Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.10.2012, 15:03   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



ok, dann ist ja gut

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.10.2012, 15:14   #17
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Bittesehr:

Code:
ATTFilter
 # AdwCleaner v2.005 - Datei am 15/10/2012 um 16:11:52 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Jack89 - JACK89-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack89\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Ask.com.tmp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Opera v12.2.1578.0

Datei : C:\Users\Jack89\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R4].txt - [1102 octets] - [15/10/2012 16:11:52]

########## EOF - C:\AdwCleaner[R4].txt - [1162 octets] ##########
         
__________________


Alt 15.10.2012, 15:22   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)
__________________
__________________

Alt 15.10.2012, 15:28   #19
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Code:
ATTFilter
 # AdwCleaner v2.005 - Datei am 15/10/2012 um 16:23:46 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Jack89 - JACK89-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jack89\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Opera v12.2.1578.0

Datei : C:\Users\Jack89\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R4].txt - [1229 octets] - [15/10/2012 16:11:52]
AdwCleaner[S4].txt - [1164 octets] - [15/10/2012 16:23:46]

########## EOF - C:\AdwCleaner[S4].txt - [1224 octets] ##########
         

Alt 15.10.2012, 15:32   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.10.2012, 15:33   #21
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



1) Also irgendwie kommt mir ''alles'' wieder schneller vor, also der Start vom Notebook kommt mir schneller vor und auch Anwendungen wie das Öffnen des Arbeitsplatzes funktioniert wieder schneller

2) nein, ich vermisse nichts

Alt 15.10.2012, 15:52   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.10.2012, 16:10   #23
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Erledigt:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.10.2012 16:59:01 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jack89\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,91 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 81,58% Memory free
15,82 Gb Paging File | 14,26 Gb Available in Paging File | 90,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 628,95 Gb Free Space | 93,37% Space Free | Partition Type: NTFS
 
Computer Name: JACK89-PC | User Name: Jack89 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jack89\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (s1039unic) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation)
DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation)
DRV:64bit: - (s1039nd5) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation)
DRV:64bit: - (s1039mgmt) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation)
DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1039bus) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 67 0C 48 AF 9C CD 01  [binary data]
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
 
 
O1 HOSTS File: ([2012.07.26 20:38:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1103216639-1292724987-2697347349-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O16:64bit: - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} hxxp://quickscan.bitdefender.com/qsax/qsax64.cab (Bitdefender QuickScan Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{809EEEC5-F37F-4F91-AE99-D63309AB3073}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk - C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - (ASUSTeK Computer Inc.)
MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: ATKMEDIA - hkey= - key= - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
MsConfig:64bit - StartUpReg: ATKOSD2 - hkey= - key= - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IntelTBRunOnce - hkey= - key= - C:\Windows\SysNative\wscript.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: SonicMasterTray - hkey= - key= - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: Wireless Console 3 - hkey= - key= - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: hitmanpro36 - Reg Error: Value error.
SafeBootMin:64bit: hitmanpro36.sys - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro36 - Reg Error: Value error.
SafeBootMin: hitmanpro36.sys - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: hitmanpro36 - Reg Error: Value error.
SafeBootNet:64bit: hitmanpro36.sys - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro36 - Reg Error: Value error.
SafeBootNet: hitmanpro36.sys - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.15 16:56:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jack89\Desktop\OTL.exe
[2012.10.14 20:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jack89\Desktop\Musik
[2012.10.13 12:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.10.12 19:59:01 | 000,000,000 | ---D | C] -- C:\Users\Jack89\AppData\Roaming\Malwarebytes
[2012.10.12 19:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.12 19:47:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.10.11 18:29:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.10.09 19:42:07 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.10.08 17:25:37 | 000,000,000 | ---D | C] -- C:\Users\Jack89\Documents\Anti-Malware
[2012.10.06 11:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012.10.06 11:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012.09.24 00:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.09.17 14:07:32 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jack89\Desktop\TDSSKiller.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.15 16:56:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jack89\Desktop\OTL.exe
[2012.10.15 16:39:19 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 16:39:19 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 16:25:07 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012.10.15 16:25:06 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.15 16:24:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.15 16:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.15 16:10:56 | 000,538,941 | ---- | M] () -- C:\Users\Jack89\Desktop\adwcleaner.exe
[2012.10.15 11:56:30 | 001,643,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.15 11:56:30 | 000,708,282 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.15 11:56:30 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.15 11:56:30 | 000,151,886 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.15 11:56:30 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.15 10:54:28 | 000,761,259 | ---- | M] () -- C:\Users\Jack89\Desktop\DSC00011.JPG
[2012.10.14 23:25:52 | 000,038,781 | ---- | M] () -- C:\Users\Jack89\Desktop\Unbenannt1.jpg
[2012.10.14 23:25:05 | 000,022,528 | -H-- | M] () -- C:\Users\Jack89\Desktop\photothumb.db
[2012.10.09 19:42:07 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.10.08 11:42:54 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.10.02 21:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.09.17 19:25:14 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jack89\Desktop\TDSSKiller.exe
[2012.09.16 22:51:49 | 000,063,985 | ---- | M] () -- C:\Users\Jack89\Desktop\Vorlesung.jpg
[2012.09.16 16:57:12 | 3298,785,299 | -H-- | M] () -- C:\Users\Jack89\Desktop\BlackMesa(1).zip
 
========== Files Created - No Company Name ==========
 
[2012.10.15 16:24:46 | 000,274,464 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.15 16:10:56 | 000,538,941 | ---- | C] () -- C:\Users\Jack89\Desktop\adwcleaner.exe
[2012.10.15 11:58:46 | 000,761,259 | ---- | C] () -- C:\Users\Jack89\Desktop\DSC00011.JPG
[2012.10.14 23:25:52 | 000,038,781 | ---- | C] () -- C:\Users\Jack89\Desktop\Unbenannt1.jpg
[2012.09.16 22:51:49 | 000,063,985 | ---- | C] () -- C:\Users\Jack89\Desktop\Vorlesung.jpg
[2012.09.16 16:46:15 | 3298,785,299 | -H-- | C] () -- C:\Users\Jack89\Desktop\BlackMesa(1).zip
[2012.07.26 20:34:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.26 20:34:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.26 20:34:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.26 20:34:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.26 20:34:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.06.23 17:33:49 | 000,000,036 | ---- | C] () -- C:\Users\Jack89\AppData\Local\housecall.guid.cache
[2012.06.10 12:32:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012.03.19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.11.15 06:12:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.19 06:11:04 | 001,673,966 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.06.10 12:38:16 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ASUS WebStorage
[2012.09.09 19:52:47 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\DMCache
[2012.06.23 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\f-secure
[2012.09.15 01:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IDM
[2012.08.28 14:46:05 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IObit
[2012.08.01 00:24:36 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\JonDo
[2012.09.13 23:24:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\LockHunter
[2012.07.15 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Nuance
[2012.06.10 12:47:00 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Opera
[2012.09.15 01:13:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Orbit
[2012.08.08 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\PhotoScape
[2012.09.15 01:06:49 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ProgSense
[2012.09.11 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\SoftGrid Client
[2012.08.16 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TP
[2012.06.15 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TuneUp Software
[2012.06.15 14:18:56 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Zeon
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.06.10 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Adobe
[2012.06.10 12:38:16 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ASUS WebStorage
[2012.06.10 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Atheros
[2012.06.10 13:57:31 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Avira
[2012.09.09 19:52:47 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\DMCache
[2012.09.28 23:20:35 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\dvdcss
[2012.06.23 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\f-secure
[2012.07.15 19:07:28 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\FLEXnet
[2012.06.10 12:32:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Identities
[2012.09.15 01:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IDM
[2012.06.10 12:34:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Intel Corporation
[2012.08.28 14:46:05 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\IObit
[2012.08.01 00:24:36 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\JonDo
[2012.09.13 23:24:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\LockHunter
[2012.06.10 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Macromedia
[2012.10.12 19:59:01 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Media Center Programs
[2012.09.12 16:26:53 | 000,000,000 | --SD | M] -- C:\Users\Jack89\AppData\Roaming\Microsoft
[2012.07.15 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Nuance
[2012.06.30 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\NVIDIA
[2012.06.10 12:47:00 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Opera
[2012.09.15 01:13:42 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Orbit
[2012.08.08 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\PhotoScape
[2012.09.15 01:06:49 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\ProgSense
[2012.08.07 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Skype
[2012.09.11 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\SoftGrid Client
[2012.08.16 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TP
[2012.06.15 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\TuneUp Software
[2012.10.12 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\vlc
[2012.06.13 20:12:52 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\WinRAR
[2012.06.15 14:18:56 | 000,000,000 | ---D | M] -- C:\Users\Jack89\AppData\Roaming\Zeon
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.10.19 04:56:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.10.19 04:56:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,628 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.09 10:16:22 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< End of report >
         
--- --- ---

Alt 15.10.2012, 17:45   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Ist rel. unauffällig. Was hast du da schon mit dem TDSS-Killer gemacht? Log dazu oder hast du den noch nicht ausgeführt?`
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.10.2012, 17:48   #25
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Hi,

ich habe den vor ein paar Tagen mal benutzt und auch da wurde nichts gefunden..

Log habe ich leider ( ich Dummkopf ) gelöscht ( das war unter C: ) aber auch da bin ich mir sicher, dass damals nichts gefunden wurde

Soll ich es erneut benutzen und dir einen Log posten?

Alt 15.10.2012, 18:43   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.10.2012, 19:50   #27
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Bittesehr:

Code:
ATTFilter
 20:47:32.0037 2164  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:47:32.0187 2164  ============================================================
20:47:32.0187 2164  Current date / time: 2012/10/15 20:47:32.0187
20:47:32.0187 2164  SystemInfo:
20:47:32.0187 2164  
20:47:32.0187 2164  OS Version: 6.1.7601 ServicePack: 1.0
20:47:32.0187 2164  Product type: Workstation
20:47:32.0187 2164  ComputerName: JACK89-PC
20:47:32.0188 2164  UserName: Jack89
20:47:32.0188 2164  Windows directory: C:\Windows
20:47:32.0188 2164  System windows directory: C:\Windows
20:47:32.0188 2164  Running under WOW64
20:47:32.0188 2164  Processor architecture: Intel x64
20:47:32.0188 2164  Number of processors: 4
20:47:32.0188 2164  Page size: 0x1000
20:47:32.0188 2164  Boot type: Normal boot
20:47:32.0188 2164  ============================================================
20:47:32.0701 2164  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:47:32.0712 2164  ============================================================
20:47:32.0712 2164  \Device\Harddisk0\DR0:
20:47:32.0712 2164  MBR partitions:
20:47:32.0713 2164  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54345000
20:47:32.0713 2164  ============================================================
20:47:32.0732 2164  C: <-> \Device\Harddisk0\DR0\Partition1
20:47:32.0732 2164  ============================================================
20:47:32.0732 2164  Initialize success
20:47:32.0732 2164  ============================================================
20:48:19.0310 1528  ============================================================
20:48:19.0310 1528  Scan started
20:48:19.0310 1528  Mode: Manual; SigCheck; TDLFS; 
20:48:19.0310 1528  ============================================================
20:48:19.0560 1528  ================ Scan system memory ========================
20:48:19.0560 1528  System memory - ok
20:48:19.0560 1528  ================ Scan services =============================
20:48:19.0676 1528  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:48:19.0730 1528  1394ohci - ok
20:48:19.0749 1528  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:48:19.0762 1528  ACPI - ok
20:48:19.0778 1528  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:48:19.0814 1528  AcpiPmi - ok
20:48:19.0879 1528  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:19.0888 1528  AdobeFlashPlayerUpdateSvc - ok
20:48:19.0923 1528  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:48:19.0940 1528  adp94xx - ok
20:48:19.0969 1528  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:48:19.0983 1528  adpahci - ok
20:48:19.0995 1528  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:48:20.0005 1528  adpu320 - ok
20:48:20.0026 1528  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:48:20.0058 1528  AeLookupSvc - ok
20:48:20.0102 1528  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:48:20.0140 1528  AFD - ok
20:48:20.0151 1528  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:48:20.0159 1528  agp440 - ok
20:48:20.0197 1528  [ 3F66D9AC081B495F91529C80BFA73E97 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
20:48:20.0206 1528  AiCharger - ok
20:48:20.0228 1528  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:48:20.0250 1528  ALG - ok
20:48:20.0266 1528  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:48:20.0274 1528  aliide - ok
20:48:20.0276 1528  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:48:20.0283 1528  amdide - ok
20:48:20.0300 1528  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:48:20.0329 1528  AmdK8 - ok
20:48:20.0344 1528  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:48:20.0378 1528  AmdPPM - ok
20:48:20.0388 1528  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:48:20.0397 1528  amdsata - ok
20:48:20.0413 1528  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:48:20.0425 1528  amdsbs - ok
20:48:20.0438 1528  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:48:20.0445 1528  amdxata - ok
20:48:20.0503 1528  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:48:20.0516 1528  AntiVirSchedulerService - ok
20:48:20.0549 1528  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:48:20.0558 1528  AntiVirService - ok
20:48:20.0581 1528  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:48:20.0630 1528  AppID - ok
20:48:20.0652 1528  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:48:20.0699 1528  AppIDSvc - ok
20:48:20.0711 1528  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
20:48:20.0756 1528  Appinfo - ok
20:48:20.0806 1528  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
20:48:20.0818 1528  arc - ok
20:48:20.0832 1528  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:48:20.0841 1528  arcsas - ok
20:48:20.0911 1528  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:48:20.0922 1528  ASLDRService - ok
20:48:20.0929 1528  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:48:20.0935 1528  ASMMAP64 - ok
20:48:21.0017 1528  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:48:21.0029 1528  aspnet_state - ok
20:48:21.0061 1528  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:21.0106 1528  AsyncMac - ok
20:48:21.0125 1528  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:48:21.0131 1528  atapi - ok
20:48:21.0170 1528  [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:48:21.0177 1528  AthBTPort - ok
20:48:21.0229 1528  [ 397748353925A6602A6097FA92AF23BF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:48:21.0238 1528  AtherosSvc - ok
20:48:21.0298 1528  [ B4174564AD5834A1680610572477878C ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:48:21.0407 1528  athr - ok
20:48:21.0422 1528  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:48:21.0430 1528  ATKGFNEXSrv - ok
20:48:21.0455 1528  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:48:21.0461 1528  ATKWMIACPIIO - ok
20:48:21.0498 1528  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:21.0552 1528  AudioEndpointBuilder - ok
20:48:21.0560 1528  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:48:21.0589 1528  AudioSrv - ok
20:48:21.0632 1528  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:48:21.0640 1528  avgntflt - ok
20:48:21.0664 1528  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:48:21.0672 1528  avipbb - ok
20:48:21.0685 1528  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:48:21.0692 1528  avkmgr - ok
20:48:21.0723 1528  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:48:21.0753 1528  AxInstSV - ok
20:48:21.0783 1528  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:48:21.0823 1528  b06bdrv - ok
20:48:21.0866 1528  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:48:21.0900 1528  b57nd60a - ok
20:48:21.0920 1528  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:48:21.0951 1528  BDESVC - ok
20:48:21.0966 1528  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:48:22.0015 1528  Beep - ok
20:48:22.0053 1528  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:48:22.0090 1528  BFE - ok
20:48:22.0118 1528  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
20:48:22.0178 1528  BITS - ok
20:48:22.0200 1528  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:48:22.0226 1528  blbdrive - ok
20:48:22.0239 1528  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:48:22.0260 1528  bowser - ok
20:48:22.0279 1528  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:48:22.0320 1528  BrFiltLo - ok
20:48:22.0332 1528  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:48:22.0362 1528  BrFiltUp - ok
20:48:22.0383 1528  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:48:22.0435 1528  BridgeMP - ok
20:48:22.0470 1528  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:48:22.0494 1528  Browser - ok
20:48:22.0510 1528  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:48:22.0536 1528  Brserid - ok
20:48:22.0544 1528  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:22.0568 1528  BrSerWdm - ok
20:48:22.0581 1528  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:22.0606 1528  BrUsbMdm - ok
20:48:22.0617 1528  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:22.0646 1528  BrUsbSer - ok
20:48:22.0662 1528  [ B5D8C2E82F33E2385FA9F309B6356715 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:48:22.0673 1528  BTATH_A2DP - ok
20:48:22.0701 1528  [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
20:48:22.0708 1528  btath_avdt - ok
20:48:22.0738 1528  [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
20:48:22.0745 1528  BTATH_BUS - ok
20:48:22.0761 1528  [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:48:22.0769 1528  BTATH_HCRP - ok
20:48:22.0778 1528  [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:48:22.0782 1528  BTATH_LWFLT - ok
20:48:22.0793 1528  [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
20:48:22.0801 1528  BTATH_RCP - ok
20:48:22.0847 1528  [ 0C3825703B5E4ADB5FB75A651E4682B7 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:48:22.0856 1528  BtFilter - ok
20:48:22.0882 1528  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:48:22.0939 1528  BthEnum - ok
20:48:22.0970 1528  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:48:22.0994 1528  BTHMODEM - ok
20:48:23.0009 1528  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:48:23.0041 1528  BthPan - ok
20:48:23.0078 1528  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:48:23.0111 1528  BTHPORT - ok
20:48:23.0140 1528  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:48:23.0182 1528  bthserv - ok
20:48:23.0195 1528  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:48:23.0227 1528  BTHUSB - ok
20:48:23.0247 1528  catchme - ok
20:48:23.0266 1528  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:48:23.0319 1528  cdfs - ok
20:48:23.0359 1528  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:48:23.0381 1528  cdrom - ok
20:48:23.0406 1528  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:48:23.0436 1528  CertPropSvc - ok
20:48:23.0445 1528  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
20:48:23.0457 1528  circlass - ok
20:48:23.0474 1528  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:48:23.0486 1528  CLFS - ok
20:48:23.0527 1528  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:23.0536 1528  clr_optimization_v2.0.50727_32 - ok
20:48:23.0571 1528  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:48:23.0579 1528  clr_optimization_v2.0.50727_64 - ok
20:48:23.0882 1528  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:23.0894 1528  clr_optimization_v4.0.30319_32 - ok
20:48:23.0931 1528  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:48:23.0939 1528  clr_optimization_v4.0.30319_64 - ok
20:48:23.0962 1528  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:48:23.0982 1528  CmBatt - ok
20:48:23.0991 1528  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:48:23.0999 1528  cmdide - ok
20:48:24.0022 1528  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:48:24.0041 1528  CNG - ok
20:48:24.0073 1528  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:48:24.0080 1528  Compbatt - ok
20:48:24.0090 1528  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:48:24.0143 1528  CompositeBus - ok
20:48:24.0151 1528  COMSysApp - ok
20:48:24.0222 1528  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:48:24.0236 1528  cphs - ok
20:48:24.0246 1528  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:48:24.0254 1528  crcdisk - ok
20:48:24.0286 1528  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:48:24.0320 1528  CryptSvc - ok
20:48:24.0356 1528  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:48:24.0405 1528  DcomLaunch - ok
20:48:24.0433 1528  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:48:24.0475 1528  defragsvc - ok
20:48:24.0513 1528  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:48:24.0548 1528  DfsC - ok
20:48:24.0570 1528  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:48:24.0611 1528  Dhcp - ok
20:48:24.0618 1528  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:48:24.0667 1528  discache - ok
20:48:24.0696 1528  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
20:48:24.0707 1528  Disk - ok
20:48:24.0716 1528  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:48:24.0750 1528  Dnscache - ok
20:48:24.0771 1528  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:48:24.0805 1528  dot3svc - ok
20:48:24.0816 1528  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:48:24.0855 1528  DPS - ok
20:48:24.0882 1528  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:48:24.0918 1528  drmkaud - ok
20:48:24.0943 1528  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:48:24.0961 1528  DXGKrnl - ok
20:48:24.0975 1528  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:48:25.0020 1528  EapHost - ok
20:48:25.0085 1528  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:48:25.0166 1528  ebdrv - ok
20:48:25.0191 1528  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:48:25.0205 1528  EFS - ok
20:48:25.0295 1528  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:48:25.0323 1528  ehRecvr - ok
20:48:25.0338 1528  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:48:25.0354 1528  ehSched - ok
20:48:25.0404 1528  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:48:25.0421 1528  elxstor - ok
20:48:25.0432 1528  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:48:25.0451 1528  ErrDev - ok
20:48:25.0480 1528  [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
20:48:25.0488 1528  ETD - ok
20:48:25.0510 1528  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:48:25.0549 1528  EventSystem - ok
20:48:25.0558 1528  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:48:25.0595 1528  exfat - ok
20:48:25.0607 1528  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:48:25.0640 1528  fastfat - ok
20:48:25.0671 1528  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:48:25.0708 1528  Fax - ok
20:48:25.0728 1528  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
20:48:25.0762 1528  fdc - ok
20:48:25.0771 1528  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:48:25.0807 1528  fdPHost - ok
20:48:25.0816 1528  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:48:25.0847 1528  FDResPub - ok
20:48:25.0863 1528  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:48:25.0871 1528  FileInfo - ok
20:48:25.0886 1528  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:48:25.0930 1528  Filetrace - ok
20:48:25.0944 1528  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:48:25.0973 1528  flpydisk - ok
20:48:25.0989 1528  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:48:26.0001 1528  FltMgr - ok
20:48:26.0034 1528  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
20:48:26.0068 1528  FontCache - ok
20:48:26.0104 1528  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:26.0112 1528  FontCache3.0.0.0 - ok
20:48:26.0124 1528  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:48:26.0132 1528  FsDepends - ok
20:48:26.0162 1528  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:48:26.0170 1528  fssfltr - ok
20:48:26.0226 1528  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:48:26.0264 1528  fsssvc - ok
20:48:26.0288 1528  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:48:26.0295 1528  Fs_Rec - ok
20:48:26.0314 1528  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:48:26.0328 1528  fvevol - ok
20:48:26.0344 1528  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:48:26.0353 1528  gagp30kx - ok
20:48:26.0379 1528  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:48:26.0428 1528  gpsvc - ok
20:48:26.0438 1528  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:48:26.0457 1528  hcw85cir - ok
20:48:26.0482 1528  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:26.0506 1528  HdAudAddService - ok
20:48:26.0526 1528  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:48:26.0549 1528  HDAudBus - ok
20:48:26.0559 1528  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:48:26.0595 1528  HidBatt - ok
20:48:26.0613 1528  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:48:26.0647 1528  HidBth - ok
20:48:26.0658 1528  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:48:26.0680 1528  HidIr - ok
20:48:26.0700 1528  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
20:48:26.0731 1528  hidserv - ok
20:48:26.0757 1528  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:48:26.0779 1528  HidUsb - ok
20:48:26.0792 1528  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:48:26.0835 1528  hkmsvc - ok
20:48:26.0845 1528  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:48:26.0873 1528  HomeGroupListener - ok
20:48:26.0895 1528  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:48:26.0923 1528  HomeGroupProvider - ok
20:48:26.0946 1528  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:48:26.0955 1528  HpSAMD - ok
20:48:26.0988 1528  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:48:27.0033 1528  HTTP - ok
20:48:27.0043 1528  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:48:27.0050 1528  hwpolicy - ok
20:48:27.0073 1528  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:48:27.0083 1528  i8042prt - ok
20:48:27.0114 1528  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:48:27.0126 1528  iaStor - ok
20:48:27.0167 1528  [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:48:27.0175 1528  IAStorDataMgrSvc - ok
20:48:27.0196 1528  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:48:27.0206 1528  iaStorV - ok
20:48:27.0248 1528  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:48:27.0268 1528  idsvc - ok
20:48:27.0490 1528  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:48:27.0761 1528  igfx - ok
20:48:27.0772 1528  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:48:27.0780 1528  iirsp - ok
20:48:27.0804 1528  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:48:27.0849 1528  IKEEXT - ok
20:48:27.0918 1528  [ E53B926B51CF92F50A3AD0C5016805DD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:48:27.0955 1528  IntcAzAudAddService - ok
20:48:27.0993 1528  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:48:28.0002 1528  intelide - ok
20:48:28.0023 1528  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:48:28.0044 1528  intelppm - ok
20:48:28.0065 1528  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:48:28.0097 1528  IPBusEnum - ok
20:48:28.0105 1528  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:48:28.0149 1528  IpFilterDriver - ok
20:48:28.0169 1528  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:48:28.0206 1528  iphlpsvc - ok
20:48:28.0221 1528  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:48:28.0239 1528  IPMIDRV - ok
20:48:28.0249 1528  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:48:28.0292 1528  IPNAT - ok
20:48:28.0315 1528  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:48:28.0346 1528  IRENUM - ok
20:48:28.0374 1528  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:48:28.0382 1528  isapnp - ok
20:48:28.0398 1528  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:48:28.0410 1528  iScsiPrt - ok
20:48:28.0432 1528  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:48:28.0439 1528  kbdclass - ok
20:48:28.0449 1528  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:48:28.0464 1528  kbdhid - ok
20:48:28.0483 1528  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
20:48:28.0491 1528  kbfiltr - ok
20:48:28.0502 1528  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:48:28.0510 1528  KeyIso - ok
20:48:28.0533 1528  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:48:28.0543 1528  KSecDD - ok
20:48:28.0560 1528  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:48:28.0569 1528  KSecPkg - ok
20:48:28.0579 1528  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:48:28.0617 1528  ksthunk - ok
20:48:28.0634 1528  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:48:28.0679 1528  KtmRm - ok
20:48:28.0704 1528  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:48:28.0718 1528  L1C - ok
20:48:28.0748 1528  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:48:28.0782 1528  LanmanServer - ok
20:48:28.0796 1528  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:48:28.0832 1528  LanmanWorkstation - ok
20:48:28.0868 1528  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:48:28.0900 1528  lltdio - ok
20:48:28.0923 1528  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:48:28.0971 1528  lltdsvc - ok
20:48:28.0980 1528  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:48:29.0012 1528  lmhosts - ok
20:48:29.0047 1528  [ 98B16E756243BEA9410E32025B19C06F ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:48:29.0056 1528  LMS - ok
20:48:29.0086 1528  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:48:29.0094 1528  LSI_FC - ok
20:48:29.0108 1528  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:48:29.0116 1528  LSI_SAS - ok
20:48:29.0130 1528  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:48:29.0137 1528  LSI_SAS2 - ok
20:48:29.0154 1528  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:48:29.0163 1528  LSI_SCSI - ok
20:48:29.0179 1528  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:48:29.0208 1528  luafv - ok
20:48:29.0226 1528  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:48:29.0236 1528  Mcx2Svc - ok
20:48:29.0250 1528  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:48:29.0257 1528  megasas - ok
20:48:29.0266 1528  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:48:29.0278 1528  MegaSR - ok
20:48:29.0311 1528  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:48:29.0320 1528  MEIx64 - ok
20:48:29.0327 1528  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:48:29.0364 1528  MMCSS - ok
20:48:29.0374 1528  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:48:29.0426 1528  Modem - ok
20:48:29.0436 1528  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:48:29.0455 1528  monitor - ok
20:48:29.0474 1528  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:48:29.0481 1528  mouclass - ok
20:48:29.0495 1528  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:48:29.0532 1528  mouhid - ok
20:48:29.0542 1528  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:48:29.0551 1528  mountmgr - ok
20:48:29.0559 1528  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:48:29.0569 1528  mpio - ok
20:48:29.0578 1528  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:48:29.0605 1528  mpsdrv - ok
20:48:29.0626 1528  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:48:29.0667 1528  MpsSvc - ok
20:48:29.0679 1528  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:48:29.0712 1528  MRxDAV - ok
20:48:29.0721 1528  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:48:29.0762 1528  mrxsmb - ok
20:48:29.0797 1528  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:48:29.0817 1528  mrxsmb10 - ok
20:48:29.0828 1528  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:48:29.0849 1528  mrxsmb20 - ok
20:48:29.0871 1528  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:48:29.0878 1528  msahci - ok
20:48:29.0894 1528  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:48:29.0904 1528  msdsm - ok
20:48:29.0914 1528  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:48:29.0944 1528  MSDTC - ok
20:48:29.0961 1528  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:48:30.0001 1528  Msfs - ok
20:48:30.0017 1528  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:48:30.0043 1528  mshidkmdf - ok
20:48:30.0050 1528  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:48:30.0057 1528  msisadrv - ok
20:48:30.0080 1528  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:48:30.0135 1528  MSiSCSI - ok
20:48:30.0137 1528  msiserver - ok
20:48:30.0156 1528  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:48:30.0190 1528  MSKSSRV - ok
20:48:30.0199 1528  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:48:30.0230 1528  MSPCLOCK - ok
20:48:30.0242 1528  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:48:30.0275 1528  MSPQM - ok
20:48:30.0292 1528  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:48:30.0305 1528  MsRPC - ok
20:48:30.0314 1528  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:48:30.0321 1528  mssmbios - ok
20:48:30.0324 1528  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:48:30.0359 1528  MSTEE - ok
20:48:30.0362 1528  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:48:30.0376 1528  MTConfig - ok
20:48:30.0393 1528  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:48:30.0400 1528  Mup - ok
20:48:30.0426 1528  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:48:30.0465 1528  napagent - ok
20:48:30.0482 1528  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:48:30.0510 1528  NativeWifiP - ok
20:48:30.0554 1528  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:48:30.0576 1528  NDIS - ok
20:48:30.0593 1528  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:48:30.0628 1528  NdisCap - ok
20:48:30.0644 1528  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:48:30.0679 1528  NdisTapi - ok
20:48:30.0695 1528  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:48:30.0727 1528  Ndisuio - ok
20:48:30.0736 1528  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:48:30.0767 1528  NdisWan - ok
20:48:30.0780 1528  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:48:30.0817 1528  NDProxy - ok
20:48:30.0824 1528  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:48:30.0858 1528  NetBIOS - ok
20:48:30.0874 1528  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:48:30.0908 1528  NetBT - ok
20:48:30.0914 1528  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:48:30.0923 1528  Netlogon - ok
20:48:30.0953 1528  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:48:30.0997 1528  Netman - ok
20:48:31.0030 1528  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0036 1528  NetMsmqActivator - ok
20:48:31.0040 1528  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0047 1528  NetPipeActivator - ok
20:48:31.0062 1528  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:48:31.0109 1528  netprofm - ok
20:48:31.0118 1528  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0125 1528  NetTcpActivator - ok
20:48:31.0128 1528  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:31.0135 1528  NetTcpPortSharing - ok
20:48:31.0152 1528  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:48:31.0159 1528  nfrd960 - ok
20:48:31.0177 1528  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:48:31.0228 1528  NlaSvc - ok
20:48:31.0231 1528  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:48:31.0262 1528  Npfs - ok
20:48:31.0275 1528  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:48:31.0310 1528  nsi - ok
20:48:31.0327 1528  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:48:31.0352 1528  nsiproxy - ok
20:48:31.0389 1528  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:48:31.0436 1528  Ntfs - ok
20:48:31.0443 1528  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:48:31.0480 1528  Null - ok
20:48:31.0503 1528  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:48:31.0521 1528  nusb3hub - ok
20:48:31.0543 1528  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:48:31.0555 1528  nusb3xhc - ok
20:48:31.0584 1528  [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
20:48:31.0595 1528  nvkflt - ok
20:48:31.0812 1528  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:48:31.0962 1528  nvlddmkm - ok
20:48:31.0973 1528  [ 918841B2454F4F2BD94479692079490B ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
20:48:31.0980 1528  nvpciflt - ok
20:48:32.0005 1528  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:48:32.0016 1528  nvraid - ok
20:48:32.0023 1528  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:48:32.0032 1528  nvstor - ok
20:48:32.0067 1528  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:48:32.0086 1528  nvsvc - ok
20:48:32.0141 1528  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:48:32.0166 1528  nvUpdatusService - ok
20:48:32.0184 1528  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:48:32.0191 1528  nv_agp - ok
20:48:32.0201 1528  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:48:32.0227 1528  ohci1394 - ok
20:48:32.0265 1528  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:48:32.0281 1528  p2pimsvc - ok
20:48:32.0303 1528  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:48:32.0323 1528  p2psvc - ok
20:48:32.0332 1528  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
20:48:32.0345 1528  Parport - ok
20:48:32.0361 1528  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:48:32.0369 1528  partmgr - ok
20:48:32.0382 1528  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:48:32.0408 1528  PcaSvc - ok
20:48:32.0431 1528  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:48:32.0442 1528  pci - ok
20:48:32.0448 1528  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:48:32.0454 1528  pciide - ok
20:48:32.0469 1528  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:48:32.0477 1528  pcmcia - ok
20:48:32.0487 1528  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:48:32.0494 1528  pcw - ok
20:48:32.0513 1528  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:48:32.0554 1528  PEAUTH - ok
20:48:32.0571 1528  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:48:32.0588 1528  PerfHost - ok
20:48:32.0633 1528  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:48:32.0700 1528  pla - ok
20:48:32.0729 1528  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:48:32.0755 1528  PlugPlay - ok
20:48:32.0765 1528  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:48:32.0790 1528  PNRPAutoReg - ok
20:48:32.0800 1528  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:48:32.0810 1528  PNRPsvc - ok
20:48:32.0837 1528  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:48:32.0876 1528  PolicyAgent - ok
20:48:32.0890 1528  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:48:32.0924 1528  Power - ok
20:48:32.0945 1528  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:48:32.0976 1528  PptpMiniport - ok
20:48:32.0990 1528  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
20:48:33.0006 1528  Processor - ok
20:48:33.0032 1528  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:48:33.0055 1528  ProfSvc - ok
20:48:33.0064 1528  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:48:33.0072 1528  ProtectedStorage - ok
20:48:33.0096 1528  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:48:33.0131 1528  Psched - ok
20:48:33.0177 1528  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:48:33.0217 1528  ql2300 - ok
20:48:33.0232 1528  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:48:33.0243 1528  ql40xx - ok
20:48:33.0265 1528  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:48:33.0280 1528  QWAVE - ok
20:48:33.0291 1528  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:48:33.0306 1528  QWAVEdrv - ok
20:48:33.0320 1528  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:48:33.0356 1528  RasAcd - ok
20:48:33.0381 1528  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:48:33.0429 1528  RasAgileVpn - ok
20:48:33.0441 1528  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:48:33.0491 1528  RasAuto - ok
20:48:33.0511 1528  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:48:33.0537 1528  Rasl2tp - ok
20:48:33.0550 1528  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:48:33.0586 1528  RasMan - ok
20:48:33.0599 1528  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:48:33.0634 1528  RasPppoe - ok
20:48:33.0662 1528  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:48:33.0694 1528  RasSstp - ok
20:48:33.0711 1528  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:48:33.0758 1528  rdbss - ok
20:48:33.0778 1528  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:48:33.0802 1528  rdpbus - ok
20:48:33.0813 1528  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:48:33.0844 1528  RDPCDD - ok
20:48:33.0862 1528  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:48:33.0896 1528  RDPENCDD - ok
20:48:33.0906 1528  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:48:33.0942 1528  RDPREFMP - ok
20:48:33.0964 1528  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:48:34.0004 1528  RDPWD - ok
20:48:34.0037 1528  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:48:34.0048 1528  rdyboost - ok
20:48:34.0064 1528  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:48:34.0099 1528  RemoteAccess - ok
20:48:34.0123 1528  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:48:34.0153 1528  RemoteRegistry - ok
20:48:34.0171 1528  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:48:34.0182 1528  RFCOMM - ok
20:48:34.0191 1528  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:48:34.0225 1528  RpcEptMapper - ok
20:48:34.0236 1528  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:48:34.0267 1528  RpcLocator - ok
20:48:34.0296 1528  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:48:34.0326 1528  RpcSs - ok
20:48:34.0354 1528  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:48:34.0394 1528  rspndr - ok
20:48:34.0422 1528  [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
20:48:34.0436 1528  RSUSBVSTOR - ok
20:48:34.0459 1528  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:48:34.0470 1528  RTL8167 - ok
20:48:34.0505 1528  [ C92E383CDAFE94B0DA30CBFCD561ECF8 ] s1039bus        C:\Windows\system32\DRIVERS\s1039bus.sys
20:48:34.0512 1528  s1039bus - ok
20:48:34.0528 1528  [ CBACDDCE5FD32310FD5855E1FD8517E8 ] s1039mdfl       C:\Windows\system32\DRIVERS\s1039mdfl.sys
20:48:34.0535 1528  s1039mdfl - ok
20:48:34.0553 1528  [ A339F1E0BC7AF29B2FDBA32AE4B9FCA4 ] s1039mdm        C:\Windows\system32\DRIVERS\s1039mdm.sys
20:48:34.0561 1528  s1039mdm - ok
20:48:34.0589 1528  [ 84E260AAD1BB19DFCC0DD333CB83BBA7 ] s1039mgmt       C:\Windows\system32\DRIVERS\s1039mgmt.sys
20:48:34.0596 1528  s1039mgmt - ok
20:48:34.0606 1528  [ 0772F403D615563E9D8D32BA7A132D1E ] s1039nd5        C:\Windows\system32\DRIVERS\s1039nd5.sys
20:48:34.0613 1528  s1039nd5 - ok
20:48:34.0629 1528  [ 134EDBCE4DACD749FC508AFE1C512D09 ] s1039obex       C:\Windows\system32\DRIVERS\s1039obex.sys
20:48:34.0638 1528  s1039obex - ok
20:48:34.0647 1528  [ BC54B27EC3900328BC390E98BBFC9D3A ] s1039unic       C:\Windows\system32\DRIVERS\s1039unic.sys
20:48:34.0655 1528  s1039unic - ok
20:48:34.0661 1528  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:48:34.0669 1528  SamSs - ok
20:48:34.0679 1528  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:48:34.0688 1528  sbp2port - ok
20:48:34.0708 1528  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:48:34.0744 1528  SCardSvr - ok
20:48:34.0760 1528  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:48:34.0796 1528  scfilter - ok
20:48:34.0821 1528  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:48:34.0870 1528  Schedule - ok
20:48:34.0885 1528  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:48:34.0909 1528  SCPolicySvc - ok
20:48:34.0923 1528  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:48:34.0947 1528  SDRSVC - ok
20:48:34.0958 1528  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:48:35.0005 1528  secdrv - ok
20:48:35.0024 1528  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:48:35.0062 1528  seclogon - ok
20:48:35.0078 1528  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
20:48:35.0114 1528  SENS - ok
20:48:35.0128 1528  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:48:35.0156 1528  SensrSvc - ok
20:48:35.0191 1528  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:48:35.0205 1528  Serenum - ok
20:48:35.0222 1528  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
20:48:35.0245 1528  Serial - ok
20:48:35.0260 1528  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:48:35.0277 1528  sermouse - ok
20:48:35.0302 1528  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:48:35.0338 1528  SessionEnv - ok
20:48:35.0348 1528  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:48:35.0358 1528  sffdisk - ok
20:48:35.0367 1528  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:48:35.0385 1528  sffp_mmc - ok
20:48:35.0391 1528  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:48:35.0401 1528  sffp_sd - ok
20:48:35.0407 1528  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:48:35.0424 1528  sfloppy - ok
20:48:35.0447 1528  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:48:35.0488 1528  SharedAccess - ok
20:48:35.0505 1528  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:48:35.0543 1528  ShellHWDetection - ok
20:48:35.0558 1528  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
20:48:35.0578 1528  SiSGbeLH - ok
20:48:35.0603 1528  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:48:35.0611 1528  SiSRaid2 - ok
20:48:35.0621 1528  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:48:35.0630 1528  SiSRaid4 - ok
20:48:35.0645 1528  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:48:35.0672 1528  Smb - ok
20:48:35.0707 1528  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:48:35.0730 1528  SNMPTRAP - ok
20:48:35.0747 1528  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:48:35.0754 1528  spldr - ok
20:48:35.0773 1528  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
20:48:35.0802 1528  Spooler - ok
20:48:35.0862 1528  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:48:35.0954 1528  sppsvc - ok
20:48:35.0962 1528  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:48:36.0010 1528  sppuinotify - ok
20:48:36.0045 1528  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:48:36.0073 1528  srv - ok
20:48:36.0092 1528  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:48:36.0127 1528  srv2 - ok
20:48:36.0139 1528  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:48:36.0159 1528  srvnet - ok
20:48:36.0184 1528  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:48:36.0212 1528  SSDPSRV - ok
20:48:36.0236 1528  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:48:36.0271 1528  SstpSvc - ok
20:48:36.0327 1528  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:48:36.0342 1528  Stereo Service - ok
20:48:36.0348 1528  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:48:36.0355 1528  stexstor - ok
20:48:36.0382 1528  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:48:36.0408 1528  stisvc - ok
20:48:36.0427 1528  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:48:36.0434 1528  swenum - ok
20:48:36.0461 1528  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:48:36.0503 1528  swprv - ok
20:48:36.0537 1528  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:48:36.0596 1528  SysMain - ok
20:48:36.0604 1528  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:48:36.0625 1528  TabletInputService - ok
20:48:36.0638 1528  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:48:36.0678 1528  TapiSrv - ok
20:48:36.0689 1528  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:48:36.0727 1528  TBS - ok
20:48:36.0780 1528  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:48:36.0843 1528  Tcpip - ok
20:48:36.0885 1528  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:48:36.0912 1528  TCPIP6 - ok
20:48:36.0936 1528  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:48:36.0995 1528  tcpipreg - ok
20:48:37.0024 1528  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:48:37.0034 1528  TDPIPE - ok
20:48:37.0054 1528  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:48:37.0083 1528  TDTCP - ok
20:48:37.0101 1528  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:48:37.0126 1528  tdx - ok
20:48:37.0136 1528  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:48:37.0144 1528  TermDD - ok
20:48:37.0173 1528  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:48:37.0216 1528  TermService - ok
20:48:37.0223 1528  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:48:37.0243 1528  Themes - ok
20:48:37.0258 1528  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:48:37.0284 1528  THREADORDER - ok
20:48:37.0310 1528  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
20:48:37.0326 1528  TPM - ok
20:48:37.0344 1528  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:48:37.0379 1528  TrkWks - ok
20:48:37.0409 1528  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:48:37.0455 1528  TrustedInstaller - ok
20:48:37.0470 1528  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:48:37.0495 1528  tssecsrv - ok
20:48:37.0525 1528  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:48:37.0545 1528  TsUsbFlt - ok
20:48:37.0554 1528  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:48:37.0574 1528  TsUsbGD - ok
20:48:37.0590 1528  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:48:37.0625 1528  tunnel - ok
20:48:37.0651 1528  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
20:48:37.0661 1528  TurboB - ok
20:48:37.0697 1528  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:48:37.0707 1528  TurboBoost - ok
20:48:37.0723 1528  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:48:37.0732 1528  uagp35 - ok
20:48:37.0754 1528  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:48:37.0809 1528  udfs - ok
20:48:37.0829 1528  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:48:37.0848 1528  UI0Detect - ok
20:48:37.0864 1528  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:48:37.0873 1528  uliagpkx - ok
20:48:37.0884 1528  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:48:37.0903 1528  umbus - ok
20:48:37.0909 1528  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:48:37.0923 1528  UmPass - ok
20:48:37.0993 1528  [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:48:38.0048 1528  UNS - ok
20:48:38.0067 1528  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:48:38.0105 1528  upnphost - ok
20:48:38.0128 1528  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:48:38.0141 1528  usbccgp - ok
20:48:38.0162 1528  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:48:38.0182 1528  usbcir - ok
20:48:38.0193 1528  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:48:38.0225 1528  usbehci - ok
20:48:38.0247 1528  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:48:38.0269 1528  usbhub - ok
20:48:38.0280 1528  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:48:38.0301 1528  usbohci - ok
20:48:38.0311 1528  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:48:38.0327 1528  usbprint - ok
20:48:38.0342 1528  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:48:38.0375 1528  USBSTOR - ok
20:48:38.0388 1528  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:48:38.0405 1528  usbuhci - ok
20:48:38.0432 1528  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:48:38.0448 1528  usbvideo - ok
20:48:38.0465 1528  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:48:38.0499 1528  UxSms - ok
20:48:38.0508 1528  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:48:38.0516 1528  VaultSvc - ok
20:48:38.0530 1528  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:48:38.0537 1528  vdrvroot - ok
20:48:38.0561 1528  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:48:38.0599 1528  vds - ok
20:48:38.0616 1528  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:48:38.0636 1528  vga - ok
20:48:38.0644 1528  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:48:38.0675 1528  VgaSave - ok
20:48:38.0688 1528  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:48:38.0696 1528  vhdmp - ok
20:48:38.0708 1528  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:48:38.0716 1528  viaide - ok
20:48:38.0732 1528  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:48:38.0741 1528  volmgr - ok
20:48:38.0753 1528  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:48:38.0766 1528  volmgrx - ok
20:48:38.0784 1528  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:48:38.0795 1528  volsnap - ok
20:48:38.0812 1528  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:48:38.0821 1528  vsmraid - ok
20:48:38.0858 1528  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:48:38.0930 1528  VSS - ok
20:48:38.0942 1528  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:48:38.0977 1528  vwifibus - ok
20:48:39.0002 1528  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:48:39.0026 1528  vwififlt - ok
20:48:39.0039 1528  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:48:39.0088 1528  W32Time - ok
20:48:39.0119 1528  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:48:39.0139 1528  WacomPen - ok
20:48:39.0162 1528  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:48:39.0197 1528  WANARP - ok
20:48:39.0200 1528  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:48:39.0224 1528  Wanarpv6 - ok
20:48:39.0271 1528  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:48:39.0322 1528  wbengine - ok
20:48:39.0335 1528  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:48:39.0364 1528  WbioSrvc - ok
20:48:39.0380 1528  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:48:39.0435 1528  wcncsvc - ok
20:48:39.0449 1528  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:48:39.0463 1528  WcsPlugInService - ok
20:48:39.0474 1528  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
20:48:39.0481 1528  Wd - ok
20:48:39.0513 1528  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:48:39.0532 1528  Wdf01000 - ok
20:48:39.0546 1528  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:48:39.0565 1528  WdiServiceHost - ok
20:48:39.0569 1528  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:48:39.0582 1528  WdiSystemHost - ok
20:48:39.0601 1528  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:48:39.0625 1528  WebClient - ok
20:48:39.0638 1528  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:48:39.0676 1528  Wecsvc - ok
20:48:39.0690 1528  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:48:39.0720 1528  wercplsupport - ok
20:48:39.0739 1528  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:48:39.0774 1528  WerSvc - ok
20:48:39.0794 1528  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:48:39.0820 1528  WfpLwf - ok
20:48:39.0840 1528  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:48:39.0850 1528  WimFltr - ok
20:48:39.0861 1528  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:48:39.0869 1528  WIMMount - ok
20:48:39.0888 1528  WinDefend - ok
20:48:39.0892 1528  WinHttpAutoProxySvc - ok
20:48:39.0938 1528  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:48:39.0977 1528  Winmgmt - ok
20:48:40.0019 1528  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:48:40.0116 1528  WinRM - ok
20:48:40.0156 1528  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:48:40.0166 1528  WinUsb - ok
20:48:40.0184 1528  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:48:40.0218 1528  Wlansvc - ok
20:48:40.0251 1528  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:48:40.0258 1528  wlcrasvc - ok
20:48:40.0350 1528  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:48:40.0401 1528  wlidsvc - ok
20:48:40.0419 1528  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:48:40.0434 1528  WmiAcpi - ok
20:48:40.0450 1528  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:48:40.0484 1528  wmiApSrv - ok
20:48:40.0514 1528  WMPNetworkSvc - ok
20:48:40.0523 1528  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:48:40.0532 1528  WPCSvc - ok
20:48:40.0543 1528  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:48:40.0553 1528  WPDBusEnum - ok
20:48:40.0562 1528  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:48:40.0594 1528  ws2ifsl - ok
20:48:40.0609 1528  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
20:48:40.0638 1528  wscsvc - ok
20:48:40.0640 1528  WSearch - ok
20:48:40.0703 1528  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:48:40.0764 1528  wuauserv - ok
20:48:40.0779 1528  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:48:40.0813 1528  WudfPf - ok
20:48:40.0856 1528  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:48:40.0896 1528  WUDFRd - ok
20:48:40.0907 1528  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:48:40.0933 1528  wudfsvc - ok
20:48:40.0952 1528  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:48:40.0979 1528  WwanSvc - ok
20:48:41.0045 1528  [ 28B051B78471FC290C1790623D5908E1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:48:41.0054 1528  ZAtheros Bt&Wlan Coex Agent - ok
20:48:41.0066 1528  ================ Scan global ===============================
20:48:41.0088 1528  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:48:41.0108 1528  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:48:41.0115 1528  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:48:41.0132 1528  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:48:41.0148 1528  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:48:41.0150 1528  [Global] - ok
20:48:41.0150 1528  ================ Scan MBR ==================================
20:48:41.0158 1528  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:48:41.0531 1528  \Device\Harddisk0\DR0 - ok
20:48:41.0532 1528  ================ Scan VBR ==================================
20:48:41.0537 1528  [ 1E203E03CEB260DC5F95C1B35415DAAA ] \Device\Harddisk0\DR0\Partition1
20:48:41.0540 1528  \Device\Harddisk0\DR0\Partition1 - ok
20:48:41.0540 1528  ============================================================
20:48:41.0541 1528  Scan finished
20:48:41.0541 1528  ============================================================
20:48:41.0552 3860  Detected object count: 0
20:48:41.0552 3860  Actual detected object count: 0
20:49:08.0839 2600  Deinitialize success
         

Alt 15.10.2012, 21:02   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Ist auch unaufällig

Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.

So kann man sehen ob sich da ein Hardwareproblem abzeichnet oder der Fehler eher in der Konfig in Windows und/oder im Dateisystem ist.

Lad dir mal sowas wie Knoppix oder Ubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal ausgiebig das System unter Linux und berichte ob es dort normal läuft.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.10.2012, 15:31   #29
Colamensch89
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Hey,

ein Hardwareproblem schließe ich aus, weil dieses Problem erst seit ein paar Tagen besteht und manchmal bewegt sich die Schiebeleiste im Browser einfach wie von Geisterhand, also nach unten oder oben

Oder wenn ich mit der Maus auf einen ( egal welchen ) Button klicken möchte, springt der Mauszeiger auch kurz weg, das ist schon komisch

Alt 17.10.2012, 12:01   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - Standard

Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?



Zitat:
ein Hardwareproblem schließe ich aus, weil dieses Problem erst seit ein paar Tagen besteht
Was ist das denn für ein Argument?!
Das hat mit Logik irgendwie nichts zu tiun - schon davon gehört dass Dinge ohne Voränkündigung von einem aud den anderen Tag kaputtgehen können?
Aber gut, wenn du den Test mit Linux nicht machen willst treten wir eben auf der Stelle
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?
befall, dauert, ebook, einfach, fenster, gfnexsrv.exe, hintergrund, hochgefahren, klicke, komisch, lange, leute, malware, nodrives, notebook, nvpciflt.sys, plug-in, rechtsklick, sekunden, stören, systems, systemstart, troja, trojaner, usb 3.0, verdacht, verhält, viren, woche, wochen



Ähnliche Themen: Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?


  1. eventueller Trojaner befall
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (3)
  2. Rechner verhält sich merkwürdig
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (13)
  3. Pc verhält sich seltsam
    Diskussionsforum - 21.08.2013 (3)
  4. Rechner verhält sich merkwürdig
    Log-Analyse und Auswertung - 09.10.2012 (13)
  5. SVCHost verhält sich merkwürdig
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (11)
  6. Rechner verhält sich auffällig
    Log-Analyse und Auswertung - 12.09.2012 (5)
  7. Eventueller Befall mit Zemra
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (2)
  8. Eventueller Befall von Trojan-Dropper.Win32.Injector.ewlp
    Log-Analyse und Auswertung - 21.05.2012 (1)
  9. Notebook verhält sich sehr, sehr eigenartig. Verdacht auf eventuelle Schadprogramme / Trojaner.
    Plagegeister aller Art und deren Bekämpfung - 01.05.2012 (14)
  10. Laptop verhält sich merkwürdig
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (23)
  11. Hijack Log prüfen, computer verhält sich eigenartig
    Log-Analyse und Auswertung - 03.06.2010 (2)
  12. eventueller Befall. Programme automatisch gelöscht
    Plagegeister aller Art und deren Bekämpfung - 19.04.2010 (0)
  13. Pc verhält sich komisch
    Log-Analyse und Auswertung - 31.01.2009 (1)
  14. Firefox verhält sich merkwürdig!
    Log-Analyse und Auswertung - 21.12.2008 (2)
  15. Mein PC *verhält* sich komisch
    Plagegeister aller Art und deren Bekämpfung - 05.09.2008 (1)
  16. Der PC verhält sich seltsam
    Log-Analyse und Auswertung - 08.11.2007 (1)
  17. Laptop verhält sich seltsam
    Plagegeister aller Art und deren Bekämpfung - 22.10.2007 (1)

Zum Thema Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? - ok, dann ist ja gut adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die - Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?...
Archiv
Du betrachtest: Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.