Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428 (https://www.trojaner-board.de/104804-windows-delayed-write-failed-failed-to-save-all-the-components-for-the-file-system32-0000428-a.html)

TreeOne 05.11.2011 16:27
Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
 
Schönen guten Tag.

Ich habe seit vorhin diesen hier im Forum bereits vorhandenen Trojaner auf meinem Rechner. Bildschirm ist schwarz, alle Dateien wurden versteckt, Startmenü ist leer und das Fehlermeldungsfenster wurde Zig mal geöffnet.

Ich habe Windows 7 auf dem PC.

Die Systemwiederherstellung finde ich im Windowsordner nicht und das Startmenü ist leer.

Und das letzte als funktionierend bekannte Konfigurtion starten wird ebenfalls nicht angezeigt beim Starten.

Deshalb hier direkt das OTL:

HTML-Code:
OTL logfile created on: 05.11.2011 15:59:09 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Sven\Documents
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 55,43% Memory free
7,71 Gb Paging File | 6,07 Gb Available in Paging File | 78,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 1,89 Gb Free Space | 1,62% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 241,79 Gb Free Space | 72,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-BOARD | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011.11.05 15:51:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
PRC - [2011.11.05 14:34:27 | 000,349,184 | -H-- | M] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
PRC - [2011.11.05 14:17:51 | 000,459,776 | -HS- | M] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
PRC - [2011.10.05 16:56:14 | 000,167,960 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2011.10.05 16:56:11 | 001,543,704 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2011.09.27 12:25:58 | 000,099,864 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2011.03.14 13:31:36 | 000,494,616 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
PRC - [2011.03.14 13:31:35 | 000,232,472 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
PRC - [2010.01.05 01:43:36 | 001,597,440 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.24 21:45:36 | 000,053,888 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.10 03:20:36 | 000,096,896 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.10.27 04:29:32 | 006,998,656 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 18:10:42 | 000,174,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.10.01 03:34:22 | 002,314,240 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 03:33:08 | 000,262,144 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.08.20 04:31:48 | 000,170,624 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.17 12:44:11 | 000,085,160 | -H-- | M] (Elaborate Bytes AG) -- D:\Programme\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.05.18 23:58:38 | 000,305,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.20 16:20:40 | 002,327,552 | -H-- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.04.20 16:20:30 | 000,009,216 | -H-- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011.10.14 02:54:33 | 000,997,888 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll
MOD - [2011.10.14 02:44:22 | 000,212,992 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\cabd75d4716ede2fed948cbff94dcc38\System.ServiceProcess.ni.dll
MOD - [2011.10.14 02:43:55 | 000,771,584 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 02:43:52 | 000,627,200 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\834be57d8ab824b4ebcbf01161791d70\System.Transactions.ni.dll
MOD - [2011.10.14 02:43:51 | 006,618,624 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll
MOD - [2011.10.14 02:43:03 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:42:51 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.14 02:42:20 | 000,680,960 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\9b8dcad25a3be7d4a3f3b8b384f3190a\System.Security.ni.dll
MOD - [2011.10.14 02:42:15 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.14 02:42:08 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.14 02:42:07 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.14 02:41:53 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2010.01.05 01:43:36 | 001,597,440 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.24 21:45:36 | 000,053,888 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009.08.04 10:49:47 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.08.04 10:49:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 02:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2009.07.14 02:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.06.10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007.11.30 19:20:44 | 000,051,768 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010.09.06 11:09:44 | 000,859,712 | -H-- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:[b]64bit:[/b] - [2010.01.22 02:01:11 | 000,202,752 | -H-- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009.12.08 00:16:34 | 000,379,520 | -H-- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009.11.27 04:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009.09.29 17:32:31 | 000,570,632 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:[b]64bit:[/b] - [2009.09.29 17:32:29 | 000,917,768 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:[b]64bit:[/b] - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011.10.05 16:56:14 | 000,167,960 | -H-- | M] (Sophos Limited) [Unknown | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2011.10.05 16:56:11 | 001,543,704 | -H-- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2011.09.27 12:25:58 | 000,099,864 | -H-- | M] (Sophos Limited) [Unknown | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2011.03.14 13:31:35 | 000,232,472 | -H-- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.10 03:20:36 | 000,096,896 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 03:34:22 | 002,314,240 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 03:33:08 | 000,262,144 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.16 01:30:42 | 000,084,536 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.20 16:20:30 | 000,009,216 | -H-- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011.10.05 16:56:13 | 000,144,672 | -H-- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\SysNative\drivers\savonaccess.sys -- (SAVOnAccess)
DRV:[b]64bit:[/b] - [2011.09.27 12:25:53 | 000,026,104 | -H-- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdcfilter.sys -- (sdcfilter)
DRV:[b]64bit:[/b] - [2011.09.27 12:25:50 | 000,025,608 | -H-- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV:[b]64bit:[/b] - [2011.03.11 07:22:41 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 07:22:40 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010.08.29 14:28:09 | 000,314,016 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010.08.29 14:28:09 | 000,043,680 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010.07.30 18:30:26 | 000,309,840 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:[b]64bit:[/b] - [2010.07.30 18:30:20 | 000,042,576 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:[b]64bit:[/b] - [2010.07.30 18:24:14 | 001,988,176 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:[b]64bit:[/b] - [2010.04.28 07:57:50 | 000,061,288 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010.01.22 02:13:23 | 006,233,088 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010.01.22 02:13:23 | 006,233,088 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010.01.22 01:07:55 | 000,161,280 | -H-- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010.01.18 13:37:57 | 000,128,512 | -H-- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009.12.17 23:25:17 | 000,034,472 | -H-- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2009.11.27 04:39:45 | 000,505,344 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2009.11.13 10:47:35 | 000,067,072 | -H-- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009.10.05 02:33:59 | 001,542,656 | -H-- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009.09.30 02:34:31 | 000,121,872 | -H-- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009.09.29 17:33:17 | 000,107,536 | -H-- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2009.09.17 20:54:54 | 000,056,344 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009.08.21 07:48:17 | 000,044,032 | -H-- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009.08.12 04:38:01 | 001,799,680 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009.08.09 22:25:45 | 000,036,352 | -H-- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2009.08.06 22:24:13 | 000,408,600 | -H-- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009.07.20 10:29:39 | 000,015,416 | -H-- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 02:47:48 | 000,077,888 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.06.10 21:35:57 | 000,056,832 | -H-- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009.05.13 17:07:20 | 000,015,928 | -H-- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,167,424 | -H-- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,784 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,784 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,656 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,656 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,011,776 | RH-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2008.05.24 01:27:28 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 01:36:14 | 000,015,416 | -H-- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\Programme\Firefox\components [2011.10.06 19:48:01 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\Programme\Firefox\plugins [2011.04.03 13:17:15 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: D:\Programme\Thunderbird\components [2011.10.06 15:11:27 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: D:\Programme\Thunderbird\plugins
 
[2010.08.14 17:43:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2011.04.03 12:29:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\48u4ccih.default\extensions
[2011.03.12 21:57:49 | 000,000,000 | -H-D | M] (Modify Headers) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\48u4ccih.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Limited)
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [GNMdXaDCqs.exe] C:\ProgramData\GNMdXaDCqs.exe (Recover Inc)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Programme\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2BB58AB-63FA-450D-9ED1-0AE51B0AE820}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1C7B536-E58F-4EBF-801F-2E05EDFAE7E9}: NameServer = 137.193.10.34,137.193.10.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E918C3F8-9948-43DE-8750-2C7DA2E3DEE4}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Limited)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) -C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{17e7e328-a7bb-11df-9fe3-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7e328-a7bb-11df-9fe3-485b39e6c158}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{17e7e335-a7bb-11df-9fe3-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7e335-a7bb-11df-9fe3-485b39e6c158}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{afd7ac68-be6d-11df-97cc-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{afd7ac68-be6d-11df-97cc-485b39e6c158}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2011.11.05 15:56:54 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
[2011.11.05 14:25:53 | 000,000,000 | -H-D | C] -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.11.05 14:25:51 | 000,000,000 | -H-D | C] -- C:\Users\Sven\AppData\Local\Sophos
[2011.11.05 14:20:50 | 000,349,184 | -H-- | C] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.11.05 14:18:08 | 000,459,776 | -HS- | C] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
[2011.11.05 14:17:00 | 000,000,000 | ---D | C] -- C:\Windows\system64
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2011.11.05 15:59:00 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 15:59:00 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 15:51:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
[2011.11.05 15:51:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.05 15:51:11 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.05 14:36:31 | 000,000,456 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.11.05 14:34:27 | 000,349,184 | -H-- | M] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.11.05 14:29:57 | 001,507,342 | -H-- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.05 14:29:57 | 000,657,910 | -H-- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.05 14:29:57 | 000,619,146 | -H-- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.05 14:29:57 | 000,131,250 | -H-- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.05 14:29:57 | 000,107,466 | -H-- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.05 14:25:53 | 000,000,659 | -H-- | M] () -- C:\Users\Sven\Desktop\System Restore.lnk
[2011.11.05 14:24:45 | 000,001,892 | -H-- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.11.05 14:17:51 | 000,459,776 | -HS- | M] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
[2011.11.02 12:49:44 | 000,001,359 | -H-- | M] () -- C:\Users\Sven\Desktop\RZ_Drucker.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.11.05 14:34:46 | 000,000,456 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.11.05 14:25:53 | 000,000,659 | -H-- | C] () -- C:\Users\Sven\Desktop\System Restore.lnk
[2011.07.06 22:38:11 | 000,033,631 | -H-- | C] () -- C:\Windows\DIIUnin.dat
[2011.06.26 20:38:22 | 000,007,605 | -H-- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2011.03.05 23:09:44 | 000,043,520 | -H-- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.03.05 21:58:21 | 000,021,840 | -H-- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.03.05 21:58:21 | 000,017,212 | -H-- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.03.05 21:58:21 | 000,012,067 | -H-- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.01.04 20:06:01 | 000,000,495 | -H-- | C] () -- C:\Windows\SIERRA.INI
[2010.12.27 15:52:59 | 000,000,040 | -H-- | C] () -- C:\ProgramData\ra3.ini
[2010.12.26 23:17:27 | 000,000,996 | -H-- | C] () -- C:\Windows\eReg.dat
[2010.08.28 11:52:11 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.14 22:04:59 | 000,000,024 | -H-- | C] () -- C:\Windows\ATKPF.ini
[2010.08.14 18:20:09 | 000,004,608 | -H-- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.14 17:01:26 | 007,122,826 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.21 21:19:47 | 000,053,248 | -H-- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.05.21 20:58:57 | 000,001,035 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.21 20:40:49 | 000,131,368 | -H-- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.21 19:46:56 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2009.10.26 04:38:22 | 000,000,176 | -H-- | C] () -- C:\Windows\explorer.exe.config
[2009.08.19 09:33:09 | 000,020,480 | -H-- | C] () -- C:\Windows\OOBEPlayer.exe
[2009.08.19 09:33:09 | 000,000,232 | -H-- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 06:20:40 | 000,000,010 | -H-- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.09 12:44:42 | 000,108,066 | RH-- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2006.05.19 04:39:57 | 000,015,497 | -H-- | C] () -- C:\Windows\snp2uvc.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.08.14 13:27:28 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Asus WebStorage
[2010.12.29 16:57:09 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\bizarre creations
[2011.06.23 18:13:27 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.05.28 17:14:23 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\ICQ
[2010.10.07 18:45:48 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\OpenOffice.org
[2010.11.28 12:39:42 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\PhotoFiltre
[2011.10.11 21:05:23 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\SpinTop
[2011.04.29 16:40:12 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Subversion
[2011.10.06 15:11:55 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Thunderbird
[2010.08.29 15:44:48 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Ubisoft
[2010.08.14 16:51:33 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Vodafone
[2011.10.04 09:25:09 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Xerox
[2011.08.21 21:46:44 | 000,032,632 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:7D6EC5BE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:196FC0A6

< End of report >

Hier das Extras:

HTML-Code:
OTL Extras logfile created on: 05.11.2011 15:59:09 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Sven\Documents
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 55,43% Memory free
7,71 Gb Paging File | 6,07 Gb Available in Paging File | 78,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 1,89 Gb Free Space | 1,62% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 241,79 Gb Free Space | 72,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-BOARD | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{489F2C5A-83B9-79D5-714C-1DEF32A898E5}" = ATI AVIVO64 Codecs
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{74E85F31-573F-45BF-8939-4D2BCDCC2083}" = LEGO MINDSTORMS NXT Driver for x64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{AA5A2780-10FC-913C-B8AA-FE42DFDBAA42}" = ccc-utility64
"{D0528577-31BF-2ABC-D7FC-E443EBF8B40A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam
"ASUS WebStorage" = ASUS WebStorage
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{182A1405-9660-F35E-4910-2F4804EF9CD1}" = Catalyst Control Center Core Implementation
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E9165D4-D1BB-A8FF-4D81-4769904075BE}" = CCC Help Spanish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2271DC83-BDCA-B742-0F66-51C548D83878}" = CCC Help Hungarian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{2458E345-90BF-A135-A9F6-7B79E5A1B034}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2801377C-AED0-9DF8-8C13-DE5B8A255E01}" = CCC Help Italian
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2944D228-BD9D-293C-9207-36F3F83200C7}" = Catalyst Control Center Graphics Full Existing
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BE54333-0A35-B568-B9B6-BBAC93363F07}" = CCC Help Polish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{321CA409-D308-D275-FD2E-07745286F7B1}" = CCC Help Portuguese
"{394B8A28-0984-B687-DC3D-600A83E3D8AB}" = ccc-core-static
"{3C168069-602E-D4DE-AAEA-C83395FD7CBB}" = CCC Help German
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{507BF84D-922E-367A-1B91-2C92A8626627}" = CCC Help Finnish
"{56670C91-F1BA-86BC-0AAE-8605B726EF2F}" = CCC Help Russian
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57CB36B6-4884-535F-9379-34560046C912}" = CCC Help Dutch
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{611ED207-22E5-4543-B9D3-E73096759A4F}" = LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698E45C8-5054-554F-51CB-68847E4B0BA5}" = CCC Help Greek
"{6C1D47CC-682C-4673-8CA8-DEE659628599}" = LEGO MINDSTORMS NXT Migration Package
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719C5E05-B9B2-EBBB-766D-2A1245147DF9}" = Catalyst Control Center Graphics Previews Common
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77498F29-4EFE-159E-DB0E-8E36C3E2B473}" = CCC Help Danish
"{788A7564-40B9-4993-78AF-1852D423781E}" = CCC Help Chinese Traditional
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{91D02903-7EDB-2A1F-C19F-8EBB335BA708}" = CCC Help Chinese Standard
"{95F1EE6A-2C0E-5CE9-8042-287E11DFA089}" = Catalyst Control Center InstallProxy
"{9933221A-32B7-75A8-A496-713191B260CC}" = CCC Help Norwegian
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C28D1FA-B33F-AA17-9A87-FA556C5B6C2D}" = CCC Help English
"{9C976EB6-3C08-3B82-0162-26513153E347}" = CCC Help French
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9EC8C2B7-74F5-EEDC-E3F2-3E13564ABF8D}" = Catalyst Control Center Graphics Light
"{A0306AD8-1D8C-A5BB-6311-81A42370EEB9}" = Catalyst Control Center Graphics Previews Vista
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB77649D-25F2-EC99-67CD-A1B2F9862199}" = CCC Help Turkish
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0474B6D-9508-9D4F-694A-9C78F06BB037}" = CCC Help Swedish
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = EE-ZDE
"{B5529701-E380-06B7-14A8-D24EC95B5CD2}" = CCC Help Japanese
"{BA32FA50-7D3C-F111-9E79-619774EDB517}" = Catalyst Control Center Localization All
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD9CA010-1B74-B806-F4B7-C2175EE3AC2C}" = CCC Help Korean
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}" = LEGO MINDSTORMS NXT Software v2.0
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect Lite
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F5E5DFE5-37AC-61A7-1A57-6741C243C96F}" = CCC Help Czech
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF250E8C-2925-C0C8-71EF-C456BE470759}" = CCC Help Thai
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS AP Bank_is1" = ASUS AP Bank
"CCleaner" = CCleaner (remove only)
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX-Setup
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"Plants vs. Zombies" = Plants vs. Zombies
"PlugY, The Survival Kit" = PlugY, The Survival Kit
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"PhotoFiltre" = PhotoFiltre
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Und hier noch meine installierten Dateien:

HTML-Code:
AC3Filter 1.63b        Alexander Vigovsky        13.12.2010                1.63b
Acrobat.com        Adobe Systems Incorporated        20.05.2010        1,61MB        1.6.65
Adobe AIR        Adobe Systems Inc.        20.05.2010                1.5.0.7220
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        20.05.2010                10.0.32.18
Adobe Flash Player 11 Plugin 64-bit        Adobe Systems Incorporated        21.10.2011        6,00MB        11.0.1.152
Adobe Reader 9.2 MUI        Adobe Systems Incorporated        11.09.2011        653MB        9.2.0
Alcor Micro USB Card Reader        Alcor Micro Corp.        20.05.2010        2,89MB        1.5.17.25482
ANNO 1404        Ubisoft        04.09.2010                1.02.0000
Apple Application Support        Apple Inc.        11.02.2011        52,8MB        1.4.1
Apple Software Update        Apple Inc.        11.02.2011        2,16MB        2.1.1.116
ASUS AI Recovery        ASUS        20.05.2010        2,76MB        1.0.9
ASUS AP Bank        ASUSTEK        20.05.2010                1.0.0.0
ASUS FancyStart        ASUSTeK Computer Inc.        20.05.2010        12,1MB        1.0.8
ASUS LifeFrame3        ASUS        20.05.2010        27,7MB        3.0.20
ASUS Live Update        ASUS        20.05.2010                2.5.9
ASUS MultiFrame        ASUS        20.05.2010                1.0.0019
ASUS Power4Gear Hybrid        ASUS        20.05.2010        12,2MB        1.1.33
ASUS SmartLogon        ASUS        20.05.2010        10,9MB        1.0.0007
ASUS Splendid Video Enhancement Technology        ASUS        20.05.2010        24,4MB        1.02.0028
ASUS USB2.0 UVC VGA WebCam        Sonix        20.05.2010                5.8.53120.202
ASUS Virtual Camera        asus        20.05.2010        3,12MB        1.0.19
ASUS WebStorage        eCareme Technologies, Inc.        20.05.2010                2.0.40.1319
ATI Catalyst Install Manager        ATI Technologies, Inc.        20.05.2010        22,1MB        3.0.758.0
ATK Package        ASUS        20.05.2010        13,5MB        1.0.0001
CCleaner        Piriform        04.11.2011                3.12
CodeBlocks        The Code::Blocks Team        09.10.2011                10.05
Command & Conquer 3        Ihr Firmenname        22.06.2011        1.000MB        1.00.0000
ControlDeck        ASUS        20.05.2010        1,87MB        1.0.5
Diablo II                05.07.2011               
DivX-Setup        DivX, Inc.        29.10.2010                2.1.2.2
EE-ZDE                03.01.2011               
Empire Earth                03.01.2011               
ETDWare PS/2-x64 7.0.5.10_WHQL        ELAN Microelectronics Corp.        20.05.2010                7.0.5.10
Fast Boot        ASUS        20.05.2010        1,47MB        1.0.5
ICQ7.5        ICQ        19.04.2011                7.5
IDT Audio        IDT        20.05.2010                1.0.6259.0
Intel(R) Management Engine Components        Intel Corporation        21.05.2010                6.0.0.1179
Java(TM) 6 Update 23        Oracle        11.03.2010        95,0MB        6.0.230
K_Series_ScreenSaver_EN                20.05.2010               
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket        The LEGO Group        24.02.2011        43,4MB        2.0.100.0
LEGO MINDSTORMS NXT Driver for x64        LEGO        24.02.2011        1,55MB        1.17.770
LEGO MINDSTORMS NXT Migration Package        LEGO        24.02.2011        0,72MB        1.2.8.0
LEGO MINDSTORMS NXT Software v2.0        LEGO        24.02.2011        296MB        2.0.108.0
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        24.11.2010        38,8MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        24.11.2010        2,94MB        4.0.30319
Microsoft Silverlight        Microsoft Corporation        13.10.2011        200MB        4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        13.08.2010        1,72MB        3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)        Microsoft Corporation        13.08.2010        0,61MB        1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)        Microsoft Corporation        13.08.2010        1,45MB        1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        14.08.2010        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        15.06.2011        0,29MB        8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        29.05.2011        0,20MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570        Microsoft Corporation        14.04.2011        0,77MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        Microsoft Corporation        06.10.2010        1,71MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        20.05.2010        0,77MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        15.06.2011        0,77MB        9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        28.05.2011        2,06MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        15.06.2011        0,59MB        9.0.30729.6161
Mouse Recorder Pro 1.3        Nemex        13.03.2011               
Mozilla Firefox 7.0.1 (x86 de)        Mozilla        05.10.2011        51,4MB        7.0.1
Mozilla Thunderbird (7.0.1)        Mozilla        05.10.2011                7.0.1 (de)
MSXML 4.0 SP3 Parser (KB973685)        Microsoft Corporation        20.05.2010        1,53MB        4.30.2107.0
OpenOffice.org 3.2        OpenOffice.org        06.10.2010        363MB        3.2.9502
PhotoFiltre                27.11.2010               
Plants vs. Zombies        Spintop Media, Inc        10.10.2011               
PlugY, The Survival Kit                05.07.2011                10.00
QuickTime        Apple Inc.        11.02.2011        73,7MB        7.69.80.9
Skype™ 5.3        Skype Technologies S.A.        22.06.2011        16,6MB        5.3.120
Sophos Anti-Virus        Sophos Limited        01.11.2011        27,1MB        9.7.6
Sophos AutoUpdate        Sophos Limited        26.09.2011        9,01MB        2.5.10
Trend Micro Internet Security        Trend Micro Inc.        20.05.2010        94,2MB        17.50
VirtualCloneDrive        Elaborate Bytes        28.08.2010               
VLC media player 1.1.4        VideoLAN        12.10.2010                1.1.4
Vodafone Mobile Connect Lite        Vodafone        13.08.2010        22,7MB        9.4.2.14731
Windows Live Essentials        Microsoft Corporation        13.08.2010                14.0.8117.0416
Windows Live ID-Anmelde-Assistent        Microsoft Corporation        24.10.2010        10,0MB        6.500.3165.0
Windows Live OneCare safety scanner        Microsoft Corporation        30.10.2010               
Windows Live Sync        Microsoft Corporation        13.08.2010        2,79MB        14.0.8117.416
Windows Live-Uploadtool        Microsoft Corporation        13.08.2010        0,22MB        14.0.8014.1029
WinFlash        ASUS        20.05.2010        1,29MB        2.29.0
WinRAR archiver                25.08.2010               
Wireless Console 3        ASUS        20.05.2010        2,43MB        3.0.15

markusg 05.11.2011 16:36
hiho
bitte keine reinigungsversuche mehr selbst unternehmen, nur nach anleitung.
achtung!
dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
:Files
C:\ProgramData\6DSS92c31Apgjk.exe
C:\ProgramData\6DSS92c31Apgjk.exe
:Commands
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.


lade unhide:
http://filepony.de/download-unhide/
doppelklicken, dateien werden sichtbar
öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html

TreeOne 05.11.2011 16:50
Wo befindet ´sich das Textdokument? Lade jetzt das MovedFiles.rar hoh...

markusg 05.11.2011 16:51
da ists dann drinn, passt schon.
symbole wieder sichtbar? wie siehts im start menü aus?

TreeOne 05.11.2011 17:01
Soeben Hochgeladen.

Die Programme werden im Startmenü jetzt wieder angezeigt. Desktop immernoch schwarz. Symbole sind noch weg.

markusg 05.11.2011 17:08
das machen wir schon :-)
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

TreeOne 05.11.2011 17:32
Sooo, das Programm läuft, aber trotz deaktiviertem Sophos hat es noch "Verdächtiges Verhalten" festgestellt und HIPS/RegMod-021 in Quarantäne verschoben.

Nur als Zwischeninformation.

TreeOne 05.11.2011 18:37
So durchgelaufen.
Auf dem Rechner habe ich jetzt leider kein Internet mehr und im Leitfaden fehlt die erklärung, wie ich ds behebe. Da hört der Satz mittendrin auf..


Combofix Logfile:
Code:
ComboFix 11-11-05.02 - Sven 05.11.2011  17:33:36.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.3949.2130 [GMT 1:00]
ausgeführt von:: c:\users\Sven\Desktop\ComboFix.exe
AV: Sophos Anti-Virus *Disabled/Updated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
AV: Trend Micro Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Sophos Anti-Virus *Disabled/Updated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
SP: Trend Micro Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\6DSS92c31Apgjk.exe
c:\programdata\FullRemove.exe
c:\programdata\GNMdXaDCqs.exe
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\System Restore.lnk
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\Uninstall System Restore.lnk
c:\windows\security\Database\tmp.edb
c:\windows\system32\consrv.dll
c:\windows\System64
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-10-05 bis 2011-11-05  ))))))))))))))))))))))))))))))
.
.
2011-11-05 17:06 . 2011-11-05 17:06        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-11-05 17:06 . 2011-11-05 17:06        --------        d-----w-        c:\users\Baum\AppData\Local\temp
2011-11-05 15:41 . 2011-11-05 15:48        --------        d-----w-        C:\_OTL
2011-11-05 14:33 . 2011-11-05 17:13        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC656691-AF03-4D1E-8E71-DCD0961E5532}\offreg.dll
2011-11-05 14:12 . 2011-11-05 15:50        1536322        ----a-w-        c:\windows\system32\PerfStringBackup.TMP
2011-11-05 13:25 . 2011-11-05 13:25        --------        d-----w-        c:\users\Sven\AppData\Local\Sophos
2011-11-05 00:18 . 2011-10-07 04:16        8570192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC656691-AF03-4D1E-8E71-DCD0961E5532}\mpengine.dll
2011-10-22 07:49 . 2011-10-22 07:49        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-22 07:49 . 2011-10-22 07:49        --------        d-----w-        c:\programdata\McAfee
2011-10-22 07:48 . 2011-10-22 07:48        --------        d-----w-        c:\windows\system32\Macromed
2011-10-16 17:40 . 2011-10-16 17:43        --------        d-----w-        c:\users\Sven\Citrix
2011-10-13 04:27 . 2011-09-06 03:07        3134976        ----a-w-        c:\windows\system32\win32k.sys
2011-10-13 04:26 . 2011-08-17 05:32        613888        ----a-w-        c:\windows\system32\psisdecd.dll
2011-10-13 04:26 . 2011-08-17 05:27        288256        ----a-w-        c:\windows\system32\MSNP.ax
2011-10-13 04:26 . 2011-08-17 05:27        108032        ----a-w-        c:\windows\system32\psisrndr.ax
2011-10-13 04:26 . 2011-08-17 05:27        104960        ----a-w-        c:\windows\system32\Mpeg2Data.ax
2011-10-13 04:26 . 2011-08-17 04:26        465408        ----a-w-        c:\windows\SysWow64\psisdecd.dll
2011-10-13 04:26 . 2011-08-17 04:22        75776        ----a-w-        c:\windows\SysWow64\psisrndr.ax
2011-10-13 04:26 . 2011-08-17 04:22        204288        ----a-w-        c:\windows\SysWow64\MSNP.ax
2011-10-13 04:26 . 2011-08-17 05:27        75776        ----a-w-        c:\windows\system32\MSDvbNP.ax
2011-10-13 04:26 . 2011-08-17 04:22        72704        ----a-w-        c:\windows\SysWow64\Mpeg2Data.ax
2011-10-13 04:26 . 2011-08-17 04:22        59904        ----a-w-        c:\windows\SysWow64\MSDvbNP.ax
2011-10-13 04:25 . 2011-08-27 05:40        861184        ----a-w-        c:\windows\system32\oleaut32.dll
2011-10-13 04:25 . 2011-08-27 05:40        331776        ----a-w-        c:\windows\system32\oleacc.dll
2011-10-13 04:25 . 2011-08-27 04:43        571904        ----a-w-        c:\windows\SysWow64\oleaut32.dll
2011-10-13 04:25 . 2011-08-27 04:43        233472        ----a-w-        c:\windows\SysWow64\oleacc.dll
2011-10-11 20:06 . 2011-10-11 20:06        --------        d-----w-        c:\programdata\SpinTop Games
2011-10-11 20:05 . 2011-10-11 20:05        --------        d-----w-        c:\program files (x86)\Plants vs. Zombies
2011-10-11 20:05 . 2011-10-11 20:05        --------        d-----w-        c:\users\Sven\AppData\Roaming\SpinTop
2011-10-10 13:18 . 2011-10-25 08:46        --------        d-----w-        c:\users\Sven\AppData\Roaming\codeblocks
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-05 15:56 . 2011-10-05 15:56        144672        ----a-w-        c:\windows\system32\drivers\savonaccess.sys
2011-09-27 11:25 . 2011-09-27 11:26        37400        ----a-w-        c:\windows\system32\SophosBootTasks.exe
2011-09-27 11:25 . 2011-09-27 11:25        26104        ----a-w-        c:\windows\system32\drivers\sdcfilter.sys
2011-09-27 11:25 . 2011-09-27 11:25        183024        ----a-w-        c:\windows\system32\sdccoinstaller.dll
2011-09-27 11:25 . 2011-09-27 11:25        25608        ----a-w-        c:\windows\system32\drivers\SophosBootDriver.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-04-20 2327552]
"VirtualCloneDrive"="d:\programme\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2011-03-14 494616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-5-21 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [x]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2009-09-29 917768]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [x]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [x]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2011-10-05 167960]
S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2011-09-27 99864]
S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2011-10-05 1543704]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"combofix"="c:\combofix\CF27265.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://asus.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - d:\programme\ICQ\ICQ7.5\ICQ.exe
TCP: Interfaces\{C1C7B536-E58F-4EBF-801F-2E05EDFAE7E9}: NameServer = 137.193.10.34,137.193.10.21
FF - ProfilePath - c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\48u4ccih.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-GNMdXaDCqs.exe - c:\programdata\GNMdXaDCqs.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3196232079-2252133149-874781267-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:08,fc,2f,92,5d,17,44,82,90,eb,32,30,95,5d,a5,9a,8d,8c,18,d5,ee,ca,6e,
  40,52,d2,26,27,43,92,b7,93,ef,d7,d0,51,59,f5,59,36,fd,98,c1,f9,2b,03,4c,85,\
"??"=hex:d2,8a,3d,7f,d6,ee,ff,ab,38,51,7b,8c,dc,d7,d2,0c
.
[HKEY_USERS\S-1-5-21-3196232079-2252133149-874781267-1000\Software\SecuROM\License information*]
"datasecu"=hex:b4,8b,a6,33,e8,cd,1d,31,99,ef,6a,cb,b3,3c,8d,5d,bf,cb,4f,be,ce,
  60,d7,dc,2a,e0,40,b6,cd,1b,11,22,ec,a3,ef,3c,8e,37,e6,19,76,90,4a,a9,16,d0,\
"rkeysecu"=hex:9c,0c,d1,33,2c,54,52,e0,ce,ad,c9,40,a8,7b,93,84
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Sophos\AutoUpdate\ALsvc.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-05  18:32:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-05 17:31
.
Vor Suchlauf: 1.636.003.840 Bytes frei
Nach Suchlauf: 2.047.213.568 Bytes frei
.
- - End Of File - - FE6D7A5FB4AC07572C0F51144C6E04B6
--- --- ---

markusg 05.11.2011 18:39
öffne mal computer, c: qoobox, quarantain mit rechtsklick, und dann packen, und im upload channel hochladen bitte

TreeOne 05.11.2011 18:48
Hochgeladen über USB Stick und 2tem PC da mein internet gekillt wurde.

markusg 05.11.2011 18:49
ist das inet auch nach neustart inaktiev?

TreeOne 05.11.2011 18:55
Ok, nach weiterem Neustart geht Internet jetzt wieder.

markusg 05.11.2011 18:59
nutze mal den tdss killer, nichts löschen nur log posten
http://www.trojaner-board.de/82358-t...entfernen.html

TreeOne 05.11.2011 19:05
Gesagt, getan :)

HTML-Code:
19:04:01.0558 4416        TDSS rootkit removing tool 2.6.15.0 Nov  3 2011 17:15:49
19:04:01.0636 4416        ============================================================
19:04:01.0636 4416        Current date / time: 2011/11/05 19:04:01.0636
19:04:01.0636 4416        SystemInfo:
19:04:01.0636 4416       
19:04:01.0636 4416        OS Version: 6.1.7600 ServicePack: 0.0
19:04:01.0636 4416        Product type: Workstation
19:04:01.0636 4416        ComputerName: ASUS-BOARD
19:04:01.0636 4416        UserName: Sven
19:04:01.0636 4416        Windows directory: C:\Windows
19:04:01.0636 4416        System windows directory: C:\Windows
19:04:01.0636 4416        Running under WOW64
19:04:01.0636 4416        Processor architecture: Intel x64
19:04:01.0636 4416        Number of processors: 4
19:04:01.0636 4416        Page size: 0x1000
19:04:01.0636 4416        Boot type: Normal boot
19:04:01.0636 4416        ============================================================
19:04:02.0213 4416        Initialize success
19:04:19.0155 5664        ============================================================
19:04:19.0155 5664        Scan started
19:04:19.0155 5664        Mode: Manual; SigCheck; TDLFS;
19:04:19.0155 5664        ============================================================
19:04:19.0451 5664        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
19:04:19.0545 5664        1394ohci - ok
19:04:19.0670 5664        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
19:04:19.0685 5664        ACPI - ok
19:04:19.0716 5664        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
19:04:19.0794 5664        AcpiPmi - ok
19:04:19.0904 5664        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:04:19.0919 5664        adp94xx - ok
19:04:19.0950 5664        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:04:19.0966 5664        adpahci - ok
19:04:19.0997 5664        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:04:20.0013 5664        adpu320 - ok
19:04:20.0153 5664        AFD            (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
19:04:20.0216 5664        AFD - ok
19:04:20.0325 5664        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
19:04:20.0340 5664        agp440 - ok
19:04:20.0387 5664        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
19:04:20.0403 5664        aliide - ok
19:04:20.0528 5664        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
19:04:20.0543 5664        amdide - ok
19:04:20.0574 5664        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:04:20.0621 5664        AmdK8 - ok
19:04:20.0824 5664        amdkmdag        (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys
19:04:20.0964 5664        amdkmdag - ok
19:04:21.0027 5664        amdkmdap        (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys
19:04:21.0058 5664        amdkmdap - ok
19:04:21.0152 5664        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:04:21.0183 5664        AmdPPM - ok
19:04:21.0292 5664        amdsata        (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
19:04:21.0292 5664        amdsata - ok
19:04:21.0370 5664        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:04:21.0370 5664        amdsbs - ok
19:04:21.0401 5664        amdxata        (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
19:04:21.0417 5664        amdxata - ok
19:04:21.0510 5664        AmUStor        (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
19:04:21.0557 5664        AmUStor - ok
19:04:21.0682 5664        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:04:21.0776 5664        AppID - ok
19:04:21.0885 5664        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:04:21.0900 5664        arc - ok
19:04:21.0947 5664        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:04:21.0963 5664        arcsas - ok
19:04:22.0041 5664        ASMMAP64        (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:04:22.0088 5664        ASMMAP64 - ok
19:04:22.0197 5664        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:04:22.0322 5664        AsyncMac - ok
19:04:22.0431 5664        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
19:04:22.0446 5664        atapi - ok
19:04:22.0493 5664        athr            (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
19:04:22.0571 5664        athr - ok
19:04:22.0696 5664        AtiHdmiService  (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
19:04:22.0712 5664        AtiHdmiService - ok
19:04:22.0868 5664        atikmdag        (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atikmdag.sys
19:04:22.0961 5664        atikmdag - ok
19:04:23.0070 5664        atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
19:04:23.0086 5664        atksgt - ok
19:04:23.0195 5664        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:04:23.0242 5664        b06bdrv - ok
19:04:23.0351 5664        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:04:23.0382 5664        b57nd60a - ok
19:04:23.0492 5664        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:04:23.0538 5664        Beep - ok
19:04:23.0663 5664        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:04:23.0710 5664        blbdrive - ok
19:04:23.0819 5664        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
19:04:23.0866 5664        bowser - ok
19:04:23.0991 5664        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:04:24.0006 5664        BrFiltLo - ok
19:04:24.0069 5664        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:04:24.0100 5664        BrFiltUp - ok
19:04:24.0225 5664        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:04:24.0287 5664        Brserid - ok
19:04:24.0396 5664        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:04:24.0443 5664        BrSerWdm - ok
19:04:24.0552 5664        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:04:24.0584 5664        BrUsbMdm - ok
19:04:24.0630 5664        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:04:24.0646 5664        BrUsbSer - ok
19:04:24.0708 5664        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:04:24.0724 5664        BTHMODEM - ok
19:04:24.0818 5664        catchme - ok
19:04:24.0896 5664        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:04:24.0942 5664        cdfs - ok
19:04:24.0989 5664        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:04:25.0020 5664        cdrom - ok
19:04:25.0161 5664        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:04:25.0192 5664        circlass - ok
19:04:25.0254 5664        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:04:25.0270 5664        CLFS - ok
19:04:25.0426 5664        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:04:25.0457 5664        CmBatt - ok
19:04:25.0504 5664        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
19:04:25.0504 5664        cmdide - ok
19:04:25.0551 5664        CNG            (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
19:04:25.0582 5664        CNG - ok
19:04:25.0707 5664        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:04:25.0722 5664        Compbatt - ok
19:04:25.0785 5664        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:04:25.0816 5664        CompositeBus - ok
19:04:25.0956 5664        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:04:25.0956 5664        crcdisk - ok
19:04:26.0097 5664        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
19:04:26.0144 5664        DfsC - ok
19:04:26.0237 5664        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:04:26.0300 5664        discache - ok
19:04:26.0424 5664        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:04:26.0440 5664        Disk - ok
19:04:26.0502 5664        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:04:26.0534 5664        drmkaud - ok
19:04:26.0643 5664        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
19:04:26.0674 5664        DXGKrnl - ok
19:04:26.0768 5664        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:04:26.0830 5664        ebdrv - ok
19:04:26.0970 5664        ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:04:26.0986 5664        ElbyCDIO - ok
19:04:27.0064 5664        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:04:27.0095 5664        elxstor - ok
19:04:27.0111 5664        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
19:04:27.0142 5664        ErrDev - ok
19:04:27.0251 5664        ETD            (06c94be9d9e1e6411429433a64a76936) C:\Windows\system32\DRIVERS\ETD.sys
19:04:27.0298 5664        ETD - ok
19:04:27.0407 5664        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:04:27.0454 5664        exfat - ok
19:04:27.0532 5664        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:04:27.0579 5664        fastfat - ok
19:04:27.0688 5664        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:04:27.0719 5664        fdc - ok
19:04:27.0844 5664        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:04:27.0860 5664        FileInfo - ok
19:04:27.0891 5664        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:04:27.0938 5664        Filetrace - ok
19:04:28.0062 5664        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:04:28.0094 5664        flpydisk - ok
19:04:28.0203 5664        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:04:28.0203 5664        FltMgr - ok
19:04:28.0265 5664        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:04:28.0281 5664        FsDepends - ok
19:04:28.0390 5664        fssfltr        (2bf3b36b96d015af666b6aa63ae2e38f) C:\Windows\system32\DRIVERS\fssfltr.sys
19:04:28.0406 5664        fssfltr - ok
19:04:28.0437 5664        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:04:28.0452 5664        Fs_Rec - ok
19:04:28.0546 5664        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:04:28.0562 5664        fvevol - ok
19:04:28.0640 5664        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:04:28.0655 5664        gagp30kx - ok
19:04:28.0702 5664        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:04:28.0749 5664        hcw85cir - ok
19:04:28.0874 5664        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:04:28.0920 5664        HdAudAddService - ok
19:04:29.0045 5664        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:04:29.0092 5664        HDAudBus - ok
19:04:29.0201 5664        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
19:04:29.0217 5664        HECIx64 - ok
19:04:29.0264 5664        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:04:29.0295 5664        HidBatt - ok
19:04:29.0388 5664        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:04:29.0420 5664        HidBth - ok
19:04:29.0529 5664        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:04:29.0576 5664        HidIr - ok
19:04:29.0685 5664        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:04:29.0732 5664        HidUsb - ok
19:04:29.0856 5664        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:04:29.0856 5664        HpSAMD - ok
19:04:29.0934 5664        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:04:29.0997 5664        HTTP - ok
19:04:30.0106 5664        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:04:30.0106 5664        hwpolicy - ok
19:04:30.0168 5664        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:04:30.0184 5664        i8042prt - ok
19:04:30.0278 5664        iaStor          (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
19:04:30.0293 5664        iaStor - ok
19:04:30.0387 5664        iaStorV        (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
19:04:30.0402 5664        iaStorV - ok
19:04:30.0449 5664        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:04:30.0449 5664        iirsp - ok
19:04:30.0480 5664        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
19:04:30.0496 5664        intelide - ok
19:04:30.0605 5664        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:04:30.0636 5664        intelppm - ok
19:04:30.0714 5664        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:04:30.0777 5664        IpFilterDriver - ok
19:04:30.0886 5664        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:04:30.0917 5664        IPMIDRV - ok
19:04:30.0964 5664        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:04:31.0011 5664        IPNAT - ok
19:04:31.0120 5664        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:04:31.0151 5664        IRENUM - ok
19:04:31.0260 5664        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
19:04:31.0260 5664        isapnp - ok
19:04:31.0323 5664        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
19:04:31.0323 5664        iScsiPrt - ok
19:04:31.0432 5664        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:04:31.0448 5664        kbdclass - ok
19:04:31.0494 5664        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
19:04:31.0541 5664        kbdhid - ok
19:04:31.0650 5664        kbfiltr        (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:04:31.0666 5664        kbfiltr - ok
19:04:31.0713 5664        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
19:04:31.0713 5664        KSecDD - ok
19:04:31.0791 5664        KSecPkg        (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
19:04:31.0791 5664        KSecPkg - ok
19:04:31.0900 5664        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:04:31.0947 5664        ksthunk - ok
19:04:32.0087 5664        L1C            (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:04:32.0134 5664        L1C - ok
19:04:32.0259 5664        lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
19:04:32.0274 5664        lirsgt - ok
19:04:32.0337 5664        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:04:32.0384 5664        lltdio - ok
19:04:32.0493 5664        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:04:32.0508 5664        LSI_FC - ok
19:04:32.0540 5664        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:04:32.0540 5664        LSI_SAS - ok
19:04:32.0664 5664        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:04:32.0664 5664        LSI_SAS2 - ok
19:04:32.0727 5664        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:04:32.0742 5664        LSI_SCSI - ok
19:04:32.0852 5664        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:04:32.0898 5664        luafv - ok
19:04:33.0023 5664        massfilter      (b5e86524918ef32b32d1032e0c8e92a3) C:\Windows\system32\DRIVERS\massfilter.sys
19:04:33.0070 5664        massfilter - ok
19:04:33.0148 5664        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:04:33.0148 5664        megasas - ok
19:04:33.0226 5664        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:04:33.0242 5664        MegaSR - ok
19:04:33.0320 5664        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:04:33.0382 5664        Modem - ok
19:04:33.0491 5664        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:04:33.0538 5664        monitor - ok
19:04:33.0663 5664        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:04:33.0678 5664        mouclass - ok
19:04:33.0803 5664        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:04:33.0834 5664        mouhid - ok
19:04:33.0944 5664        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:04:33.0944 5664        mountmgr - ok
19:04:34.0006 5664        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
19:04:34.0022 5664        mpio - ok
19:04:34.0100 5664        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:04:34.0162 5664        mpsdrv - ok
19:04:34.0209 5664        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:04:34.0240 5664        MRxDAV - ok
19:04:34.0334 5664        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:04:34.0365 5664        mrxsmb - ok
19:04:34.0458 5664        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:04:34.0490 5664        mrxsmb10 - ok
19:04:34.0568 5664        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:04:34.0583 5664        mrxsmb20 - ok
19:04:34.0661 5664        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
19:04:34.0677 5664        msahci - ok
19:04:34.0692 5664        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
19:04:34.0708 5664        msdsm - ok
19:04:34.0739 5664        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:04:34.0786 5664        Msfs - ok
19:04:34.0911 5664        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:04:34.0958 5664        mshidkmdf - ok
19:04:34.0989 5664        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
19:04:35.0004 5664        msisadrv - ok
19:04:35.0114 5664        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:04:35.0176 5664        MSKSSRV - ok
19:04:35.0285 5664        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:04:35.0332 5664        MSPCLOCK - ok
19:04:35.0410 5664        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:04:35.0457 5664        MSPQM - ok
19:04:35.0519 5664        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:04:35.0535 5664        MsRPC - ok
19:04:35.0582 5664        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:04:35.0582 5664        mssmbios - ok
19:04:35.0675 5664        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:04:35.0738 5664        MSTEE - ok
19:04:35.0784 5664        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:04:35.0800 5664        MTConfig - ok
19:04:35.0925 5664        MTsensor        (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
19:04:35.0940 5664        MTsensor - ok
19:04:36.0003 5664        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:04:36.0018 5664        Mup - ok
19:04:36.0143 5664        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:04:36.0174 5664        NativeWifiP - ok
19:04:36.0315 5664        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
19:04:36.0330 5664        NDIS - ok
19:04:36.0393 5664        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:04:36.0440 5664        NdisCap - ok
19:04:36.0549 5664        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:04:36.0596 5664        NdisTapi - ok
19:04:36.0720 5664        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:04:36.0783 5664        Ndisuio - ok
19:04:36.0798 5664        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:04:36.0861 5664        NdisWan - ok
19:04:36.0939 5664        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:04:36.0986 5664        NDProxy - ok
19:04:37.0048 5664        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:04:37.0110 5664        NetBIOS - ok
19:04:37.0142 5664        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:04:37.0204 5664        NetBT - ok
19:04:37.0329 5664        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:04:37.0344 5664        nfrd960 - ok
19:04:37.0407 5664        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:04:37.0469 5664        Npfs - ok
19:04:37.0532 5664        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:04:37.0578 5664        nsiproxy - ok
19:04:37.0656 5664        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
19:04:37.0688 5664        Ntfs - ok
19:04:37.0719 5664        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:04:37.0781 5664        Null - ok
19:04:37.0890 5664        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
19:04:37.0906 5664        nvraid - ok
19:04:37.0968 5664        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
19:04:37.0984 5664        nvstor - ok
19:04:38.0015 5664        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
19:04:38.0031 5664        nv_agp - ok
19:04:38.0046 5664        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
19:04:38.0078 5664        ohci1394 - ok
19:04:38.0202 5664        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:04:38.0218 5664        Parport - ok
19:04:38.0265 5664        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:04:38.0280 5664        partmgr - ok
19:04:38.0312 5664        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
19:04:38.0327 5664        pci - ok
19:04:38.0358 5664        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:04:38.0374 5664        pciide - ok
19:04:38.0405 5664        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:04:38.0421 5664        pcmcia - ok
19:04:38.0468 5664        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:04:38.0468 5664        pcw - ok
19:04:38.0577 5664        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:04:38.0639 5664        PEAUTH - ok
19:04:38.0780 5664        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:04:38.0842 5664        PptpMiniport - ok
19:04:38.0920 5664        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:04:38.0951 5664        Processor - ok
19:04:39.0029 5664        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:04:39.0076 5664        Psched - ok
19:04:39.0279 5664        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:04:39.0310 5664        ql2300 - ok
19:04:39.0404 5664        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:04:39.0419 5664        ql40xx - ok
19:04:39.0450 5664        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:04:39.0482 5664        QWAVEdrv - ok
19:04:39.0575 5664        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:04:39.0638 5664        RasAcd - ok
19:04:39.0684 5664        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:04:39.0716 5664        RasAgileVpn - ok
19:04:39.0762 5664        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:04:39.0809 5664        Rasl2tp - ok
19:04:39.0903 5664        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:04:39.0965 5664        RasPppoe - ok
19:04:40.0059 5664        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:04:40.0121 5664        RasSstp - ok
19:04:40.0152 5664        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:04:40.0215 5664        rdbss - ok
19:04:40.0277 5664        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:04:40.0308 5664        rdpbus - ok
19:04:40.0371 5664        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:04:40.0418 5664        RDPCDD - ok
19:04:40.0480 5664        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:04:40.0527 5664        RDPENCDD - ok
19:04:40.0542 5664        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:04:40.0605 5664        RDPREFMP - ok
19:04:40.0620 5664        RDPWD          (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
19:04:40.0683 5664        RDPWD - ok
19:04:40.0792 5664        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
19:04:40.0808 5664        rdyboost - ok
19:04:40.0870 5664        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:04:40.0917 5664        rspndr - ok
19:04:41.0042 5664        SAVOnAccess    (6bdc2de3baa4373d44dec9d56ceaf2b1) C:\Windows\system32\DRIVERS\savonaccess.sys
19:04:41.0057 5664        SAVOnAccess - ok
19:04:41.0104 5664        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
19:04:41.0104 5664        sbp2port - ok
19:04:41.0166 5664        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:04:41.0229 5664        scfilter - ok
19:04:41.0307 5664        sdcfilter      (7e450d5b46ff8fe82dab822d3b48e3b3) C:\Windows\system32\DRIVERS\sdcfilter.sys
19:04:41.0322 5664        sdcfilter - ok
19:04:41.0416 5664        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:04:41.0478 5664        secdrv - ok
19:04:41.0572 5664        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:04:41.0603 5664        Serenum - ok
19:04:41.0650 5664        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:04:41.0666 5664        Serial - ok
19:04:41.0744 5664        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:04:41.0775 5664        sermouse - ok
19:04:41.0853 5664        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:04:41.0868 5664        sffdisk - ok
19:04:41.0900 5664        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:04:41.0915 5664        sffp_mmc - ok
19:04:41.0931 5664        sffp_sd        (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:04:41.0962 5664        sffp_sd - ok
19:04:42.0056 5664        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:04:42.0087 5664        sfloppy - ok
19:04:42.0180 5664        SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
19:04:42.0212 5664        SiSGbeLH - ok
19:04:42.0274 5664        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:04:42.0290 5664        SiSRaid2 - ok
19:04:42.0321 5664        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:04:42.0321 5664        SiSRaid4 - ok
19:04:42.0352 5664        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:04:42.0399 5664        Smb - ok
19:04:42.0586 5664        SNP2UVC        (f06a6de8438f7446bff9e61f31356521) C:\Windows\system32\DRIVERS\snp2uvc.sys
19:04:42.0633 5664        SNP2UVC - ok
19:04:42.0773 5664        SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys
19:04:42.0789 5664        SophosBootDriver - ok
19:04:42.0836 5664        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:04:42.0836 5664        spldr - ok
19:04:42.0882 5664        srv            (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
19:04:42.0929 5664        srv - ok
19:04:43.0023 5664        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
19:04:43.0054 5664        srv2 - ok
19:04:43.0132 5664        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
19:04:43.0163 5664        srvnet - ok
19:04:43.0288 5664        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:04:43.0288 5664        stexstor - ok
19:04:43.0382 5664        STHDA          (ddb811b13d827081e7c1ddff302ab334) C:\Windows\system32\DRIVERS\stwrt64.sys
19:04:43.0428 5664        STHDA - ok
19:04:43.0538 5664        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:04:43.0538 5664        swenum - ok
19:04:43.0725 5664        Tcpip          (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
19:04:43.0772 5664        Tcpip - ok
19:04:43.0850 5664        TCPIP6          (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
19:04:43.0896 5664        TCPIP6 - ok
19:04:43.0943 5664        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:04:43.0990 5664        tcpipreg - ok
19:04:44.0006 5664        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:04:44.0052 5664        TDPIPE - ok
19:04:44.0146 5664        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:04:44.0193 5664        TDTCP - ok
19:04:44.0240 5664        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:04:44.0286 5664        tdx - ok
19:04:44.0349 5664        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
19:04:44.0349 5664        TermDD - ok
19:04:44.0442 5664        tmpreflt        (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
19:04:44.0458 5664        tmpreflt - ok
19:04:44.0505 5664        tmtdi          (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
19:04:44.0520 5664        tmtdi - ok
19:04:44.0567 5664        tmxpflt        (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
19:04:44.0583 5664        tmxpflt - ok
19:04:44.0630 5664        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:04:44.0676 5664        tssecsrv - ok
19:04:44.0786 5664        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:04:44.0832 5664        tunnel - ok
19:04:44.0848 5664        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:04:44.0864 5664        uagp35 - ok
19:04:44.0895 5664        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
19:04:44.0942 5664        udfs - ok
19:04:45.0020 5664        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:04:45.0035 5664        uliagpkx - ok
19:04:45.0082 5664        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:04:45.0113 5664        umbus - ok
19:04:45.0207 5664        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:04:45.0222 5664        UmPass - ok
19:04:45.0269 5664        usbccgp        (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
19:04:45.0300 5664        usbccgp - ok
19:04:45.0410 5664        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:04:45.0425 5664        usbcir - ok
19:04:45.0456 5664        usbehci        (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
19:04:45.0488 5664        usbehci - ok
19:04:45.0597 5664        usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
19:04:45.0628 5664        usbhub - ok
19:04:45.0644 5664        usbohci        (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
19:04:45.0675 5664        usbohci - ok
19:04:45.0768 5664        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:04:45.0784 5664        usbprint - ok
19:04:45.0831 5664        USBSTOR        (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:04:45.0878 5664        USBSTOR - ok
19:04:45.0924 5664        usbuhci        (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
19:04:45.0956 5664        usbuhci - ok
19:04:46.0034 5664        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
19:04:46.0080 5664        usbvideo - ok
19:04:46.0174 5664        VClone          (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
19:04:46.0205 5664        VClone - ok
19:04:46.0252 5664        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:04:46.0252 5664        vdrvroot - ok
19:04:46.0283 5664        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:04:46.0299 5664        vga - ok
19:04:46.0330 5664        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:04:46.0377 5664        VgaSave - ok
19:04:46.0486 5664        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
19:04:46.0502 5664        vhdmp - ok
19:04:46.0517 5664        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
19:04:46.0533 5664        viaide - ok
19:04:46.0595 5664        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
19:04:46.0611 5664        volmgr - ok
19:04:46.0658 5664        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:04:46.0673 5664        volmgrx - ok
19:04:46.0704 5664        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
19:04:46.0720 5664        volsnap - ok
19:04:46.0798 5664        vsapint        (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
19:04:46.0829 5664        vsapint - ok
19:04:46.0907 5664        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:04:46.0923 5664        vsmraid - ok
19:04:46.0938 5664        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:04:46.0970 5664        vwifibus - ok
19:04:47.0001 5664        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:04:47.0032 5664        vwififlt - ok
19:04:47.0110 5664        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:04:47.0126 5664        vwifimp - ok
19:04:47.0157 5664        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:04:47.0188 5664        WacomPen - ok
19:04:47.0282 5664        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:47.0344 5664        WANARP - ok
19:04:47.0360 5664        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:47.0391 5664        Wanarpv6 - ok
19:04:47.0438 5664        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:04:47.0453 5664        Wd - ok
19:04:47.0484 5664        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:04:47.0500 5664        Wdf01000 - ok
19:04:47.0594 5664        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:04:47.0640 5664        WfpLwf - ok
19:04:47.0687 5664        WimFltr        (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
19:04:47.0703 5664        WimFltr - ok
19:04:47.0765 5664        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:04:47.0781 5664        WIMMount - ok
19:04:47.0890 5664        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
19:04:47.0921 5664        WinUsb - ok
19:04:48.0062 5664        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:04:48.0093 5664        WmiAcpi - ok
19:04:48.0202 5664        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:04:48.0249 5664        ws2ifsl - ok
19:04:48.0296 5664        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:04:48.0358 5664        WudfPf - ok
19:04:48.0436 5664        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:04:48.0483 5664        WUDFRd - ok
19:04:48.0592 5664        ZTEusbmdm6k    (31db70a61814e4f33181d48190d46845) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:04:48.0623 5664        ZTEusbmdm6k - ok
19:04:48.0701 5664        ZTEusbnet      (01cbeea25aa78c0f0272654048d61f34) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
19:04:48.0748 5664        ZTEusbnet - ok
19:04:48.0873 5664        ZTEusbnmea      (c9ada887bf326d8413e81fe80b1be7eb) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:04:48.0904 5664        ZTEusbnmea - ok
19:04:49.0044 5664        ZTEusbser6k    (31db70a61814e4f33181d48190d46845) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:04:49.0044 5664        ZTEusbser6k - ok
19:04:49.0091 5664        ZTEusbvoice    (c9ada887bf326d8413e81fe80b1be7eb) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
19:04:49.0107 5664        ZTEusbvoice - ok
19:04:49.0169 5664        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:04:49.0356 5664        \Device\Harddisk0\DR0 - ok
19:04:49.0356 5664        Boot (0x1200)  (303b1827aedd9742dda2d16eea7e24d4) \Device\Harddisk0\DR0\Partition0
19:04:49.0356 5664        \Device\Harddisk0\DR0\Partition0 - ok
19:04:49.0388 5664        Boot (0x1200)  (dbdf7cc53dd1675b2cb6cd679edb3bc3) \Device\Harddisk0\DR0\Partition1
19:04:49.0388 5664        \Device\Harddisk0\DR0\Partition1 - ok
19:04:49.0388 5664        ============================================================
19:04:49.0388 5664        Scan finished
19:04:49.0388 5664        ============================================================
19:04:49.0403 5748        Detected object count: 0
19:04:49.0403 5748        Actual detected object count: 0

markusg 05.11.2011 19:17
das ist aber nich talles oder :-)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:19 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55