Trojaner-Board - PC langsamer nach "File restore"-Virus

Hier jetzt das richtige:

Combofix Logfile:

Code:

ComboFix 12-11-12.03 - Laner 12.11.2012  19:16:59.2.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4093.2713 [GMT 1:00]

ausgeführt von:: c:\users\Laner\Desktop\ComboFix.exe

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Laner\AppData\Roaming\Love

c:\users\Laner\AppData\Roaming\Love\mari0\options.txt

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-10-12 bis 2012-11-12  ))))))))))))))))))))))))))))))

.

.

2012-11-12 18:50 . 2012-11-12 18:50        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2012-11-12 18:50 . 2012-11-12 18:50        --------        d-----w-        c:\users\Public\AppData\Local\temp

2012-11-12 18:50 . 2012-11-12 18:50        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-11-12 18:50 . 2012-11-12 18:50        --------        d-----w-        c:\users\AppData\AppData\Local\temp

2012-11-12 11:56 . 2012-11-12 11:56        --------        d-----w-        c:\program files\HitmanPro

2012-11-12 11:55 . 2012-11-12 12:10        --------        d-----w-        c:\programdata\HitmanPro

2012-11-08 15:32 . 2012-11-08 15:32        --------        d-----w-        c:\users\Laner\AppData\Local\CrashRpt

2012-11-08 15:32 . 2012-11-08 15:32        --------        d-----w-        c:\users\Laner\AppData\Local\Arktos

2012-11-04 13:36 . 2012-11-04 13:36        --------        d-----w-        c:\users\Laner\AppData\Local\FLT

2012-11-04 13:23 . 2012-11-04 13:24        --------        d-----w-        c:\program files (x86)\XCOM Enemy Unknown

2012-11-04 13:14 . 2012-11-04 13:14        283200        ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys

2012-11-04 13:14 . 2012-11-04 13:14        --------        d-----w-        c:\program files (x86)\DAEMON Tools Lite

2012-10-30 15:54 . 2012-10-30 15:54        --------        d-----w-        c:\program files (x86)\VideoLAN

2012-10-23 08:00 . 2012-10-23 08:00        --------        d-----w-        c:\program files (x86)\Origin Games

2012-10-17 21:51 . 2012-10-17 21:51        --------        d-----w-        c:\program files (x86)\Gabest

2012-10-17 21:51 . 2011-05-30 13:42        240640        ----a-w-        c:\windows\SysWow64\xvidvfw.dll

2012-10-17 21:51 . 2011-05-30 13:42        255488        ----a-w-        c:\windows\system32\xvidvfw.dll

2012-10-17 21:51 . 2011-05-23 09:52        153088        ----a-w-        c:\windows\SysWow64\xvid.ax

2012-10-17 21:51 . 2011-05-23 07:49        173568        ----a-w-        c:\windows\system32\xvid.ax

2012-10-17 21:51 . 2011-05-23 07:46        645632        ----a-w-        c:\windows\SysWow64\xvidcore.dll

2012-10-17 21:51 . 2011-05-23 07:45        696832        ----a-w-        c:\windows\system32\xvidcore.dll

2012-10-17 21:51 . 2012-10-17 21:51        --------        d-----w-        c:\program files (x86)\Xvid

2012-10-17 21:47 . 2012-10-17 21:47        --------        d-----w-        c:\users\Laner\AppData\Roaming\Media Player Classic

2012-10-17 20:52 . 2012-11-08 00:36        --------        d-----w-        c:\users\Laner\AppData\Roaming\vlc

2012-10-17 20:51 . 2012-10-17 20:51        --------        d-----w-        c:\program files\VideoLAN

2012-10-15 11:57 . 2012-10-15 11:57        --------        d-----w-        c:\windows\Spinner

2012-10-15 11:42 . 2012-10-15 11:56        --------        d-----w-        c:\windows\ExpoThemes

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-12 18:53 . 2010-12-28 10:27        25640        ----a-w-        c:\windows\gdrv.sys

2012-11-09 07:46 . 2012-04-05 11:41        697272        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-09 07:46 . 2011-05-19 09:27        73656        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-10 23:06 . 2011-01-14 12:15        65309168        ----a-w-        c:\windows\system32\MRT.exe

2012-09-29 15:31 . 2011-11-19 19:29        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2012-09-29 15:31 . 2011-11-19 18:50        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2012-09-29 15:31 . 2011-11-19 18:50        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2012-09-26 17:11 . 2012-09-26 17:11        95208        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-26 17:11 . 2012-06-16 12:47        821736        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll

2012-09-26 17:11 . 2010-12-31 13:12        746984        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2012-09-22 21:00 . 2011-11-19 18:50        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe

2012-09-14 19:19 . 2012-10-10 13:44        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 13:44        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

2012-08-31 18:19 . 2012-10-10 13:44        1659760        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-10 13:44        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-10 13:44        3968880        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12 . 2012-10-10 13:44        3914096        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05 . 2012-10-10 13:44        220160        ----a-w-        c:\windows\system32\wintrust.dll

2012-08-24 18:05 . 2012-09-22 11:13        1188864        ----a-w-        c:\windows\system32\wininet.dll

2012-08-24 18:05 . 2012-09-22 11:13        1494528        ----a-w-        c:\windows\system32\urlmon.dll

2012-08-24 18:05 . 2012-09-22 11:13        134144        ----a-w-        c:\windows\system32\url.dll

2012-08-24 18:03 . 2012-09-22 11:13        9056256        ----a-w-        c:\windows\system32\mshtml.dll

2012-08-24 18:03 . 2012-09-22 11:13        97792        ----a-w-        c:\windows\system32\mshtmled.dll

2012-08-24 18:03 . 2012-09-22 11:13        735744        ----a-w-        c:\windows\system32\msfeeds.dll

2012-08-24 18:03 . 2012-09-22 11:13        64512        ----a-w-        c:\windows\system32\jsproxy.dll

2012-08-24 18:02 . 2012-09-22 11:13        247808        ----a-w-        c:\windows\system32\ieui.dll

2012-08-24 18:02 . 2012-09-22 11:13        12295680        ----a-w-        c:\windows\system32\ieframe.dll

2012-08-24 18:02 . 2012-09-22 11:13        2453504        ----a-w-        c:\windows\system32\iertutil.dll

2012-08-24 16:57 . 2012-10-10 13:44        172544        ----a-w-        c:\windows\SysWow64\wintrust.dll

2012-08-24 16:57 . 2012-09-22 11:13        981504        ----a-w-        c:\windows\SysWow64\wininet.dll

2012-08-24 15:59 . 2012-09-22 11:13        1638912        ----a-w-        c:\windows\system32\mshtml.tlb

2012-08-24 15:20 . 2012-09-22 11:13        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2012-08-23 08:26 . 2012-09-13 16:21        9310152        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{72AD49F1-6265-4EC0-BEDA-948E7818CE77}\mpengine.dll

2012-08-22 18:12 . 2012-09-13 16:20        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-13 16:20        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-13 16:20        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-13 16:20        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-26 08:25        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe

2012-08-20 18:48 . 2012-10-10 13:44        243200        ----a-w-        c:\windows\system32\wow64.dll

2012-08-20 18:48 . 2012-10-10 13:44        362496        ----a-w-        c:\windows\system32\wow64win.dll

2012-08-20 18:48 . 2012-10-10 13:44        13312        ----a-w-        c:\windows\system32\wow64cpu.dll

2012-08-20 18:48 . 2012-10-10 13:44        215040        ----a-w-        c:\windows\system32\winsrv.dll

2012-08-20 18:48 . 2012-10-10 13:44        16384        ----a-w-        c:\windows\system32\ntvdm64.dll

2012-08-20 18:48 . 2012-10-10 13:44        424448        ----a-w-        c:\windows\system32\KernelBase.dll

2012-08-20 18:48 . 2012-10-10 13:44        1162240        ----a-w-        c:\windows\system32\kernel32.dll

2012-08-20 18:46 . 2012-10-10 13:44        338432        ----a-w-        c:\windows\system32\conhost.exe

2012-08-20 18:38 . 2012-10-10 13:44        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        6144        ---ha-w-        c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        5120        ---ha-w-        c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-08-20 17:40 . 2012-10-10 13:44        14336        ----a-w-        c:\windows\SysWow64\ntvdm64.dll

2012-08-20 17:38 . 2012-10-10 13:44        44032        ----a-w-        c:\windows\apppatch\acwow64.dll

2012-08-20 17:38 . 2012-10-10 13:44        25600        ----a-w-        c:\windows\SysWow64\setup16.exe

2012-08-20 17:37 . 2012-10-10 13:44        5120        ----a-w-        c:\windows\SysWow64\wow32.dll

2012-08-20 17:37 . 2012-10-10 13:44        274944        ----a-w-        c:\windows\SysWow64\KernelBase.dll

2012-08-20 17:32 . 2012-10-10 13:44        4608        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        5120        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 13:44        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-10-12 963984]

"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]

"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE" [2010-09-02 2045440]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-12-31 1196048]

LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe [2012-8-23 522752]

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]

Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-7-29 291896]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0bootdelete

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]

R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]

R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 97040]

R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-11-25 38992]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-27 1255736]

S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-04 283200]

S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]

S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]

S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2012-11-12 108904]

S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-07-29 994360]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]

S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]

S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt        REG_MULTI_SZ           hpqcxs08 hpqddsvc

.

Inhalt des "geplante Tasks" Ordners

.

2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 07:46]

.

2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 09:31]

.

2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 09:31]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 242192]

"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = 

IE: Free YouTube to MP3 Converter - c:\users\Laner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Laner\AppData\Roaming\Mozilla\Firefox\Profiles\y6wfbt6l.default\

FF - ExtSQL: 2012-10-15 14:18; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Laner\AppData\Roaming\Mozilla\Firefox\Profiles\y6wfbt6l.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

FF - ExtSQL: !HIDDEN! 2012-01-30 15:26; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)

URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)

Wow6432Node-HKCU-Run-syshost32 - c:\users\Laner\AppData\Local\{78665EFC-8971-C3B2-6AAF-2C3049A2076C}\syshost.exe

BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll

WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)

AddRemove-BattlEye for A2 - c:\program files (x86)\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe

AddRemove-FLV Player - c:\program files (x86)\FLV Player\uninst.exe

AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe

AddRemove-{Clear Sky Complete v1.1.3}}_is1 - c:\users\Public\Documents\STALKER-STCS\Clear Sky Complete\unins000.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-128432448-2284216070-1018584416-1000\Software\SecuROM\License information*]

"datasecu"=hex:d3,af,df,c7,41,bb,30,8f,b0,c4,91,d6,e2,92,ba,44,08,39,7a,99,29,

   63,18,7e,ad,89,2d,d4,50,63,7b,2b,0c,73,13,bf,d0,42,be,52,4c,4d,d7,ca,b3,8e,\

"rkeysecu"=hex:35,1c,4f,ee,99,72,0d,b8,74,7a,68,8b,8e,ae,85,49

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2012-11-12  20:15:29 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2012-11-12 19:15

.

Vor Suchlauf: 7.630.950.400 Bytes frei

Nach Suchlauf: 4.013.285.376 Bytes frei

.

- - End Of File - - 0280B690D2A70F0AB20EFFBA29C7EDCA

--- --- ---

Der PC ist schon deutlich schneller, falls das interessiert.

Hat funkioniert:

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Gigabyte Technology Co., Ltd.
BIOS Manufacturer: Award Software International, Inc.
System Manufacturer: Gigabyte Technology Co., Ltd.
System Product Name: GA-870A-UD3
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 161):
0x03255000 \SystemRoot\system32\ntoskrnl.exe
0x0320C000 \SystemRoot\system32\hal.dll
0x00B9E000 \SystemRoot\system32\kdcom.dll
0x00CB8000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CC5000 \SystemRoot\system32\PSHED.dll
0x00CD9000 \SystemRoot\system32\CLFS.SYS
0x00D37000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00CA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EB6000 \SystemRoot\system32\drivers\ACPI.sys
0x00F0D000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F16000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F20000 \SystemRoot\system32\drivers\pci.sys
0x00F53000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F60000 \SystemRoot\System32\drivers\partmgr.sys
0x00F75000 \SystemRoot\system32\drivers\volmgr.sys
0x00F8A000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FE6000 \SystemRoot\system32\drivers\pciide.sys
0x00FED000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E00000 \SystemRoot\system32\DRIVERS\jraid.sys
0x00E20000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x00E4F000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E69000 \SystemRoot\system32\drivers\atapi.sys
0x00E72000 \SystemRoot\system32\drivers\ataport.SYS
0x00E9C000 \SystemRoot\system32\drivers\msahci.sys
0x010B6000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x010CA000 \SystemRoot\system32\DRIVERS\storport.sys
0x0112D000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01138000 \SystemRoot\system32\drivers\fltmgr.sys
0x01184000 \SystemRoot\system32\drivers\fileinfo.sys
0x01251000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01198000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x0121B000 \SystemRoot\System32\drivers\pcw.sys
0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0143A000 \SystemRoot\system32\drivers\ndis.sys
0x0152C000 \SystemRoot\system32\drivers\NETIO.SYS
0x0158C000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01600000 \SystemRoot\System32\drivers\tcpip.sys
0x015B6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01809000 \SystemRoot\system32\drivers\volsnap.sys
0x01855000 \SystemRoot\System32\Drivers\spldr.sys
0x0185D000 \SystemRoot\System32\drivers\rdyboost.sys
0x01897000 \SystemRoot\System32\Drivers\mup.sys
0x018A9000 \SystemRoot\System32\drivers\hwpolicy.sys
0x018B2000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x018EC000 \SystemRoot\system32\DRIVERS\disk.sys
0x01902000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01932000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x01979000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x019C2000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x019EC000 \SystemRoot\System32\Drivers\Null.SYS
0x019F5000 \SystemRoot\System32\Drivers\Beep.SYS
0x01400000 \SystemRoot\System32\drivers\vga.sys
0x0140E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01236000 \SystemRoot\System32\drivers\watchdog.sys
0x01800000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01246000 \SystemRoot\system32\drivers\rdpencdd.sys
0x013F4000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01072000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0107D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0108E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x00EA7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x06AC5000 \SystemRoot\system32\drivers\afd.sys
0x06B4E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x06B93000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x06B9E000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x06BA7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x06BCD000 \SystemRoot\system32\DRIVERS\netbios.sys
0x06BDC000 \SystemRoot\system32\DRIVERS\serial.sys
0x06A00000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x06A1B000 \SystemRoot\system32\drivers\termdd.sys
0x06A2F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x06A80000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06A8C000 \SystemRoot\system32\drivers\mssmbios.sys
0x06A97000 \SystemRoot\System32\drivers\discache.sys
0x06AA6000 \SystemRoot\System32\Drivers\dfsc.sys
0x06E6C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x06E7D000 \SystemRoot\system32\DRIVERS\AppleCharger.sys
0x06E85000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x06EAB000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x06EC0000 \SystemRoot\system32\drivers\wmiacpi.sys
0x13039000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x13DFB000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x06EC9000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x06E00000 \SystemRoot\System32\drivers\dxgmms1.sys
0x13000000 \SystemRoot\system32\drivers\HDAudBus.sys
0x06FBD000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x13024000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x13026000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x06FED000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x072E7000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x0733D000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0734E000 \SystemRoot\system32\drivers\1394ohci.sys
0x0738C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x073E3000 \SystemRoot\system32\DRIVERS\serenum.sys
0x07200000 \SystemRoot\system32\DRIVERS\parport.sys
0x0721D000 \SystemRoot\system32\drivers\CompositeBus.sys
0x0722D000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07243000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07267000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07273000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x072A2000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x072BD000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x06E46000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x073EF000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x076E5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x076F4000 \SystemRoot\system32\drivers\swenum.sys
0x076F6000 \SystemRoot\system32\drivers\ks.sys
0x07739000 \SystemRoot\system32\drivers\umbus.sys
0x0774B000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x07762000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x077BC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x07600000 \SystemRoot\system32\drivers\nvhda64v.sys
0x07632000 \SystemRoot\system32\drivers\portcls.sys
0x0766F000 \SystemRoot\system32\drivers\drmk.sys
0x07691000 \SystemRoot\system32\drivers\ksthunk.sys
0x088C8000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x08B02000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x08B1F000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x08B2D000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08B46000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x08B4F000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x08B62000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x08B70000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x08B7D000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x08B91000 \SystemRoot\System32\Drivers\crashdmp.sys
0x08B9F000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x08BA9000 \SystemRoot\System32\Drivers\dump_amdsata.sys
0x08BBD000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00090000 \SystemRoot\System32\win32k.sys
0x08BD0000 \SystemRoot\System32\drivers\Dxapi.sys
0x08BDC000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00470000 \SystemRoot\System32\TSDDD.dll
0x00620000 \SystemRoot\System32\cdd.dll
0x08800000 \SystemRoot\system32\drivers\luafv.sys
0x08823000 \SystemRoot\system32\drivers\WudfPf.sys
0x08844000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x08859000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0707B000 \SystemRoot\system32\drivers\HTTP.sys
0x07144000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07175000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07193000 \SystemRoot\System32\drivers\mpsdrv.sys
0x071AB000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07000000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0704E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0966A000 \SystemRoot\System32\DRIVERS\srv2.sys
0x096D3000 \SystemRoot\System32\DRIVERS\srv.sys
0x0976B000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x097BA000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x09E73000 \SystemRoot\system32\drivers\peauth.sys
0x09F19000 \SystemRoot\System32\Drivers\secdrv.SYS
0x09F24000 \SystemRoot\System32\drivers\tcpipreg.sys
0x09F36000 \??\C:\Windows\gdrv.sys
0x09F3F000 \SystemRoot\system32\DRIVERS\psi_mf.sys
0x09FB9000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x09FC4000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x76E00000 \Windows\System32\ntdll.dll
0x48000000 \Windows\System32\smss.exe
0xFF120000 \Windows\System32\apisetschema.dll

Processes (total 73):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
468 csrss.exe
528 C:\Windows\System32\wininit.exe
564 csrss.exe
596 C:\Windows\System32\services.exe
616 C:\Windows\System32\lsass.exe
624 C:\Windows\System32\lsm.exe
676 C:\Windows\System32\winlogon.exe
768 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\nvvsvc.exe
852 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
896 C:\Windows\System32\svchost.exe
972 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
416 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1128 C:\Program Files\HitmanPro\hmpsched.exe
1160 C:\Windows\System32\svchost.exe
1392 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1404 C:\Windows\System32\nvvsvc.exe
1412 C:\Windows\System32\spoolsv.exe
1464 C:\Windows\System32\svchost.exe
1848 C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
1876 C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
1908 C:\Windows\SysWOW64\svchost.exe
1936 C:\Windows\SysWOW64\XSrvSetup.exe
1980 C:\Windows\System32\svchost.exe
2036 C:\Windows\System32\svchost.exe
1088 C:\Windows\SysWOW64\PnkBstrA.exe
1620 C:\Windows\System32\svchost.exe
488 C:\Program Files (x86)\Secunia\PSI\psia.exe
2076 C:\Windows\System32\svchost.exe
2460 C:\Windows\System32\svchost.exe
1232 C:\Windows\System32\svchost.exe
168 C:\Program Files\Windows Media Player\wmpnetwk.exe
1504 C:\Windows\System32\SearchIndexer.exe
2620 C:\Windows\System32\dwm.exe
1064 C:\Windows\explorer.exe
2368 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2936 C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
2508 C:\Program Files\Windows Sidebar\sidebar.exe
1916 C:\Program Files (x86)\Skype\Phone\Skype.exe
1580 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
2832 C:\Program Files\Logitech\SetPoint\SetPoint.exe
2644 C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
1488 C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
2888 C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
2412 C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
2640 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
3084 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
3100 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3656 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
3820 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
2532 C:\Windows\System32\taskhost.exe
1388 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe