Trojaner-Board - System Check Virus eingefangen und ich komme nicht weiter

Hallo Chris,

danke für die schnelle Antwort, ich habe die Logs erstellt.

MAM Log

Code:

Malwarebytes Anti-Malware (Test) 1.60.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.02.03.03
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Thomas :: THOMAS-PC [Administrator]
 

Schutz: Aktiviert
 

03.02.2012 08:47:03

mbam-log-2012-02-03 (08-47-03).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 218547

Laufzeit: 2 Minute(n), 5 Sekunde(n)
 

Infizierte Speicherprozesse: 1

C:\ProgramData\unYHREDALK.exe (Trojan.FakeAlert) -> 3580 -> Löschen bei Neustart.
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 2

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|unYHREDALK.exe (Trojan.FakeAlert) -> Daten: C:\ProgramData\unYHREDALK.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Daten: C:\Users\Thomas\AppData\Local\45180fcc\X -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateiobjekte der Registrierung: 2

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 6

C:\ProgramData\unYHREDALK.exe (Trojan.FakeAlert) -> Löschen bei Neustart.

C:\Users\Thomas\AppData\Local\Temp\1017.tmp (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Thomas\AppData\Local\Temp\55CE.tmp (Trojan.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Thomas\AppData\Local\Temp\ruTiVhAObZDD8g.exe.tmp (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Thomas\AppData\Local\Temp\wusa.exe (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Thomas\AppData\Local\Temp\~!#3EA7.tmp (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

OTL.txt Log
OTL Logfile:

Code:

OTL logfile created on: 03.02.2012 11:34:52 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Thomas\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,91 Gb Total Physical Memory | 3,94 Gb Available Physical Memory | 66,67% Memory free

11,82 Gb Paging File | 9,59 Gb Available in Paging File | 81,08% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 197,55 Gb Total Space | 132,83 Gb Free Space | 67,24% Space Free | Partition Type: NTFS

Drive D: | 243,21 Gb Total Space | 239,09 Gb Free Space | 98,31% Space Free | Partition Type: NTFS

Drive E: | 232,88 Gb Total Space | 225,91 Gb Free Space | 97,01% Space Free | Partition Type: NTFS

Drive F: | 232,87 Gb Total Space | 199,17 Gb Free Space | 85,53% Space Free | Partition Type: NTFS

Drive G: | 7,58 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: THOMAS-PC | User Name: Thomas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Thomas\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Windows\AsScrPro.exe (ASUS)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\ExpressGateUtil\VAWinAgent.exe ()

PRC - C:\ExpressGateUtil\VAWinService.exe ()

PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)

PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)

PRC - C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)

PRC - C:\Program Files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe (ArcSoft, Inc.)

PRC - C:\Program Files (x86)\Eraser\Eraser.exe (The Eraser Project)

PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\ExpressGateUtil\VAWinAgent.exe ()

MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()

MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.)

SRV:64bit: - (TiMiniService) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Trend Micro Inc.)

SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)

SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()

SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)

SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)

SRV:64bit: - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe (SiSoftware)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (VideAceWindowsService) -- C:\ExpressGateUtil\VAWinService.exe ()

SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)

SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)

DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)

DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)

DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)

DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)

DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)

DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)

DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys (Sonix Technology Co., Ltd.)

DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)

DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)

DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()

DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x64\Sandra.sys (SiSoftware)

DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\mod7700.sys (DiBcom SA)

DRV:64bit: - (Huawei) -- C:\Windows\SysNative\drivers\ewdcsc.sys (Huawei Tech. Co., Ltd.)

DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?AF=100476&babsrc=HP_ss&mntrId=3cab8574000000000000f46d0482969d"

FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=100476&babsrc=adbartrp&mntrId=3cab8574000000000000f46d0482969d&q="

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.01.12 17:05:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.22 08:09:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.17 17:21:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

 

[2011.07.02 21:14:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions

[2011.07.02 21:14:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.11.27 17:50:36 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\c98nlcq9.default\extensions

[2012.01.28 10:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.01.28 10:12:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

[2012.01.22 08:09:20 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.01.22 08:09:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.11.27 17:50:26 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

[2012.01.22 08:09:17 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.01.22 08:09:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.01.22 08:09:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.01.22 08:09:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.01.22 08:09:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)

O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)

O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)

O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found

O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)

O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)

O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)

O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)

O4 - HKLM..\Run: [TotalMediaTVMonitor] C:\Program Files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe (ArcSoft, Inc.)

O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKCU..\Run: [Eraser] C:\Program Files (x86)\Eraser\Eraser.exe (The Eraser Project)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: dhl.de ([www] https in Vertrauenswürdige Sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{785FA296-262B-4A6E-9269-4340DB9D307E}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8C0421A-71BB-4D5C-96D8-D4DA5E9AE84D}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\cdo - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)

O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)

O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKCU Winlogon: Shell - (C:\Users\Thomas\AppData\Local\45180fcc\X) -C:\Users\Thomas\AppData\Local\45180fcc\X ()

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011.11.14 11:59:05 | 000,000,081 | R--- | M] () - G:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{39e79c78-a525-11e0-9da3-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{39e79c78-a525-11e0-9da3-806e6f6e6963}\Shell\AutoRun\command - "" = G:\0data\cbs.exe -- [2011.11.18 17:29:39 | 003,427,328 | R--- | M] ()

O33 - MountPoints2\{8d8a3faa-fad0-11e0-8bb3-f46d0482969d}\Shell - "" = AutoRun

O33 - MountPoints2\{8d8a3faa-fad0-11e0-8bb3-f46d0482969d}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{8d8a3fb1-fad0-11e0-8bb3-f46d0482969d}\Shell - "" = AutoRun

O33 - MountPoints2\{8d8a3fb1-fad0-11e0-8bb3-f46d0482969d}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{c4029aaa-fe5f-11e0-8344-f46d0482969d}\Shell - "" = AutoRun

O33 - MountPoints2\{c4029aaa-fe5f-11e0-8344-f46d0482969d}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{c4029aac-fe5f-11e0-8344-f46d0482969d}\Shell - "" = AutoRun

O33 - MountPoints2\{c4029aac-fe5f-11e0-8344-f46d0482969d}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{f8daa5ab-3916-11e1-833b-f46d0482969d}\Shell - "" = AutoRun

O33 - MountPoints2\{f8daa5ab-3916-11e1-833b-f46d0482969d}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.02.03 11:32:34 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Neuer Ordner

[2012.02.03 08:45:08 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Malwarebytes

[2012.02.03 08:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.02.03 08:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.02.03 08:44:59 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.02.03 08:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.02.03 08:44:30 | 009,502,424 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Thomas\Desktop\mbam-setup-1.60.1.1000.exe

[2012.02.03 08:04:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe

[2012.02.02 06:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check

[2012.02.02 06:34:48 | 000,000,000 | -HSD | C] -- C:\Users\Thomas\AppData\Local\45180fcc

[2012.01.31 23:28:34 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2012.01.31 23:28:33 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2012.01.31 23:28:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012.01.31 23:28:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2012.01.31 23:28:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2012.01.31 23:28:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2012.01.28 10:12:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Ask

[2012.01.28 10:12:31 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2012.01.28 10:12:31 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2012.01.28 10:12:31 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2012.01.28 10:09:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\McAfee

[2012.01.25 21:54:28 | 000,000,000 | -H-D | C] -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2012.01.16 22:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War

[2012.01.16 21:38:11 | 000,000,000 | -H-D | C] -- C:\Users\Thomas\AppData\Roaming\Winter Sports 2011

[2012.01.16 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winter Sports 2011

[2012.01.12 05:46:48 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2012.01.12 05:46:48 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012.01.12 05:46:48 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012.01.12 05:46:47 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2012.01.12 05:46:47 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2012.01.12 05:46:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2012.01.12 05:46:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012.01.04 14:14:51 | 050,449,456 | -H-- | C] (Microsoft Corporation) -- C:\Users\Thomas\Desktop\dotNetFx40_Full_x86_x64.exe

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.02.03 11:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.02.03 11:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.02.03 11:28:35 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.02.03 11:27:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.02.03 11:27:52 | 466,653,183 | -HS- | M] () -- C:\hiberfil.sys

[2012.02.03 11:24:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.02.03 08:58:16 | 002,014,268 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.02.03 08:58:16 | 000,840,268 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.02.03 08:58:16 | 000,795,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.02.03 08:58:16 | 000,201,460 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.02.03 08:58:16 | 000,174,406 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.02.03 08:55:07 | 000,001,362 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2012.02.03 08:45:00 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.02.03 08:44:39 | 009,502,424 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Thomas\Desktop\mbam-setup-1.60.1.1000.exe

[2012.02.03 08:28:07 | 000,302,592 | ---- | M] () -- C:\Users\Thomas\Desktop\91mik0oo.exe

[2012.02.03 08:04:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe

[2012.02.02 07:15:35 | 000,002,278 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2012.02.02 06:49:08 | 000,000,448 | -H-- | M] () -- C:\ProgramData\DLOAUpqsitbTFa

[2012.02.02 06:48:32 | 000,000,288 | -H-- | M] () -- C:\ProgramData\~DLOAUpqsitbTFa

[2012.02.02 06:41:28 | 000,000,200 | -H-- | M] () -- C:\ProgramData\~DLOAUpqsitbTFar

[2012.02.02 06:41:15 | 000,000,655 | -H-- | M] () -- C:\Users\Thomas\Desktop\System Check.lnk

[2012.02.02 06:41:09 | 000,340,104 | -H-- | M] () -- C:\ProgramData\DLOAUpqsitbTFa.exe

[2012.02.02 06:35:24 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.02.01 06:01:14 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2012.01.28 09:54:36 | 657,070,130 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012.01.12 07:12:36 | 001,992,162 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.01.07 11:23:10 | 000,001,675 | -H-- | M] () -- C:\Users\Thomas\Desktop\Kassenbuch4.lnk

[2012.01.04 14:16:01 | 050,449,456 | -H-- | M] (Microsoft Corporation) -- C:\Users\Thomas\Desktop\dotNetFx40_Full_x86_x64.exe

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.02.03 08:45:00 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.02.03 08:28:06 | 000,302,592 | ---- | C] () -- C:\Users\Thomas\Desktop\91mik0oo.exe

[2012.02.02 06:41:28 | 000,000,288 | -H-- | C] () -- C:\ProgramData\~DLOAUpqsitbTFa

[2012.02.02 06:41:28 | 000,000,200 | -H-- | C] () -- C:\ProgramData\~DLOAUpqsitbTFar

[2012.02.02 06:41:15 | 000,000,655 | -H-- | C] () -- C:\Users\Thomas\Desktop\System Check.lnk

[2012.02.02 06:41:14 | 000,000,448 | -H-- | C] () -- C:\ProgramData\DLOAUpqsitbTFa

[2012.02.02 06:41:09 | 000,340,104 | -H-- | C] () -- C:\ProgramData\DLOAUpqsitbTFa.exe

[2012.01.07 11:23:10 | 000,001,675 | -H-- | C] () -- C:\Users\Thomas\Desktop\Kassenbuch4.lnk

[2011.11.27 17:49:22 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll

[2011.09.04 18:14:57 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll

[2011.09.04 18:14:57 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll

[2011.09.04 18:14:56 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

[2011.08.07 09:11:56 | 000,015,602 | ---- | C] () -- C:\Windows\SysWow64\SELF32.INI

[2011.07.10 10:05:20 | 011,153,408 | -H-- | C] () -- C:\Users\Thomas\AppData\Roaming\Sandra.mdb

[2011.07.03 08:07:01 | 001,992,162 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.07.03 07:03:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2011.07.02 20:03:57 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI

[2011.02.12 03:19:29 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.02.12 03:19:29 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.02.12 03:19:28 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.01.26 11:22:43 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

[2011.01.12 17:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2009.10.26 04:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

[2009.07.29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:981884E7
 

< End of report >

--- --- ---

Extras.txt
OTL Logfile:

Code:

OTL Extras logfile created on: 03.02.2012 11:34:52 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Thomas\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

5,91 Gb Total Physical Memory | 3,94 Gb Available Physical Memory | 66,67% Memory free

11,82 Gb Paging File | 9,59 Gb Available in Paging File | 81,08% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 197,55 Gb Total Space | 132,83 Gb Free Space | 67,24% Space Free | Partition Type: NTFS

Drive D: | 243,21 Gb Total Space | 239,09 Gb Free Space | 98,31% Space Free | Partition Type: NTFS

Drive E: | 232,88 Gb Total Space | 225,91 Gb Free Space | 97,01% Space Free | Partition Type: NTFS

Drive F: | 232,87 Gb Total Space | 199,17 Gb Free Space | 85,53% Space Free | Partition Type: NTFS

Drive G: | 7,58 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: THOMAS-PC | User Name: Thomas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources

"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files

"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot

"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety

"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources

"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety

"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources

"{26211D4B-CD06-44C8-BA6E-F937E1692629}" = Fresco Logic USB3.0 Host Controller

"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)

"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety

"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU

"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program

"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety

"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor

"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU

"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety

"{4327107B-E95E-415C-9194-458FCED6BF12}" = Intel(R) PROSet/Wireless WiFi Software

"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files

"{5737101A-27C4-408A-8A57-D1DC78DF84B4}" = 64 Bit HP CIO Components Installer

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources

"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 

"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources

"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety

"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources

"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security

"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security

"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources

"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 265.96

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 265.96

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.9

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel(R) Wireless Display

"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011.SP3

"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU

"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources

"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety

"{CB95CD7D-FDCC-449A-86AE-67C257745A0B}" = Microsoft SQL Server 2008 R2 Native Client

"{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0

"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}" = Microsoft SQL Server VSS Writer

"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services

"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0

"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit

"CCleaner" = CCleaner

"Elantech" = ETDWare PS/2-x64 7.0.5.15_WHQL

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU

"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)

"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)

"ProInst" = Intel PROSet Wireless

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"USB2.0 UVC 2M WebCam" = USB2.0 UVC 2M WebCam

"WinRAR archiver" = WinRAR 4.01 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU

"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio

"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack

"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail

"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live

"{13FAE3E3-283E-4BF4-8FE5-17D256EDDD77}" = Windows Live UX Platform Language Pack

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources

"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger

"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{32C01DD0-3260-4D2B-BDB2-36CEC3E5B27A}" = Windows Live UX Platform Language Pack

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud

"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common

"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery

"{3888A22E-1A9E-4DBE-A93B-42385141F37D}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU

"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger

"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger

"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer

"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{50ABF86D-0BDB-31AD-97FD-E8A55564EBF9}" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types

"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker

"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger

"{6C627DDC-E0D3-4804-91A3-3EAB668B2F33}" = Microsoft SQL Server 2008 R2-Setup (Deutsch)

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger

"{6E9CFEF5-0245-411F-8587-CF83DF9D4B05}" = SQL Server 2008 R2 Database Engine Services

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh

"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5

"{76046298-768C-492C-8C93-2983C9E3719E}" = Windows Live UX Platform Language Pack

"{78033A38-50E2-4A65-823F-C1B34DF9FE41}" = Microsoft SQL Server 2008 R2-Richtlinien

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh

"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World

"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver

"{7CE13DFB-7320-4630-865F-DE98D8FE6791}" = ArcSoft TotalMedia TV

"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion

"{8343C2D8-09DF-38B3-9D1A-A26148918E45}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD113A8-811A-404E-A4D7-443D014946AC}" = Microsoft SQL Server Browser

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{91130407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business

"{92906ADC-9482-4DDB-870D-0F1F535EAD91}" = SQL Server 2008 R2 Common Files

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program

"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{96403552-88D1-429F-9C92-388B814B885E}" = Messenger Companion

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker

"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects

"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic

"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = Mythos

"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB5977C5-11AE-4003-BA7D-261C48F2BC35}" = מסייע Messenger

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail

"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common

"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader

"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials

"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = SQL Server 2008 R2 Database Engine Services

"{BBC019AB-8349-42A2-AF5A-A8B759722E2F}" = Windows Live UX Platform Language Pack

"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker

"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live

"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU

"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}" = Messenger 分享元件

"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU

"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker

"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources

"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E10B39DF-C167-4B79-B9C2-AA1570ACBB1D}" = SQL Server 2008 R2 Management Studio

"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console

"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources

"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live

"{E9380A3D-7A10-4988-B2A1-22A41C137D9F}" = SQL Server 2008 R2 Database Engine Shared

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις

"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh

"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Asus Vibe2.0" = AsusVibe2.0

"ASUS WebStorage" = ASUS WebStorage

"ASUS_N3_Series" = ASUS_N3_Series

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Bookworm Deluxe" = Bookworm Deluxe

"Cooking Dash" = Cooking Dash

"Eraser" = Eraser

"EssentialPIM" = EssentialPIM

"Google Chrome" = Google Chrome

"Governor of Poker" = Governor of Poker

"Haushaltsbuch4" = Softwarenetz Haushaltsbuch4

"Hotel Dash Suite Success" = Hotel Dash Suite Success

"ICQToolbar" = ICQ Toolbar

"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic

"InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"Jewel Quest 3" = Jewel Quest 3

"Kassenbuch4" = Softwarenetz Kassenbuch4

"Luxor 3" = Luxor 3

"Mahjongg dimensions" = Mahjongg dimensions

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1

"Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2

"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2

"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU

"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU

"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"Mozilla Thunderbird 10.0 (x86 de)" = Mozilla Thunderbird 10.0 (x86 de)

"Plants vs Zombies" = Plants vs Zombies

"Rechnung3" = Softwarenetz Rechnung3

"Web & TV Stick" = Web & TV Stick

"WinLiveSuite" = Windows Live Essentials

"Winter Sports 2011_is1" = Winter Sports 2011

"World of Goo" = World of Goo

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"pdfsam" = pdfsam

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 07.01.2012 08:11:06 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:11:21 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:11:23 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:11:39 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:11:41 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:12:07 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:13:03 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 07.01.2012 08:13:06 | Computer Name = Thomas-PC | Source = RasClient | ID = 20227

Description = 

 

Error - 13.01.2012 16:45:09 | Computer Name = Thomas-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,

 Zeitstempel: 0x4d762323  Name des fehlerhaften Moduls: Flash64_10_3_162.ocx, Version:

 10.3.162.28, Zeitstempel: 0x4cd9fabd  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000088ac0

ID

 des fehlerhaften Prozesses: 0x558  Startzeit der fehlerhaften Anwendung: 0x01ccd1b0760ee10f

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_10_3_162.ocx

Berichtskennung:

 7ad19d94-3e27-11e1-8239-f46d0482969d

 

Error - 28.01.2012 10:17:22 | Computer Name = Thomas-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,

 Zeitstempel: 0x4d762323  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000007fff04334f0

ID

 des fehlerhaften Prozesses: 0x9d0  Startzeit der fehlerhaften Anwendung: 0x01ccdd9e5691d9f8

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: unknown  Berichtskennung: cac6a5c7-49ba-11e1-8552-f46d0482969d

 

[ System Events ]

Error - 18.10.2011 13:58:02 | Computer Name = Thomas-PC | Source = Ntfs | ID = 262199

Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.

Führen

 Sie auf dem Volume "H:" den Befehl "chkdsk" aus.

 

Error - 18.10.2011 14:08:15 | Computer Name = Thomas-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

 

Error - 20.10.2011 00:05:12 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 SQL Server (SQLEXPRESS) erreicht.

 

Error - 20.10.2011 00:05:12 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 21.10.2011 04:43:31 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 SQL Server (SQLEXPRESS) erreicht.

 

Error - 21.10.2011 04:43:31 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 23.10.2011 01:38:00 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 SQL Server (SQLEXPRESS) erreicht.

 

Error - 23.10.2011 01:38:00 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 23.10.2011 22:07:14 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 SQL Server (SQLEXPRESS) erreicht.

 

Error - 23.10.2011 22:07:14 | Computer Name = Thomas-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

 

< End of report >

--- --- ---

Ich hoffe dir sagt das alles mehr wie mir

:dankeschoen:
Hoaza

vielen Dank, es sieht so aus als ob der Rechner wieder lebt, die Oberfläche wurde zwar nicht mehr genauso wiederhergestellt wie es war, aber ich habe wieder Zugriff auf Programme und Dateien.
Der TDSS Killer hat keine Infektion mehr festgestellt.

Code:

14:10:21.0882 3760        TDSS rootkit removing tool 2.7.9.0 Feb  1 2012 09:28:49

14:10:22.0375 3760        ============================================================

14:10:22.0375 3760        Current date / time: 2012/02/03 14:10:22.0375

14:10:22.0375 3760        SystemInfo:

14:10:22.0375 3760        

14:10:22.0375 3760        OS Version: 6.1.7601 ServicePack: 1.0

14:10:22.0375 3760        Product type: Workstation

14:10:22.0375 3760        ComputerName: THOMAS-PC

14:10:22.0375 3760        UserName: Thomas

14:10:22.0375 3760        Windows directory: C:\Windows

14:10:22.0375 3760        System windows directory: C:\Windows

14:10:22.0375 3760        Running under WOW64

14:10:22.0375 3760        Processor architecture: Intel x64

14:10:22.0375 3760        Number of processors: 8

14:10:22.0375 3760        Page size: 0x1000

14:10:22.0375 3760        Boot type: Normal boot

14:10:22.0375 3760        ============================================================

14:10:24.0647 3760        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:10:24.0715 3760        Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:10:24.0729 3760        \Device\Harddisk0\DR0:

14:10:24.0729 3760        MBR used

14:10:24.0730 3760        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x18B19800

14:10:24.0745 3760        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BD1A800, BlocksNum 0x1E66B800

14:10:24.0745 3760        \Device\Harddisk1\DR1:

14:10:24.0745 3760        MBR used

14:10:24.0751 3760        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1D1C4542

14:10:24.0770 3760        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C8481, BlocksNum 0x1D1BC7C0

14:10:24.0935 3760        Initialize success

14:10:24.0935 3760        ============================================================

14:11:27.0596 3968        ============================================================

14:11:27.0596 3968        Scan started

14:11:27.0596 3968        Mode: Manual; 

14:11:27.0596 3968        ============================================================

14:11:28.0384 3968        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

14:11:28.0406 3968        1394ohci - ok

14:11:28.0472 3968        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

14:11:28.0481 3968        ACPI - ok

14:11:28.0520 3968        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

14:11:28.0529 3968        AcpiPmi - ok

14:11:28.0648 3968        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:11:28.0686 3968        adp94xx - ok

14:11:28.0730 3968        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:11:28.0749 3968        adpahci - ok

14:11:28.0790 3968        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:11:28.0822 3968        adpu320 - ok

14:11:28.0915 3968        AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

14:11:28.0960 3968        AFD - ok

14:11:29.0007 3968        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

14:11:29.0019 3968        agp440 - ok

14:11:29.0120 3968        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

14:11:29.0128 3968        aliide - ok

14:11:29.0190 3968        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

14:11:29.0199 3968        amdide - ok

14:11:29.0266 3968        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:11:29.0280 3968        AmdK8 - ok

14:11:29.0313 3968        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:11:29.0326 3968        AmdPPM - ok

14:11:29.0380 3968        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

14:11:29.0393 3968        amdsata - ok

14:11:29.0444 3968        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:11:29.0462 3968        amdsbs - ok

14:11:29.0490 3968        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

14:11:29.0496 3968        amdxata - ok

14:11:29.0636 3968        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

14:11:29.0646 3968        AppID - ok

14:11:29.0721 3968        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:11:29.0735 3968        arc - ok

14:11:29.0751 3968        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:11:29.0763 3968        arcsas - ok

14:11:29.0863 3968        ASMMAP64        (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

14:11:29.0869 3968        ASMMAP64 - ok

14:11:29.0986 3968        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:11:29.0988 3968        AsyncMac - ok

14:11:30.0045 3968        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

14:11:30.0053 3968        atapi - ok

14:11:30.0121 3968        athr            (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys

14:11:30.0210 3968        athr - ok

14:11:30.0333 3968        ATKWMIACPIIO    (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

14:11:30.0340 3968        ATKWMIACPIIO - ok

14:11:30.0446 3968        avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys

14:11:30.0457 3968        avgntflt - ok

14:11:30.0515 3968        avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys

14:11:30.0528 3968        avipbb - ok

14:11:30.0672 3968        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:11:30.0710 3968        b06bdrv - ok

14:11:30.0764 3968        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:11:30.0783 3968        b57nd60a - ok

14:11:30.0834 3968        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:11:30.0841 3968        Beep - ok

14:11:30.0890 3968        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:11:30.0900 3968        blbdrive - ok

14:11:30.0951 3968        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

14:11:30.0963 3968        bowser - ok

14:11:30.0994 3968        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:11:31.0002 3968        BrFiltLo - ok

14:11:31.0015 3968        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:11:31.0021 3968        BrFiltUp - ok

14:11:31.0085 3968        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:11:31.0107 3968        Brserid - ok

14:11:31.0137 3968        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:11:31.0146 3968        BrSerWdm - ok

14:11:31.0161 3968        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:11:31.0167 3968        BrUsbMdm - ok

14:11:31.0181 3968        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:11:31.0190 3968        BrUsbSer - ok

14:11:31.0269 3968        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

14:11:31.0279 3968        BthEnum - ok

14:11:31.0318 3968        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:11:31.0330 3968        BTHMODEM - ok

14:11:31.0366 3968        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

14:11:31.0380 3968        BthPan - ok

14:11:31.0455 3968        BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

14:11:31.0496 3968        BTHPORT - ok

14:11:31.0591 3968        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

14:11:31.0604 3968        BTHUSB - ok

14:11:31.0672 3968        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:11:31.0686 3968        cdfs - ok

14:11:31.0752 3968        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

14:11:31.0769 3968        cdrom - ok

14:11:31.0885 3968        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:11:31.0898 3968        circlass - ok

14:11:31.0957 3968        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:11:31.0967 3968        CLFS - ok

14:11:32.0100 3968        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:11:32.0108 3968        CmBatt - ok

14:11:32.0160 3968        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

14:11:32.0170 3968        cmdide - ok

14:11:32.0235 3968        CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

14:11:32.0269 3968        CNG - ok

14:11:32.0373 3968        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:11:32.0381 3968        Compbatt - ok

14:11:32.0438 3968        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

14:11:32.0450 3968        CompositeBus - ok

14:11:32.0485 3968        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:11:32.0496 3968        crcdisk - ok

14:11:32.0558 3968        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

14:11:32.0571 3968        DfsC - ok

14:11:32.0621 3968        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:11:32.0630 3968        discache - ok

14:11:32.0681 3968        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:11:32.0694 3968        Disk - ok

14:11:32.0818 3968        Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

14:11:32.0832 3968        Dot4 - ok

14:11:32.0879 3968        Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys

14:11:32.0887 3968        Dot4Print - ok

14:11:32.0918 3968        dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

14:11:32.0928 3968        dot4usb - ok

14:11:32.0974 3968        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:11:32.0980 3968        drmkaud - ok

14:11:33.0040 3968        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

14:11:33.0067 3968        DXGKrnl - ok

14:11:33.0216 3968        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:11:33.0351 3968        ebdrv - ok

14:11:33.0515 3968        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:11:33.0552 3968        elxstor - ok

14:11:33.0596 3968        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

14:11:33.0604 3968        ErrDev - ok

14:11:33.0656 3968        ETD             (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys

14:11:33.0665 3968        ETD - ok

14:11:33.0761 3968        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:11:33.0778 3968        exfat - ok

14:11:33.0802 3968        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:11:33.0818 3968        fastfat - ok

14:11:33.0862 3968        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:11:33.0871 3968        fdc - ok

14:11:33.0913 3968        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:11:33.0924 3968        FileInfo - ok

14:11:33.0950 3968        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:11:33.0959 3968        Filetrace - ok

14:11:33.0988 3968        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:11:33.0995 3968        flpydisk - ok

14:11:34.0041 3968        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

14:11:34.0061 3968        FltMgr - ok

14:11:34.0114 3968        FLxHCIc         (72893dc6f72eabaef5aa1013fd189050) C:\Windows\system32\DRIVERS\FLxHCIc.sys

14:11:34.0127 3968        FLxHCIc - ok

14:11:34.0144 3968        FLxHCIh         (a2156628a86450d490a387b9b06fb17d) C:\Windows\system32\DRIVERS\FLxHCIh.sys

14:11:34.0154 3968        FLxHCIh - ok

14:11:34.0189 3968        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:11:34.0200 3968        FsDepends - ok

14:11:34.0250 3968        fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

14:11:34.0262 3968        fssfltr - ok

14:11:34.0369 3968        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

14:11:34.0376 3968        Fs_Rec - ok

14:11:34.0440 3968        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:11:34.0466 3968        fvevol - ok

14:11:34.0511 3968        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:11:34.0523 3968        gagp30kx - ok

14:11:34.0652 3968        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:11:34.0664 3968        hcw85cir - ok

14:11:34.0737 3968        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

14:11:34.0760 3968        HdAudAddService - ok

14:11:34.0802 3968        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

14:11:34.0804 3968        HDAudBus - ok

14:11:34.0846 3968        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:11:34.0855 3968        HidBatt - ok

14:11:34.0893 3968        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:11:34.0905 3968        HidBth - ok

14:11:34.0928 3968        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:11:34.0937 3968        HidIr - ok

14:11:34.0985 3968        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

14:11:34.0994 3968        HidUsb - ok

14:11:35.0062 3968        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

14:11:35.0075 3968        HpSAMD - ok

14:11:35.0168 3968        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

14:11:35.0228 3968        HTTP - ok

14:11:35.0330 3968        Huawei          (84d3088475bd9bc56ed76d6e0f740a63) C:\Windows\system32\DRIVERS\ewdcsc.sys

14:11:35.0332 3968        Huawei - ok

14:11:35.0409 3968        hwdatacard      (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys

14:11:35.0421 3968        hwdatacard - ok

14:11:35.0465 3968        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

14:11:35.0472 3968        hwpolicy - ok

14:11:35.0600 3968        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

14:11:35.0615 3968        i8042prt - ok

14:11:35.0698 3968        iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys

14:11:35.0706 3968        iaStor - ok

14:11:35.0754 3968        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

14:11:35.0788 3968        iaStorV - ok

14:11:36.0395 3968        igfx            (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys

14:11:36.0732 3968        igfx - ok

14:11:36.0838 3968        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:11:36.0849 3968        iirsp - ok

14:11:37.0004 3968        IntcAzAudAddService (e22397fb13975ff21be8e6897d7dc584) C:\Windows\system32\drivers\RTKVHD64.sys

14:11:37.0032 3968        IntcAzAudAddService - ok

14:11:37.0107 3968        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

14:11:37.0126 3968        IntcDAud - ok

14:11:37.0176 3968        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

14:11:37.0185 3968        intelide - ok

14:11:37.0230 3968        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:11:37.0232 3968        intelppm - ok

14:11:37.0317 3968        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:11:37.0330 3968        IpFilterDriver - ok

14:11:37.0372 3968        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

14:11:37.0386 3968        IPMIDRV - ok

14:11:37.0429 3968        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:11:37.0442 3968        IPNAT - ok

14:11:37.0479 3968        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:11:37.0486 3968        IRENUM - ok

14:11:37.0530 3968        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

14:11:37.0539 3968        isapnp - ok

14:11:37.0567 3968        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

14:11:37.0587 3968        iScsiPrt - ok

14:11:37.0640 3968        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:11:37.0650 3968        kbdclass - ok

14:11:37.0696 3968        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

14:11:37.0705 3968        kbdhid - ok

14:11:37.0755 3968        kbfiltr         (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

14:11:37.0762 3968        kbfiltr - ok

14:11:37.0828 3968        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

14:11:37.0841 3968        KSecDD - ok

14:11:37.0885 3968        KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

14:11:37.0903 3968        KSecPkg - ok

14:11:37.0934 3968        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:11:37.0942 3968        ksthunk - ok

14:11:38.0001 3968        L1C             (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys

14:11:38.0010 3968        L1C - ok

14:11:38.0076 3968        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:11:38.0087 3968        lltdio - ok

14:11:38.0221 3968        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:11:38.0235 3968        LSI_FC - ok

14:11:38.0276 3968        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:11:38.0289 3968        LSI_SAS - ok

14:11:38.0332 3968        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:11:38.0344 3968        LSI_SAS2 - ok

14:11:38.0393 3968        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:11:38.0407 3968        LSI_SCSI - ok

14:11:38.0448 3968        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:11:38.0451 3968        luafv - ok

14:11:38.0536 3968        MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

14:11:38.0544 3968        MBAMProtector - ok

14:11:38.0610 3968        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:11:38.0621 3968        megasas - ok

14:11:38.0703 3968        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:11:38.0723 3968        MegaSR - ok

14:11:38.0786 3968        MEIx64          (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys

14:11:38.0795 3968        MEIx64 - ok

14:11:38.0930 3968        mod7700         (df5bd9ccffbf9aa9d5096c6daaaf0a00) C:\Windows\system32\DRIVERS\mod7700.sys

14:11:38.0941 3968        mod7700 - ok

14:11:38.0992 3968        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:11:38.0994 3968        Modem - ok

14:11:39.0037 3968        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:11:39.0039 3968        monitor - ok

14:11:39.0145 3968        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:11:39.0155 3968        mouclass - ok

14:11:39.0186 3968        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:11:39.0195 3968        mouhid - ok

14:11:39.0265 3968        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

14:11:39.0278 3968        mountmgr - ok

14:11:39.0327 3968        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

14:11:39.0344 3968        mpio - ok

14:11:39.0383 3968        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:11:39.0394 3968        mpsdrv - ok

14:11:39.0441 3968        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

14:11:39.0455 3968        MRxDAV - ok

14:11:39.0486 3968        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:11:39.0500 3968        mrxsmb - ok

14:11:39.0544 3968        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:11:39.0565 3968        mrxsmb10 - ok

14:11:39.0609 3968        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:11:39.0623 3968        mrxsmb20 - ok

14:11:39.0668 3968        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

14:11:39.0675 3968        msahci - ok

14:11:39.0711 3968        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

14:11:39.0726 3968        msdsm - ok

14:11:39.0793 3968        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:11:39.0802 3968        Msfs - ok

14:11:39.0834 3968        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:11:39.0841 3968        mshidkmdf - ok

14:11:39.0881 3968        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

14:11:39.0889 3968        msisadrv - ok

14:11:39.0990 3968        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:11:39.0996 3968        MSKSSRV - ok

14:11:40.0031 3968        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:11:40.0036 3968        MSPCLOCK - ok

14:11:40.0079 3968        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:11:40.0085 3968        MSPQM - ok

14:11:40.0139 3968        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

14:11:40.0159 3968        MsRPC - ok

14:11:40.0208 3968        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

14:11:40.0210 3968        mssmbios - ok

14:11:40.0335 3968        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:11:40.0341 3968        MSTEE - ok

14:11:40.0376 3968        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:11:40.0384 3968        MTConfig - ok

14:11:40.0408 3968        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:11:40.0419 3968        Mup - ok

14:11:40.0546 3968        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:11:40.0568 3968        NativeWifiP - ok

14:11:40.0664 3968        NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

14:11:40.0695 3968        NDIS - ok

14:11:40.0798 3968        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:11:40.0808 3968        NdisCap - ok

14:11:40.0863 3968        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:11:40.0871 3968        NdisTapi - ok

14:11:40.0955 3968        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

14:11:40.0966 3968        Ndisuio - ok

14:11:41.0029 3968        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

14:11:41.0044 3968        NdisWan - ok

14:11:41.0171 3968        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

14:11:41.0183 3968        NDProxy - ok

14:11:41.0428 3968        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:11:41.0447 3968        NetBIOS - ok

14:11:41.0576 3968        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

14:11:41.0617 3968        NetBT - ok

14:11:42.0425 3968        NETwNs64        (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys

14:11:42.0669 3968        NETwNs64 - ok

14:11:42.0903 3968        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:11:42.0917 3968        nfrd960 - ok

14:11:43.0062 3968        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:11:43.0078 3968        Npfs - ok

14:11:43.0166 3968        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:11:43.0175 3968        nsiproxy - ok

14:11:43.0509 3968        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

14:11:43.0598 3968        Ntfs - ok

14:11:43.0690 3968        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:11:43.0696 3968        Null - ok

14:11:44.0092 3968        nvlddmkm        (db4f01aba1ff1379e64e997d9fc5c08b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:11:44.0160 3968        nvlddmkm - ok

14:11:44.0204 3968        nvpciflt        (6fcf6d9b3c149c7cee6fef8b622765c5) C:\Windows\system32\DRIVERS\nvpciflt.sys

14:11:44.0212 3968        nvpciflt - ok

14:11:44.0296 3968        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

14:11:44.0310 3968        nvraid - ok

14:11:44.0369 3968        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

14:11:44.0385 3968        nvstor - ok

14:11:44.0460 3968        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

14:11:44.0475 3968        nv_agp - ok

14:11:44.0521 3968        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

14:11:44.0535 3968        ohci1394 - ok

14:11:44.0587 3968        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:11:44.0601 3968        Parport - ok

14:11:44.0630 3968        partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

14:11:44.0643 3968        partmgr - ok

14:11:44.0682 3968        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

14:11:44.0699 3968        pci - ok

14:11:44.0730 3968        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

14:11:44.0736 3968        pciide - ok

14:11:44.0773 3968        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:11:44.0791 3968        pcmcia - ok

14:11:44.0818 3968        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:11:44.0827 3968        pcw - ok

14:11:44.0869 3968        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:11:44.0914 3968        PEAUTH - ok

14:11:45.0069 3968        Point64         (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys

14:11:45.0081 3968        Point64 - ok

14:11:45.0169 3968        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

14:11:45.0183 3968        PptpMiniport - ok

14:11:45.0226 3968        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:11:45.0240 3968        Processor - ok

14:11:45.0288 3968        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

14:11:45.0304 3968        Psched - ok

14:11:45.0401 3968        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:11:45.0480 3968        ql2300 - ok

14:11:45.0580 3968        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:11:45.0596 3968        ql40xx - ok

14:11:45.0630 3968        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:11:45.0641 3968        QWAVEdrv - ok

14:11:45.0683 3968        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:11:45.0691 3968        RasAcd - ok

14:11:45.0743 3968        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:11:45.0755 3968        RasAgileVpn - ok

14:11:45.0803 3968        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:11:45.0816 3968        Rasl2tp - ok

14:11:45.0861 3968        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:11:45.0873 3968        RasPppoe - ok

14:11:45.0913 3968        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:11:45.0925 3968        RasSstp - ok

14:11:45.0995 3968        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

14:11:46.0016 3968        rdbss - ok

14:11:46.0063 3968        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:11:46.0072 3968        rdpbus - ok

14:11:46.0176 3968        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:11:46.0183 3968        RDPCDD - ok

14:11:46.0290 3968        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:11:46.0296 3968        RDPENCDD - ok

14:11:46.0360 3968        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:11:46.0367 3968        RDPREFMP - ok

14:11:46.0425 3968        RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

14:11:46.0443 3968        RDPWD - ok

14:11:46.0551 3968        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

14:11:46.0571 3968        rdyboost - ok

14:11:46.0716 3968        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

14:11:46.0731 3968        RFCOMM - ok

14:11:46.0859 3968        RsFx0103        (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys

14:11:46.0883 3968        RsFx0103 - ok

14:11:46.0983 3968        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:11:46.0995 3968        rspndr - ok

14:11:47.0072 3968        SANDRA          (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x64\Sandra.sys

14:11:47.0082 3968        SANDRA - ok

14:11:47.0154 3968        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

14:11:47.0168 3968        sbp2port - ok

14:11:47.0257 3968        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

14:11:47.0259 3968        scfilter - ok

14:11:47.0314 3968        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:11:47.0321 3968        secdrv - ok

14:11:47.0372 3968        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:11:47.0380 3968        Serenum - ok

14:11:47.0407 3968        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:11:47.0419 3968        Serial - ok

14:11:47.0469 3968        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:11:47.0478 3968        sermouse - ok

14:11:47.0521 3968        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

14:11:47.0526 3968        sffdisk - ok

14:11:47.0544 3968        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

14:11:47.0550 3968        sffp_mmc - ok

14:11:47.0573 3968        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

14:11:47.0579 3968        sffp_sd - ok

14:11:47.0623 3968        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:11:47.0630 3968        sfloppy - ok

14:11:47.0673 3968        SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

14:11:47.0683 3968        SiSGbeLH - ok

14:11:47.0713 3968        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:11:47.0724 3968        SiSRaid2 - ok

14:11:47.0755 3968        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:11:47.0766 3968        SiSRaid4 - ok

14:11:47.0810 3968        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:11:47.0823 3968        Smb - ok

14:11:47.0991 3968        SNP2UVC         (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys

14:11:48.0085 3968        SNP2UVC - ok

14:11:48.0180 3968        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:11:48.0187 3968        spldr - ok

14:11:48.0330 3968        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

14:11:48.0368 3968        srv - ok

14:11:48.0427 3968        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

14:11:48.0455 3968        srv2 - ok

14:11:48.0526 3968        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

14:11:48.0542 3968        srvnet - ok

14:11:48.0613 3968        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:11:48.0623 3968        stexstor - ok

14:11:48.0675 3968        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

14:11:48.0682 3968        swenum - ok

14:11:48.0805 3968        Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

14:11:48.0906 3968        Tcpip - ok

14:11:49.0014 3968        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

14:11:49.0034 3968        TCPIP6 - ok

14:11:49.0086 3968        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

14:11:49.0096 3968        tcpipreg - ok

14:11:49.0161 3968        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:11:49.0169 3968        TDPIPE - ok

14:11:49.0195 3968        TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

14:11:49.0204 3968        TDTCP - ok

14:11:49.0261 3968        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

14:11:49.0273 3968        tdx - ok

14:11:49.0323 3968        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

14:11:49.0334 3968        TermDD - ok

14:11:49.0416 3968        tmactmon        (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys

14:11:49.0427 3968        tmactmon - ok

14:11:49.0457 3968        tmcomm          (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys

14:11:49.0468 3968        tmcomm - ok

14:11:49.0496 3968        tmevtmgr        (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys

14:11:49.0505 3968        tmevtmgr - ok

14:11:49.0621 3968        tmtdi           (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys

14:11:49.0632 3968        tmtdi - ok

14:11:49.0686 3968        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:11:49.0695 3968        tssecsrv - ok

14:11:49.0757 3968        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

14:11:49.0770 3968        TsUsbFlt - ok

14:11:49.0838 3968        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

14:11:49.0852 3968        tunnel - ok

14:11:49.0977 3968        TurboB          (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys

14:11:49.0984 3968        TurboB - ok

14:11:50.0038 3968        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:11:50.0051 3968        uagp35 - ok

14:11:50.0110 3968        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

14:11:50.0131 3968        udfs - ok

14:11:50.0222 3968        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

14:11:50.0234 3968        uliagpkx - ok

14:11:50.0291 3968        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

14:11:50.0302 3968        umbus - ok

14:11:50.0404 3968        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:11:50.0413 3968        UmPass - ok

14:11:50.0465 3968        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

14:11:50.0478 3968        usbccgp - ok

14:11:50.0531 3968        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

14:11:50.0549 3968        usbcir - ok

14:11:50.0583 3968        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

14:11:50.0591 3968        usbehci - ok

14:11:50.0650 3968        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

14:11:50.0674 3968        usbhub - ok

14:11:50.0703 3968        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

14:11:50.0711 3968        usbohci - ok

14:11:50.0743 3968        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:11:50.0751 3968        usbprint - ok

14:11:50.0782 3968        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:11:50.0784 3968        USBSTOR - ok

14:11:50.0814 3968        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

14:11:50.0822 3968        usbuhci - ok

14:11:50.0869 3968        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

14:11:50.0884 3968        usbvideo - ok

14:11:50.0939 3968        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

14:11:50.0947 3968        vdrvroot - ok

14:11:50.0993 3968        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:11:51.0001 3968        vga - ok

14:11:51.0026 3968        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:11:51.0034 3968        VgaSave - ok

14:11:51.0079 3968        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

14:11:51.0099 3968        vhdmp - ok

14:11:51.0132 3968        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

14:11:51.0141 3968        viaide - ok

14:11:51.0190 3968        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

14:11:51.0201 3968        volmgr - ok

14:11:51.0237 3968        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

14:11:51.0261 3968        volmgrx - ok

14:11:51.0304 3968        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

14:11:51.0324 3968        volsnap - ok

14:11:51.0378 3968        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:11:51.0394 3968        vsmraid - ok

14:11:51.0424 3968        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

14:11:51.0432 3968        vwifibus - ok

14:11:51.0455 3968        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:11:51.0465 3968        vwififlt - ok

14:11:51.0502 3968        vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

14:11:51.0508 3968        vwifimp - ok

14:11:51.0535 3968        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:11:51.0543 3968        WacomPen - ok

14:11:51.0591 3968        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:11:51.0604 3968        WANARP - ok

14:11:51.0623 3968        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:11:51.0626 3968        Wanarpv6 - ok

14:11:51.0676 3968        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:11:51.0683 3968        Wd - ok

14:11:51.0723 3968        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:11:51.0756 3968        Wdf01000 - ok

14:11:51.0801 3968        wdkmd           (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys

14:11:51.0807 3968        wdkmd - ok

14:11:51.0869 3968        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:11:51.0874 3968        WfpLwf - ok

14:11:51.0934 3968        WimFltr         (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

14:11:51.0950 3968        WimFltr - ok

14:11:52.0052 3968        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:11:52.0066 3968        WIMMount - ok

14:11:52.0225 3968        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

14:11:52.0227 3968        WmiAcpi - ok

14:11:52.0353 3968        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:11:52.0361 3968        ws2ifsl - ok

14:11:52.0436 3968        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

14:11:52.0449 3968        WudfPf - ok

14:11:52.0534 3968        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:11:52.0550 3968        WUDFRd - ok

14:11:52.0647 3968        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:11:52.0782 3968        \Device\Harddisk0\DR0 - ok

14:11:52.0819 3968        MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1

14:11:52.0824 3968        \Device\Harddisk1\DR1 - ok

14:11:52.0836 3968        Boot (0x1200)   (cf3232712f13c78390c46f103d1bb166) \Device\Harddisk0\DR0\Partition0

14:11:52.0903 3968        \Device\Harddisk0\DR0\Partition0 - ok

14:11:52.0924 3968        Boot (0x1200)   (7fbc58b1b085e9bec4b9564a1ea0e5e0) \Device\Harddisk0\DR0\Partition1

14:11:53.0013 3968        \Device\Harddisk0\DR0\Partition1 - ok

14:11:53.0029 3968        Boot (0x1200)   (f5cc60c6e77a3be11d715feac800ad64) \Device\Harddisk1\DR1\Partition0

14:11:53.0031 3968        \Device\Harddisk1\DR1\Partition0 - ok

14:11:53.0059 3968        Boot (0x1200)   (b4f59347e7215967218be2066582288e) \Device\Harddisk1\DR1\Partition1

14:11:53.0062 3968        \Device\Harddisk1\DR1\Partition1 - ok

14:11:53.0063 3968        ============================================================

14:11:53.0063 3968        Scan finished

14:11:53.0063 3968        ============================================================

14:11:53.0084 5700        Detected object count: 0

14:11:53.0084 5700        Actual detected object count: 0

Kann ich jetzt davon ausgehen, dass das Problem vollständig entfernt wurde, sollte ich lieber noch andere Tests machen oder am besten alles neu aufsetzen? ( Sicherungen konnte ich jetzt ziehen )

Danke nochmal und güße
Hoaza