58.0920 5592  usbohci - ok
17:44:58.0932 5592  [ 479CBB48761AD5AD719D66CB0E85D428 ] USBPNPA         C:\Windows\system32\drivers\CM10864.sys
17:44:58.0937 5592  USBPNPA - ok
17:44:58.0941 5592  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:44:58.0941 5592  usbprint - ok
17:44:58.0945 5592  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:58.0945 5592  USBSTOR - ok
17:44:58.0947 5592  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:44:58.0947 5592  usbuhci - ok
17:44:58.0951 5592  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:44:58.0952 5592  UxSms - ok
17:44:58.0955 5592  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:44:58.0956 5592  VaultSvc - ok
17:44:58.0959 5592  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:44:58.0959 5592  vdrvroot - ok
17:44:58.0966 5592  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:44:58.0970 5592  vds - ok
17:44:58.0972 5592  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:58.0972 5592  vga - ok
17:44:58.0975 5592  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:44:58.0975 5592  VgaSave - ok
17:44:58.0977 5592  VGPU - ok
17:44:58.0982 5592  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:44:58.0984 5592  vhdmp - ok
17:44:59.0004 5592  [ E066AA9C9866C2001372486A6841108C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:44:59.0014 5592  VIAHdAudAddService - ok
17:44:59.0017 5592  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:44:59.0017 5592  viaide - ok
17:44:59.0020 5592  [ 1236737C7993FB462610E1A0AA92C40B ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:44:59.0021 5592  VIAKaraokeService - ok
17:44:59.0026 5592  [ FF7C6E015AA32FC6BE0AEF582B802332 ] VirtDiskBus     C:\Windows\system32\DRIVERS\VirtDiskBus64.sys
17:44:59.0026 5592  VirtDiskBus - ok
17:44:59.0030 5592  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:44:59.0031 5592  vmbus - ok
17:44:59.0034 5592  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:44:59.0035 5592  VMBusHID - ok
17:44:59.0037 5592  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:44:59.0037 5592  volmgr - ok
17:44:59.0044 5592  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:44:59.0045 5592  volmgrx - ok
17:44:59.0050 5592  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:44:59.0051 5592  volsnap - ok
17:44:59.0055 5592  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:44:59.0056 5592  vsmraid - ok
17:44:59.0070 5592  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:44:59.0079 5592  VSS - ok
17:44:59.0082 5592  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:44:59.0082 5592  vwifibus - ok
17:44:59.0085 5592  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:59.0086 5592  vwififlt - ok
17:44:59.0091 5592  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:44:59.0094 5592  W32Time - ok
17:44:59.0097 5592  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:44:59.0099 5592  WacomPen - ok
17:44:59.0101 5592  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:44:59.0102 5592  WANARP - ok
17:44:59.0104 5592  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:44:59.0105 5592  Wanarpv6 - ok
17:44:59.0119 5592  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:44:59.0126 5592  wbengine - ok
17:44:59.0131 5592  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:44:59.0132 5592  WbioSrvc - ok
17:44:59.0139 5592  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:44:59.0141 5592  wcncsvc - ok
17:44:59.0144 5592  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:44:59.0145 5592  WcsPlugInService - ok
17:44:59.0147 5592  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:44:59.0149 5592  Wd - ok
17:44:59.0156 5592  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:44:59.0160 5592  Wdf01000 - ok
17:44:59.0164 5592  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:44:59.0165 5592  WdiServiceHost - ok
17:44:59.0167 5592  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:44:59.0169 5592  WdiSystemHost - ok
17:44:59.0174 5592  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:44:59.0176 5592  WebClient - ok
17:44:59.0180 5592  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:44:59.0182 5592  Wecsvc - ok
17:44:59.0186 5592  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:44:59.0187 5592  wercplsupport - ok
17:44:59.0190 5592  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:44:59.0191 5592  WerSvc - ok
17:44:59.0195 5592  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:44:59.0195 5592  WfpLwf - ok
17:44:59.0197 5592  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:44:59.0197 5592  WIMMount - ok
17:44:59.0199 5592  WinDefend - ok
17:44:59.0204 5592  WinHttpAutoProxySvc - ok
17:44:59.0211 5592  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:44:59.0212 5592  Winmgmt - ok
17:44:59.0230 5592  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:44:59.0241 5592  WinRM - ok
17:44:59.0247 5592  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:44:59.0247 5592  WinUsb - ok
17:44:59.0256 5592  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:44:59.0261 5592  Wlansvc - ok
17:44:59.0265 5592  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:44:59.0265 5592  WmiAcpi - ok
17:44:59.0270 5592  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:44:59.0271 5592  wmiApSrv - ok
17:44:59.0274 5592  WMPNetworkSvc - ok
17:44:59.0276 5592  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:44:59.0277 5592  WPCSvc - ok
17:44:59.0281 5592  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:44:59.0282 5592  WPDBusEnum - ok
17:44:59.0286 5592  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:44:59.0286 5592  ws2ifsl - ok
17:44:59.0289 5592  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
17:44:59.0291 5592  wscsvc - ok
17:44:59.0292 5592  WSearch - ok
17:44:59.0315 5592  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:44:59.0329 5592  wuauserv - ok
17:44:59.0332 5592  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:44:59.0332 5592  WudfPf - ok
17:44:59.0337 5592  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:59.0339 5592  WUDFRd - ok
17:44:59.0341 5592  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:44:59.0342 5592  wudfsvc - ok
17:44:59.0347 5592  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:44:59.0350 5592  WwanSvc - ok
17:44:59.0355 5592  ================ Scan global ===============================
17:44:59.0357 5592  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:44:59.0361 5592  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:44:59.0366 5592  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:44:59.0371 5592  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:44:59.0376 5592  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:44:59.0379 5592  [Global] - ok
17:44:59.0379 5592  ================ Scan MBR ==================================
17:44:59.0380 5592  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:44:59.0566 5592  \Device\Harddisk0\DR0 - ok
17:44:59.0567 5592  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:44:59.0570 5592  \Device\Harddisk1\DR1 - ok
17:44:59.0572 5592  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR10
17:45:01.0107 5592  \Device\Harddisk6\DR10 - ok
17:45:01.0107 5592  ================ Scan VBR ==================================
17:45:01.0111 5592  [ 400F655F45A126CB8E1C519CFD679284 ] \Device\Harddisk0\DR0\Partition1
17:45:01.0111 5592  \Device\Harddisk0\DR0\Partition1 - ok
17:45:01.0114 5592  [ 3EC15BD8304A776CBB54EA3F13527BEE ] \Device\Harddisk0\DR0\Partition2
17:45:01.0114 5592  \Device\Harddisk0\DR0\Partition2 - ok
17:45:01.0116 5592  [ DB3104EF603C4628999A1E7B88DA898D ] \Device\Harddisk1\DR1\Partition1
17:45:01.0117 5592  \Device\Harddisk1\DR1\Partition1 - ok
17:45:01.0120 5592  [ 08E7F339906B3F5D1BA8729C16500F32 ] \Device\Harddisk6\DR10\Partition1
17:45:01.0120 5592  \Device\Harddisk6\DR10\Partition1 - ok
17:45:01.0121 5592  ============================================================
17:45:01.0121 5592  Scan finished
17:45:01.0121 5592  ============================================================
17:45:01.0127 2656  Detected object count: 0
17:45:01.0127 2656  Actual detected object count: 0
17:45:40.0470 1724  Deinitialize success

cosinus · 30.05.2013, 08:57

1. Das Log von MBAR wird immer erstellt, egal ob Fund oder kein Fund, das Log ist auch immer zu posten
2. Du hast den tdsskiller falsch eingestellt

Zitat:

17:44:56.0240 5592 Scan started
17:44:56.0240 5592 Mode: Manual;

Iceinsky69 · 30.05.2013, 17:19

Er findet die Malware (Backdoor.agent) svhost.exe aber mbar speichert nirgends die log datei nicht im Ordner sowie nicht auf der Platte.

Und wo kann man bei dem tdskiller daseinstellen ?

cosinus · 30.05.2013, 22:13

Lies doch bitte mal die Anleitungen richtig, dann würden sich viele Fragen erübrigen

Iceinsky69 · 01.06.2013, 11:16

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.01.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
ff0 :: FLORIAN-PC [administrator]

01.06.2013 11:19:58
mbar-log-2013-06-01 (11-19-58).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 269326
Time elapsed: 3 minute(s), 48 second(s)

Memory Processes Detected: 1
c:\Users\ff0\AppData\Roaming\Microsoft\svhost.exe (Backdoor.Agent) -> 4292 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Users\ff0\AppData\Roaming\Microsoft\svhost.exe (Backdoor.Agent) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

 

11:07:32.0460 5500  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:07:32.0546 5500  ============================================================
11:07:32.0546 5500  Current date / time: 2013/06/01 11:07:32.0546
11:07:32.0546 5500  SystemInfo:
11:07:32.0546 5500  
11:07:32.0546 5500  OS Version: 6.1.7601 ServicePack: 1.0
11:07:32.0546 5500  Product type: Workstation
11:07:32.0546 5500  ComputerName: FLORIAN-PC
11:07:32.0546 5500  UserName: ff0
11:07:32.0546 5500  Windows directory: C:\Windows
11:07:32.0546 5500  System windows directory: C:\Windows
11:07:32.0546 5500  Running under WOW64
11:07:32.0546 5500  Processor architecture: Intel x64
11:07:32.0546 5500  Number of processors: 4
11:07:32.0546 5500  Page size: 0x1000
11:07:32.0546 5500  Boot type: Normal boot
11:07:32.0546 5500  ============================================================
11:07:32.0719 5500  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:07:32.0738 5500  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:07:32.0768 5500  Drive \Device\Harddisk6\DR7 - Size: 0x1CE800000 (7.23 Gb), SectorSize: 0x200, Cylinders: 0x3AF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:07:32.0785 5500  ============================================================
11:07:32.0785 5500  \Device\Harddisk0\DR0:
11:07:32.0786 5500  MBR partitions:
11:07:32.0786 5500  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:07:32.0786 5500  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
11:07:32.0786 5500  \Device\Harddisk1\DR1:
11:07:32.0787 5500  MBR partitions:
11:07:32.0787 5500  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
11:07:32.0787 5500  \Device\Harddisk6\DR7:
11:07:32.0799 5500  MBR partitions:
11:07:32.0799 5500  \Device\Harddisk6\DR7\Partition1: MBR, Type 0xB, StartLBA 0xC70, BlocksNum 0xE73390
11:07:32.0799 5500  ============================================================
11:07:32.0800 5500  C: <-> \Device\Harddisk0\DR0\Partition2
11:07:32.0822 5500  I: <-> \Device\Harddisk1\DR1\Partition1
11:07:32.0822 5500  ============================================================
11:07:32.0822 5500  Initialize success
11:07:32.0822 5500  ============================================================
11:08:06.0623 6048  ============================================================
11:08:06.0623 6048  Scan started
11:08:06.0623 6048  Mode: Manual; SigCheck; TDLFS; 
11:08:06.0623 6048  ============================================================
11:08:06.0720 6048  ================ Scan system memory ========================
11:08:06.0720 6048  System memory - ok
11:08:06.0721 6048  ================ Scan services =============================
11:08:06.0751 6048  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
11:08:06.0782 6048  1394ohci - ok
11:08:06.0788 6048  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:08:06.0799 6048  ACPI - ok
11:08:06.0802 6048  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:08:06.0816 6048  AcpiPmi - ok
11:08:06.0822 6048  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:08:06.0835 6048  adp94xx - ok
11:08:06.0840 6048  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:08:06.0851 6048  adpahci - ok
11:08:06.0855 6048  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:08:06.0864 6048  adpu320 - ok
11:08:06.0869 6048  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:08:06.0912 6048  AeLookupSvc - ok
11:08:06.0919 6048  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:08:06.0932 6048  AFD - ok
11:08:06.0935 6048  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:08:06.0943 6048  agp440 - ok
11:08:06.0946 6048  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:08:06.0954 6048  ALG - ok
11:08:06.0957 6048  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:08:06.0964 6048  aliide - ok
11:08:06.0967 6048  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:08:06.0974 6048  amdide - ok
11:08:06.0976 6048  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:08:06.0985 6048  AmdK8 - ok
11:08:06.0988 6048  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:08:06.0996 6048  AmdPPM - ok
11:08:06.0999 6048  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
11:08:07.0013 6048  amdsata - ok
11:08:07.0017 6048  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:08:07.0026 6048  amdsbs - ok
11:08:07.0029 6048  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:08:07.0035 6048  amdxata - ok
11:08:07.0038 6048  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:08:07.0081 6048  AppID - ok
11:08:07.0085 6048  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:08:07.0108 6048  AppIDSvc - ok
11:08:07.0112 6048  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:08:07.0120 6048  Appinfo - ok
11:08:07.0126 6048  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:08:07.0134 6048  Apple Mobile Device - ok
11:08:07.0139 6048  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:08:07.0148 6048  AppMgmt - ok
11:08:07.0151 6048  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:08:07.0159 6048  arc - ok
11:08:07.0162 6048  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:08:07.0170 6048  arcsas - ok
11:08:07.0180 6048  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:08:07.0189 6048  aspnet_state - ok
11:08:07.0192 6048  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:08:07.0216 6048  AsyncMac - ok
11:08:07.0219 6048  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:08:07.0226 6048  atapi - ok
11:08:07.0234 6048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:08:07.0264 6048  AudioEndpointBuilder - ok
11:08:07.0271 6048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:08:07.0298 6048  AudioSrv - ok
11:08:07.0302 6048  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:08:07.0315 6048  AxInstSV - ok
11:08:07.0321 6048  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:08:07.0333 6048  b06bdrv - ok
11:08:07.0338 6048  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:08:07.0348 6048  b57nd60a - ok
11:08:07.0353 6048  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:08:07.0362 6048  BDESVC - ok
11:08:07.0364 6048  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:08:07.0388 6048  Beep - ok
11:08:07.0396 6048  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:08:07.0426 6048  BFE - ok
11:08:07.0435 6048  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:08:07.0467 6048  BITS - ok
11:08:07.0471 6048  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:08:07.0479 6048  blbdrive - ok
11:08:07.0485 6048  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:08:07.0496 6048  Bonjour Service - ok
11:08:07.0500 6048  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:08:07.0508 6048  bowser - ok
11:08:07.0511 6048  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:08:07.0521 6048  BrFiltLo - ok
11:08:07.0523 6048  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:08:07.0532 6048  BrFiltUp - ok
11:08:07.0535 6048  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:08:07.0560 6048  BridgeMP - ok
11:08:07.0564 6048  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:08:07.0573 6048  Browser - ok
11:08:07.0578 6048  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:08:07.0588 6048  Brserid - ok
11:08:07.0592 6048  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:08:07.0602 6048  BrSerWdm - ok
11:08:07.0604 6048  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:08:07.0615 6048  BrUsbMdm - ok
11:08:07.0617 6048  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:08:07.0625 6048  BrUsbSer - ok
11:08:07.0629 6048  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:08:07.0639 6048  BTHMODEM - ok
11:08:07.0643 6048  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:08:07.0668 6048  bthserv - ok
11:08:07.0670 6048  catchme - ok
11:08:07.0674 6048  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:08:07.0699 6048  cdfs - ok
11:08:07.0703 6048  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:08:07.0712 6048  cdrom - ok
11:08:07.0716 6048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:08:07.0740 6048  CertPropSvc - ok
11:08:07.0742 6048  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:08:07.0752 6048  circlass - ok
11:08:07.0758 6048  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:08:07.0769 6048  CLFS - ok
11:08:07.0774 6048  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:08:07.0782 6048  clr_optimization_v2.0.50727_32 - ok
11:08:07.0786 6048  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:08:07.0794 6048  clr_optimization_v2.0.50727_64 - ok
11:08:07.0800 6048  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:08:07.0811 6048  clr_optimization_v4.0.30319_32 - ok
11:08:07.0815 6048  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:08:07.0823 6048  clr_optimization_v4.0.30319_64 - ok
11:08:07.0826 6048  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:08:07.0834 6048  CmBatt - ok
11:08:07.0837 6048  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:08:07.0843 6048  cmdide - ok
11:08:07.0850 6048  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:08:07.0867 6048  CNG - ok
11:08:07.0871 6048  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:08:07.0878 6048  Compbatt - ok
11:08:07.0880 6048  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:08:07.0890 6048  CompositeBus - ok
11:08:07.0892 6048  COMSysApp - ok
11:08:07.0896 6048  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:08:07.0903 6048  crcdisk - ok
11:08:07.0908 6048  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:08:07.0918 6048  CryptSvc - ok
11:08:07.0924 6048  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
11:08:07.0937 6048  CSC - ok
11:08:07.0945 6048  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
11:08:07.0959 6048  CscService - ok
11:08:07.0967 6048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:08:07.0996 6048  DcomLaunch - ok
11:08:08.0002 6048  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:08:08.0029 6048  defragsvc - ok
11:08:08.0032 6048  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:08:08.0056 6048  DfsC - ok
11:08:08.0061 6048  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:08:08.0072 6048  Dhcp - ok
11:08:08.0076 6048  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:08:08.0099 6048  discache - ok
11:08:08.0103 6048  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:08:08.0110 6048  Disk - ok
11:08:08.0114 6048  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:08:08.0122 6048  dmvsc - ok
11:08:08.0126 6048  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:08:08.0135 6048  Dnscache - ok
11:08:08.0140 6048  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:08:08.0165 6048  dot3svc - ok
11:08:08.0169 6048  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:08:08.0194 6048  DPS - ok
11:08:08.0197 6048  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:08:08.0206 6048  drmkaud - ok
11:08:08.0211 6048  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:08:08.0220 6048  dtsoftbus01 - ok
11:08:08.0230 6048  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:08:08.0248 6048  DXGKrnl - ok
11:08:08.0252 6048  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:08:08.0277 6048  EapHost - ok
11:08:08.0305 6048  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:08:08.0345 6048  ebdrv - ok
11:08:08.0349 6048  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:08:08.0357 6048  EFS - ok
11:08:08.0366 6048  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:08:08.0380 6048  ehRecvr - ok
11:08:08.0384 6048  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:08:08.0393 6048  ehSched - ok
11:08:08.0399 6048  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:08:08.0412 6048  elxstor - ok
11:08:08.0415 6048  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:08:08.0423 6048  ErrDev - ok
11:08:08.0426 6048  [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
11:08:08.0433 6048  ES lite Service - ok
11:08:08.0437 6048  [ 84486624268E078255BC7AA47F0960BC ] etdrv           C:\Windows\etdrv.sys
11:08:08.0443 6048  etdrv - ok
11:08:08.0445 6048  [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
11:08:08.0453 6048  EtronHub3 - ok
11:08:08.0456 6048  [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
11:08:08.0463 6048  EtronXHCI - ok
11:08:08.0470 6048  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:08:08.0500 6048  EventSystem - ok
11:08:08.0504 6048  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:08:08.0530 6048  exfat - ok
11:08:08.0534 6048  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:08:08.0560 6048  fastfat - ok
11:08:08.0568 6048  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:08:08.0582 6048  Fax - ok
11:08:08.0585 6048  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:08:08.0593 6048  fdc - ok
11:08:08.0596 6048  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:08:08.0620 6048  fdPHost - ok
11:08:08.0623 6048  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:08:08.0647 6048  FDResPub - ok
11:08:08.0650 6048  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:08:08.0658 6048  FileInfo - ok
11:08:08.0660 6048  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:08:08.0684 6048  Filetrace - ok
11:08:08.0687 6048  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:08:08.0695 6048  flpydisk - ok
11:08:08.0699 6048  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:08:08.0709 6048  FltMgr - ok
11:08:08.0721 6048  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:08:08.0740 6048  FontCache - ok
11:08:08.0743 6048  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:08:08.0750 6048  FontCache3.0.0.0 - ok
11:08:08.0753 6048  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:08:08.0760 6048  FsDepends - ok
11:08:08.0763 6048  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:08:08.0770 6048  Fs_Rec - ok
11:08:08.0774 6048  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:08:08.0786 6048  fvevol - ok
11:08:08.0789 6048  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:08:08.0797 6048  gagp30kx - ok
11:08:08.0799 6048  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
11:08:08.0805 6048  gdrv - ok
11:08:08.0808 6048  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:08:08.0813 6048  GEARAspiWDM - ok
11:08:08.0821 6048  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:08:08.0851 6048  gpsvc - ok
11:08:08.0855 6048  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:08:08.0862 6048  gupdate - ok
11:08:08.0864 6048  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:08:08.0870 6048  gupdatem - ok
11:08:08.0874 6048  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
11:08:08.0880 6048  GVTDrv64 - ok
11:08:08.0883 6048  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
11:08:08.0890 6048  hamachi - ok
11:08:08.0911 6048  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
11:08:08.0948 6048  Hamachi2Svc - ok
11:08:08.0952 6048  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:08:08.0960 6048  hcw85cir - ok
11:08:08.0965 6048  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:08:08.0978 6048  HdAudAddService - ok
11:08:08.0982 6048  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:08:08.0992 6048  HDAudBus - ok
11:08:08.0996 6048  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:08:09.0004 6048  HidBatt - ok
11:08:09.0007 6048  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:08:09.0017 6048  HidBth - ok
11:08:09.0020 6048  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:08:09.0029 6048  HidIr - ok
11:08:09.0032 6048  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:08:09.0057 6048  hidserv - ok
11:08:09.0060 6048  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:08:09.0068 6048  HidUsb - ok
11:08:09.0071 6048  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:08:09.0095 6048  hkmsvc - ok
11:08:09.0100 6048  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:08:09.0111 6048  HomeGroupListener - ok
11:08:09.0115 6048  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:08:09.0125 6048  HomeGroupProvider - ok
11:08:09.0128 6048  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:08:09.0136 6048  HpSAMD - ok
11:08:09.0143 6048  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:08:09.0173 6048  HTTP - ok
11:08:09.0177 6048  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:08:09.0183 6048  hwpolicy - ok
11:08:09.0186 6048  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:08:09.0195 6048  i8042prt - ok
11:08:09.0201 6048  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:08:09.0213 6048  iaStorV - ok
11:08:09.0216 6048  [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
11:08:09.0221 6048  ICCS ( UnsignedFile.Multi.Generic ) - warning
11:08:09.0221 6048  ICCS - detected UnsignedFile.Multi.Generic (1)
11:08:09.0224 6048  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:08:09.0228 6048  IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:08:09.0228 6048  IDriverT - detected UnsignedFile.Multi.Generic (1)
11:08:09.0237 6048  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:08:09.0254 6048  idsvc - ok
11:08:09.0257 6048  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:08:09.0264 6048  iirsp - ok
11:08:09.0273 6048  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:08:09.0305 6048  IKEEXT - ok
11:08:09.0309 6048  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:08:09.0316 6048  intelide - ok
11:08:09.0319 6048  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:08:09.0327 6048  intelppm - ok
11:08:09.0331 6048  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:08:09.0356 6048  IPBusEnum - ok
11:08:09.0359 6048  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:08:09.0383 6048  IpFilterDriver - ok
11:08:09.0389 6048  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:08:09.0403 6048  iphlpsvc - ok
11:08:09.0407 6048  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:08:09.0415 6048  IPMIDRV - ok
11:08:09.0418 6048  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:08:09.0443 6048  IPNAT - ok
11:08:09.0450 6048  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:08:09.0464 6048  iPod Service - ok
11:08:09.0467 6048  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:08:09.0478 6048  IRENUM - ok
11:08:09.0481 6048  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:08:09.0488 6048  isapnp - ok
11:08:09.0492 6048  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:08:09.0502 6048  iScsiPrt - ok
11:08:09.0505 6048  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:08:09.0512 6048  kbdclass - ok
11:08:09.0515 6048  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:08:09.0523 6048  kbdhid - ok
11:08:09.0525 6048  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:08:09.0533 6048  KeyIso - ok
11:08:09.0536 6048  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:08:09.0544 6048  KSecDD - ok
11:08:09.0548 6048  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:08:09.0556 6048  KSecPkg - ok
11:08:09.0559 6048  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:08:09.0583 6048  ksthunk - ok
11:08:09.0589 6048  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:08:09.0617 6048  KtmRm - ok
11:08:09.0622 6048  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:08:09.0648 6048  LanmanServer - ok
11:08:09.0651 6048  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:08:09.0677 6048  LanmanWorkstation - ok
11:08:09.0681 6048  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:08:09.0705 6048  lltdio - ok
11:08:09.0710 6048  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:08:09.0738 6048  lltdsvc - ok
11:08:09.0741 6048  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:08:09.0765 6048  lmhosts - ok
11:08:09.0770 6048  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:08:09.0778 6048  LSI_FC - ok
11:08:09.0781 6048  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:08:09.0789 6048  LSI_SAS - ok
11:08:09.0792 6048  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:08:09.0799 6048  LSI_SAS2 - ok
11:08:09.0802 6048  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:08:09.0811 6048  LSI_SCSI - ok
11:08:09.0814 6048  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:08:09.0839 6048  luafv - ok
11:08:09.0842 6048  [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
11:08:09.0850 6048  mbamchameleon - ok
11:08:09.0853 6048  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:08:09.0862 6048  Mcx2Svc - ok
11:08:09.0866 6048  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:08:09.0873 6048  megasas - ok
11:08:09.0877 6048  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:08:09.0888 6048  MegaSR - ok
11:08:09.0891 6048  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:08:09.0916 6048  MMCSS - ok
11:08:09.0919 6048  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:08:09.0943 6048  Modem - ok
11:08:09.0946 6048  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:08:09.0955 6048  monitor - ok
11:08:09.0958 6048  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:08:09.0965 6048  mouclass - ok
11:08:09.0968 6048  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:08:09.0976 6048  mouhid - ok
11:08:09.0979 6048  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:08:09.0987 6048  mountmgr - ok
11:08:09.0990 6048  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:08:09.0999 6048  mpio - ok
11:08:10.0002 6048  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:08:10.0026 6048  mpsdrv - ok
11:08:10.0035 6048  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:08:10.0067 6048  MpsSvc - ok
11:08:10.0071 6048  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:08:10.0083 6048  MRxDAV - ok
11:08:10.0087 6048  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:08:10.0096 6048  mrxsmb - ok
11:08:10.0101 6048  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:08:10.0111 6048  mrxsmb10 - ok
11:08:10.0115 6048  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:08:10.0123 6048  mrxsmb20 - ok
11:08:10.0126 6048  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:08:10.0133 6048  msahci - ok
11:08:10.0136 6048  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:08:10.0144 6048  msdsm - ok
11:08:10.0148 6048  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:08:10.0158 6048  MSDTC - ok
11:08:10.0162 6048  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:08:10.0186 6048  Msfs - ok
11:08:10.0189 6048  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:08:10.0212 6048  mshidkmdf - ok
11:08:10.0215 6048  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:08:10.0222 6048  msisadrv - ok
11:08:10.0226 6048  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:08:10.0251 6048  MSiSCSI - ok
11:08:10.0254 6048  msiserver - ok
11:08:10.0257 6048  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:08:10.0281 6048  MSKSSRV - ok
11:08:10.0284 6048  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:08:10.0307 6048  MSPCLOCK - ok
11:08:10.0310 6048  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:08:10.0333 6048  MSPQM - ok
11:08:10.0339 6048  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:08:10.0350 6048  MsRPC - ok
11:08:10.0354 6048  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:08:10.0361 6048  mssmbios - ok
11:08:10.0364 6048  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:08:10.0388 6048  MSTEE - ok
11:08:10.0391 6048  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:08:10.0398 6048  MTConfig - ok
11:08:10.0401 6048  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:08:10.0409 6048  Mup - ok
11:08:10.0415 6048  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:08:10.0443 6048  napagent - ok
11:08:10.0449 6048  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:08:10.0463 6048  NativeWifiP - ok
11:08:10.0474 6048  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:08:10.0493 6048  NDIS - ok
11:08:10.0496 6048  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:08:10.0520 6048  NdisCap - ok
11:08:10.0523 6048  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:08:10.0547 6048  NdisTapi - ok
11:08:10.0550 6048  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:08:10.0573 6048  Ndisuio - ok
11:08:10.0577 6048  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:08:10.0601 6048  NdisWan - ok
11:08:10.0605 6048  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:08:10.0629 6048  NDProxy - ok
11:08:10.0631 6048  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:08:10.0655 6048  NetBIOS - ok
11:08:10.0660 6048  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:08:10.0685 6048  NetBT - ok
11:08:10.0688 6048  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:08:10.0696 6048  Netlogon - ok
11:08:10.0701 6048  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:08:10.0729 6048  Netman - ok
11:08:10.0733 6048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:08:10.0741 6048  NetMsmqActivator - ok
11:08:10.0743 6048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:08:10.0750 6048  NetPipeActivator - ok
11:08:10.0756 6048  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:08:10.0784 6048  netprofm - ok
11:08:10.0794 6048  [ 618C55B392238B9467F9113E13525C49 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:08:10.0812 6048  netr28ux - ok
11:08:10.0815 6048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:08:10.0821 6048  NetTcpActivator - ok
11:08:10.0824 6048  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:08:10.0831 6048  NetTcpPortSharing - ok
11:08:10.0834 6048  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:08:10.0841 6048  nfrd960 - ok
11:08:10.0845 6048  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:08:10.0856 6048  NlaSvc - ok
11:08:10.0859 6048  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:08:10.0883 6048  Npfs - ok
11:08:10.0886 6048  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:08:10.0911 6048  nsi - ok
11:08:10.0913 6048  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:08:10.0937 6048  nsiproxy - ok
11:08:10.0954 6048  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:08:10.0982 6048  Ntfs - ok
11:08:10.0985 6048  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:08:11.0008 6048  Null - ok
11:08:11.0011 6048  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
11:08:11.0019 6048  nusb3hub - ok
11:08:11.0023 6048  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
11:08:11.0031 6048  nusb3xhc - ok
11:08:11.0035 6048  [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:08:11.0044 6048  NVHDA - ok
11:08:11.0132 6048  [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:08:11.0260 6048  nvlddmkm - ok
11:08:11.0269 6048  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:08:11.0278 6048  nvraid - ok
11:08:11.0281 6048  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:08:11.0291 6048  nvstor - ok
11:08:11.0300 6048  [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:08:11.0318 6048  nvsvc - ok
11:08:11.0335 6048  [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:08:11.0365 6048  nvUpdatusService - ok
11:08:11.0369 6048  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:08:11.0377 6048  nv_agp - ok
11:08:11.0380 6048  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:08:11.0388 6048  ohci1394 - ok
11:08:11.0394 6048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:08:11.0405 6048  p2pimsvc - ok
11:08:11.0411 6048  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:08:11.0424 6048  p2psvc - ok
11:08:11.0429 6048  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:08:11.0437 6048  Parport - ok
11:08:11.0440 6048  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:08:11.0448 6048  partmgr - ok
11:08:11.0452 6048  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:08:11.0466 6048  PcaSvc - ok
11:08:11.0470 6048  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:08:11.0480 6048  pci - ok
11:08:11.0482 6048  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:08:11.0489 6048  pciide - ok
11:08:11.0493 6048  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:08:11.0502 6048  pcmcia - ok
11:08:11.0506 6048  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:08:11.0513 6048  pcw - ok
11:08:11.0520 6048  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:08:11.0550 6048  PEAUTH - ok
11:08:11.0563 6048  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:08:11.0585 6048  PeerDistSvc - ok
11:08:11.0605 6048  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:08:11.0614 6048  PerfHost - ok
11:08:11.0630 6048  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:08:11.0668 6048  pla - ok
11:08:11.0674 6048  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:08:11.0687 6048  PlugPlay - ok
11:08:11.0689 6048  PnkBstrA - ok
11:08:11.0692 6048  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:08:11.0701 6048  PNRPAutoReg - ok
11:08:11.0706 6048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:08:11.0716 6048  PNRPsvc - ok
11:08:11.0723 6048  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:08:11.0751 6048  PolicyAgent - ok
11:08:11.0756 6048  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:08:11.0783 6048  Power - ok
11:08:11.0786 6048  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:08:11.0810 6048  PptpMiniport - ok
11:08:11.0813 6048  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:08:11.0822 6048  Processor - ok
11:08:11.0826 6048  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:08:11.0836 6048  ProfSvc - ok
11:08:11.0839 6048  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:08:11.0846 6048  ProtectedStorage - ok
11:08:11.0849 6048  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:08:11.0873 6048  Psched - ok
11:08:11.0887 6048  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:08:11.0914 6048  ql2300 - ok
11:08:11.0918 6048  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:08:11.0926 6048  ql40xx - ok
11:08:11.0930 6048  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:08:11.0944 6048  QWAVE - ok
11:08:11.0947 6048  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:08:11.0958 6048  QWAVEdrv - ok
11:08:11.0961 6048  [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RalinkRegistryWriter.exe
11:08:11.0964 6048  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning
11:08:11.0964 6048  RalinkRegistryWriter - detected UnsignedFile.Multi.Generic (1)
11:08:11.0967 6048  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:08:11.0990 6048  RasAcd - ok
11:08:11.0994 6048  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:08:12.0017 6048  RasAgileVpn - ok
11:08:12.0021 6048  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:08:12.0047 6048  RasAuto - ok
11:08:12.0050 6048  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:08:12.0074 6048  Rasl2tp - ok
11:08:12.0080 6048  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:08:12.0107 6048  RasMan - ok
11:08:12.0110 6048  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:08:12.0135 6048  RasPppoe - ok
11:08:12.0138 6048  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:08:12.0163 6048  RasSstp - ok
11:08:12.0168 6048  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:08:12.0194 6048  rdbss - ok
11:08:12.0197 6048  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:08:12.0206 6048  rdpbus - ok
11:08:12.0209 6048  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:08:12.0232 6048  RDPCDD - ok
11:08:12.0237 6048  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:08:12.0246 6048  RDPDR - ok
11:08:12.0248 6048  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:08:12.0271 6048  RDPENCDD - ok
11:08:12.0275 6048  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:08:12.0299 6048  RDPREFMP - ok
11:08:12.0304 6048  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:08:12.0312 6048  RdpVideoMiniport - ok
11:08:12.0316 6048  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:08:12.0325 6048  RDPWD - ok
11:08:12.0329 6048  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:08:12.0338 6048  rdyboost - ok
11:08:12.0342 6048  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:08:12.0367 6048  RemoteAccess - ok
11:08:12.0371 6048  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:08:12.0397 6048  RemoteRegistry - ok
11:08:12.0401 6048  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:08:12.0426 6048  RpcEptMapper - ok
11:08:12.0429 6048  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:08:12.0438 6048  RpcLocator - ok
11:08:12.0443 6048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:08:12.0473 6048  RpcSs - ok
11:08:12.0477 6048  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:08:12.0501 6048  rspndr - ok
11:08:12.0509 6048  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:08:12.0521 6048  RTL8167 - ok
11:08:12.0524 6048  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:08:12.0531 6048  s3cap - ok
11:08:12.0534 6048  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:08:12.0541 6048  SamSs - ok
11:08:12.0544 6048  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:08:12.0552 6048  sbp2port - ok
11:08:12.0556 6048  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:08:12.0583 6048  SCardSvr - ok
11:08:12.0586 6048  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:08:12.0609 6048  scfilter - ok
11:08:12.0619 6048  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:08:12.0653 6048  Schedule - ok
11:08:12.0657 6048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:08:12.0680 6048  SCPolicySvc - ok
11:08:12.0684 6048  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:08:12.0694 6048  SDRSVC - ok
11:08:12.0697 6048  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:08:12.0720 6048  secdrv - ok
11:08:12.0723 6048  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:08:12.0746 6048  seclogon - ok
11:08:12.0749 6048  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:08:12.0774 6048  SENS - ok
11:08:12.0777 6048  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:08:12.0786 6048  SensrSvc - ok
11:08:12.0789 6048  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:08:12.0797 6048  Serenum - ok
11:08:12.0800 6048  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:08:12.0809 6048  Serial - ok
11:08:12.0811 6048  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:08:12.0819 6048  sermouse - ok
11:08:12.0827 6048  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:08:12.0851 6048  SessionEnv - ok
11:08:12.0854 6048  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:08:12.0864 6048  sffdisk - ok
11:08:12.0866 6048  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:08:12.0875 6048  sffp_mmc - ok
11:08:12.0878 6048  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:08:12.0888 6048  sffp_sd - ok
11:08:12.0890 6048  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:08:12.0897 6048  sfloppy - ok
11:08:12.0903 6048  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:08:12.0930 6048  SharedAccess - ok
11:08:12.0936 6048  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:08:12.0963 6048  ShellHWDetection - ok
11:08:12.0966 6048  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:08:12.0973 6048  SiSRaid2 - ok
11:08:12.0976 6048  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:08:12.0984 6048  SiSRaid4 - ok
11:08:12.0987 6048  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:08:12.0995 6048  SkypeUpdate - ok
11:08:12.0998 6048  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:08:13.0022 6048  Smb - ok
11:08:13.0028 6048  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:08:13.0037 6048  SNMPTRAP - ok
11:08:13.0040 6048  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:08:13.0047 6048  spldr - ok
11:08:13.0053 6048  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:08:13.0067 6048  Spooler - ok
11:08:13.0098 6048  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:08:13.0156 6048  sppsvc - ok
11:08:13.0160 6048  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:08:13.0185 6048  sppuinotify - ok
11:08:13.0191 6048  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:08:13.0204 6048  srv - ok
11:08:13.0210 6048  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:08:13.0222 6048  srv2 - ok
11:08:13.0226 6048  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:08:13.0235 6048  srvnet - ok
11:08:13.0239 6048  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:08:13.0265 6048  SSDPSRV - ok
11:08:13.0268 6048  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:08:13.0293 6048  SstpSvc - ok
11:08:13.0296 6048  Steam Client Service - ok
11:08:13.0302 6048  [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:08:13.0313 6048  Stereo Service - ok
11:08:13.0317 6048  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:08:13.0324 6048  stexstor - ok
11:08:13.0331 6048  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:08:13.0348 6048  stisvc - ok
11:08:13.0352 6048  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:08:13.0359 6048  storflt - ok
11:08:13.0362 6048  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:08:13.0369 6048  storvsc - ok
11:08:13.0372 6048  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:08:13.0379 6048  swenum - ok
11:08:13.0386 6048  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:08:13.0397 6048  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:08:13.0398 6048  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:08:13.0404 6048  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:08:13.0434 6048  swprv - ok
11:08:13.0438 6048  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
11:08:13.0446 6048  Synth3dVsc - ok
11:08:13.0461 6048  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:08:13.0491 6048  SysMain - ok
11:08:13.0495 6048  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:08:13.0508 6048  TabletInputService - ok
11:08:13.0513 6048  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:08:13.0540 6048  TapiSrv - ok
11:08:13.0543 6048  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:08:13.0568 6048  TBS - ok
11:08:13.0585 6048  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:08:13.0617 6048  Tcpip - ok
11:08:13.0634 6048  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:08:13.0661 6048  TCPIP6 - ok
11:08:13.0666 6048  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:08:13.0674 6048  tcpipreg - ok
11:08:13.0678 6048  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:08:13.0685 6048  TDPIPE - ok
11:08:13.0688 6048  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:08:13.0695 6048  TDTCP - ok
11:08:13.0699 6048  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:08:13.0722 6048  tdx - ok
11:08:13.0752 6048  [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
11:08:13.0804 6048  TeamViewer8 - ok
11:08:13.0808 6048  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:08:13.0815 6048  TermDD - ok
11:08:13.0818 6048  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
11:08:13.0826 6048  terminpt - ok
11:08:13.0834 6048  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:08:13.0864 6048  TermService - ok
11:08:13.0867 6048  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:08:13.0879 6048  Themes - ok
11:08:13.0882 6048  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:08:13.0907 6048  THREADORDER - ok
11:08:13.0910 6048  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:08:13.0936 6048  TrkWks - ok
11:08:13.0940 6048  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:08:13.0964 6048  TrustedInstaller - ok
11:08:13.0969 6048  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:08:13.0992 6048  tssecsrv - ok
11:08:13.0994 6048  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:08:14.0002 6048  TsUsbFlt - ok
11:08:14.0005 6048  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:08:14.0013 6048  TsUsbGD - ok
11:08:14.0017 6048  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
11:08:14.0025 6048  tsusbhub - ok
11:08:14.0029 6048  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:08:14.0052 6048  tunnel - ok
11:08:14.0055 6048  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:08:14.0063 6048  uagp35 - ok
11:08:14.0068 6048  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:08:14.0093 6048  udfs - ok
11:08:14.0098 6048  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:08:14.0107 6048  UI0Detect - ok
11:08:14.0109 6048  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:08:14.0117 6048  uliagpkx - ok
11:08:14.0119 6048  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:08:14.0127 6048  umbus - ok
11:08:14.0129 6048  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:08:14.0137 6048  UmPass - ok
11:08:14.0141 6048  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
11:08:14.0152 6048  UmRdpService - ok
11:08:14.0157 6048  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:08:14.0186 6048  upnphost - ok
11:08:14.0191 6048  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:08:14.0199 6048  USBAAPL64 - ok
11:08:14.0202 6048  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:08:14.0210 6048  usbccgp - ok
11:08:14.0214 6048  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:08:14.0224 6048  usbcir - ok
11:08:14.0227 6048  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:08:14.0235 6048  usbehci - ok
11:08:14.0240 6048  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:08:14.0251 6048  usbhub - ok
11:08:14.0254 6048  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:08:14.0261 6048  usbohci - ok
11:08:14.0273 6048  [ 479CBB48761AD5AD719D66CB0E85D428 ] USBPNPA         C:\Windows\system32\drivers\CM10864.sys
11:08:14.0293 6048  USBPNPA - ok
11:08:14.0296 6048  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:08:14.0306 6048  usbprint - ok
11:08:14.0309 6048  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:08:14.0316 6048  USBSTOR - ok
11:08:14.0320 6048  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:08:14.0327 6048  usbuhci - ok
11:08:14.0330 6048  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:08:14.0355 6048  UxSms - ok
11:08:14.0358 6048  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:08:14.0366 6048  VaultSvc - ok
11:08:14.0369 6048  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:08:14.0375 6048  vdrvroot - ok
11:08:14.0382 6048  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:08:14.0411 6048  vds - ok
11:08:14.0414 6048  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:08:14.0424 6048  vga - ok
11:08:14.0427 6048  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:08:14.0450 6048  VgaSave - ok
11:08:14.0453 6048  VGPU - ok
11:08:14.0457 6048  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:08:14.0467 6048  vhdmp - ok
11:08:14.0489 6048  [ E066AA9C9866C2001372486A6841108C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:08:14.0518 6048  VIAHdAudAddService - ok
11:08:14.0522 6048  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:08:14.0529 6048  viaide - ok
11:08:14.0531 6048  [ 1236737C7993FB462610E1A0AA92C40B ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:08:14.0538 6048  VIAKaraokeService - ok
11:08:14.0542 6048  [ FF7C6E015AA32FC6BE0AEF582B802332 ] VirtDiskBus     C:\Windows\system32\DRIVERS\VirtDiskBus64.sys
11:08:14.0549 6048  VirtDiskBus - ok
11:08:14.0553 6048  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:08:14.0562 6048  vmbus - ok
11:08:14.0565 6048  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:08:14.0572 6048  VMBusHID - ok
11:08:14.0575 6048  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:08:14.0583 6048  volmgr - ok
11:08:14.0588 6048  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:08:14.0599 6048  volmgrx - ok
11:08:14.0604 6048  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:08:14.0614 6048  volsnap - ok
11:08:14.0617 6048  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:08:14.0626 6048  vsmraid - ok
11:08:14.0641 6048  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:08:14.0681 6048  VSS - ok
11:08:14.0684 6048  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:08:14.0694 6048  vwifibus - ok
11:08:14.0697 6048  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:08:14.0708 6048  vwififlt - ok
11:08:14.0713 6048  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:08:14.0742 6048  W32Time - ok
11:08:14.0746 6048  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:08:14.0754 6048  WacomPen - ok
11:08:14.0757 6048  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:08:14.0781 6048  WANARP - ok
11:08:14.0783 6048  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:08:14.0806 6048  Wanarpv6 - ok
11:08:14.0820 6048  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:08:14.0844 6048  wbengine - ok
11:08:14.0848 6048  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:08:14.0862 6048  WbioSrvc - ok
11:08:14.0868 6048  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:08:14.0883 6048  wcncsvc - ok
11:08:14.0886 6048  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:08:14.0895 6048  WcsPlugInService - ok
11:08:14.0898 6048  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:08:14.0905 6048  Wd - ok
11:08:14.0913 6048  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:08:14.0931 6048  Wdf01000 - ok
11:08:14.0935 6048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:08:14.0948 6048  WdiServiceHost - ok
11:08:14.0950 6048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:08:14.0962 6048  WdiSystemHost - ok
11:08:14.0966 6048  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:08:14.0981 6048  WebClient - ok
11:08:14.0986 6048  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:08:15.0013 6048  Wecsvc - ok
11:08:15.0017 6048  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:08:15.0043 6048  wercplsupport - ok
11:08:15.0046 6048  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:08:15.0072 6048  WerSvc - ok
11:08:15.0075 6048  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:08:15.0098 6048  WfpLwf - ok
11:08:15.0101 6048  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:08:15.0108 6048  WIMMount - ok
11:08:15.0110 6048  WinDefend - ok
11:08:15.0115 6048  WinHttpAutoProxySvc - ok
11:08:15.0122 6048  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:08:15.0148 6048  Winmgmt - ok
11:08:15.0166 6048  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:08:15.0210 6048  WinRM - ok
11:08:15.0216 6048  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:08:15.0226 6048  WinUsb - ok
11:08:15.0235 6048  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:08:15.0256 6048  Wlansvc - ok
11:08:15.0259 6048  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:08:15.0267 6048  WmiAcpi - ok
11:08:15.0272 6048  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:08:15.0282 6048  wmiApSrv - ok
11:08:15.0285 6048  WMPNetworkSvc - ok
11:08:15.0288 6048  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:08:15.0297 6048  WPCSvc - ok
11:08:15.0300 6048  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:08:15.0310 6048  WPDBusEnum - ok
11:08:15.0313 6048  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:08:15.0337 6048  ws2ifsl - ok
11:08:15.0340 6048  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:08:15.0353 6048  wscsvc - ok
11:08:15.0356 6048  WSearch - ok
11:08:15.0378 6048  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:08:15.0417 6048  wuauserv - ok
11:08:15.0421 6048  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:08:15.0430 6048  WudfPf - ok
11:08:15.0434 6048  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:08:15.0443 6048  WUDFRd - ok
11:08:15.0446 6048  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:08:15.0455 6048  wudfsvc - ok
11:08:15.0459 6048  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:08:15.0470 6048  WwanSvc - ok
11:08:15.0476 6048  ================ Scan global ===============================
11:08:15.0479 6048  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:08:15.0483 6048  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:08:15.0489 6048  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:08:15.0493 6048  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:08:15.0498 6048  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:08:15.0501 6048  [Global] - ok
11:08:15.0502 6048  ================ Scan MBR ==================================
11:08:15.0503 6048  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:08:15.0698 6048  \Device\Harddisk0\DR0 - ok
11:08:15.0700 6048  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:08:15.0781 6048  \Device\Harddisk1\DR1 - ok
11:08:15.0795 6048  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk6\DR7
11:08:19.0270 6048  \Device\Harddisk6\DR7 - ok
11:08:19.0271 6048  ================ Scan VBR ==================================
11:08:19.0273 6048  [ 400F655F45A126CB8E1C519CFD679284 ] \Device\Harddisk0\DR0\Partition1
11:08:19.0274 6048  \Device\Harddisk0\DR0\Partition1 - ok
11:08:19.0276 6048  [ 3EC15BD8304A776CBB54EA3F13527BEE ] \Device\Harddisk0\DR0\Partition2
11:08:19.0277 6048  \Device\Harddisk0\DR0\Partition2 - ok
11:08:19.0292 6048  [ DB3104EF603C4628999A1E7B88DA898D ] \Device\Harddisk1\DR1\Partition1
11:08:19.0293 6048  \Device\Harddisk1\DR1\Partition1 - ok
11:08:19.0301 6048  [ 6B7322CE67371DCFB00CE261F2A2F9FE ] \Device\Harddisk6\DR7\Partition1
11:08:19.0316 6048  \Device\Harddisk6\DR7\Partition1 - ok
11:08:19.0317 6048  ============================================================
11:08:19.0317 6048  Scan finished
11:08:19.0317 6048  ============================================================
11:08:19.0324 2856  Detected object count: 4
11:08:19.0324 2856  Actual detected object count: 4
11:09:01.0756 2856  ICCS ( UnsignedFile.Multi.Generic ) - skipped by user
11:09:01.0756 2856  ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:09:01.0756 2856  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:09:01.0756 2856  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:09:01.0757 2856  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user
11:09:01.0757 2856  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:09:01.0758 2856  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:09:01.0758 2856  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:10:04.0716 4428  Deinitialize success

cosinus · 01.06.2013, 13:32

Bitte MBAR nochmal scannen lassen, solange bis es nichts mehr findet.

Iceinsky69 · 01.06.2013, 21:59

Code:

ATTFilter

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
ff0 :: FLORIAN-PC [administrator]

01.06.2013 22:27:09
mbar-log-2013-06-01 (22-27-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 269122
Time elapsed: 3 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

30.05.2013, 22:13	#27
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	svhost.exe fordert mehr cpu als Crysis 3 auf Ultra (Beim Start) Lies doch bitte mal die Anleitungen richtig, dann würden sich viele Fragen erübrigen __________________ Logfiles bitte immer in CODE-Tags posten

01.06.2013, 13:32	#29
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	svhost.exe fordert mehr cpu als Crysis 3 auf Ultra (Beim Start) Bitte MBAR nochmal scannen lassen, solange bis es nichts mehr findet. __________________ Logfiles bitte immer in CODE-Tags posten

svhost.exe fordert mehr cpu als Crysis 3 auf Ultra (Beim Start)

Log-Analyse und Auswertung: svhost.exe fordert mehr cpu als Crysis 3 auf Ultra (Beim Start)