Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC stürzt bei downloads ab

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.02.2013, 17:24   #1
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Guten Tag ich hab seit längerem ein Problem und zwar stürzt mein Pc (wie im Titel bereits erwähnt) beim downloaden ab..... weiß echt nicht was ich tuen soll hab mal hijack drüber laufen lassen verstehe aber um ehrlich zu sein nichts was da steht.... kein mir einer helfen ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:52:37, on 19.02.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andy\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BitAccelerator - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [Arctosa] "C:\Program Files (x86)\Razer\Arctosa\razerhid.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Smart PC Cleaner] C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: PowerReg Scheduler V3.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8902 bytes

Alt 19.02.2013, 17:33   #2
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Hi
das Problem hindert dich aber nicht, die Anleitungen zu lesen.
Hjt ist unbrauchbar.
schaun wir ob das geht:

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 19.02.2013, 18:46   #3
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Tut mir leid das habe ich in der tat nicht :/
Extras gab es nichtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.02.2013 18:34:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Andy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
16,00 Gb Total Physical Memory | 13,68 Gb Available Physical Memory | 85,51% Memory free
31,99 Gb Paging File | 29,57 Gb Available in Paging File | 92,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 736,20 Gb Total Space | 376,32 Gb Free Space | 51,12% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 4,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ANDY-PC | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.19 18:20:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
PRC - [2012.12.01 02:35:17 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.11.26 23:13:32 | 007,274,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\Six Engine\SixEngine.exe
PRC - [2009.11.06 14:00:44 | 008,619,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.08.19 18:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
PRC - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.07.17 14:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2008.10.06 14:03:04 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.18 16:08:04 | 012,638,576 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2009.09.30 04:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.08.27 18:41:46 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 18:41:46 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.05.22 13:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 19:20:00 | 000,179,712 | ---- | M] () -- C:\Programme\ASUS\Six Engine\AsusService.dll
MOD - [2008.12.10 19:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.18 13:08:19 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.18 12:52:06 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.15 13:08:20 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.02 19:39:58 | 000,281,688 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.12.10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.01 02:35:17 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.08.18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.17 14:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.10 01:07:18 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.09 17:53:53 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanUZAG.sys -- (AG760V64)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.08 11:03:24 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.03 10:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 15:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006.12.22 18:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B9 8C A9 C8 89 75 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7Bc840e246-6b95-475e-9bd7-caa1c7eca9f2%7D:3.16.0.3
FF - prefs.js..extensions.enabledAddons: %7B5ddeb737-082c-48fb-8c06-aa4b38d61e5f%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Andy\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.18 13:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.18 13:08:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.09 17:41:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\mozilla\Extensions
[2012.11.23 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions
[2012.11.23 18:37:18 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2012.09.15 13:11:25 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions\ich@maltegoetz.de
[2012.11.07 19:52:22 | 000,000,931 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\xyjnrm76.default\searchplugins\conduit.xml
[2013.02.18 13:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.18 13:08:01 | 000,000,000 | ---D | M] ("BitAccelerator") -- C:\Program Files (x86)\mozilla firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
[2013.02.18 13:08:19 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.11 19:15:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.11 19:15:36 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.11 19:15:36 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.11 19:15:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.21 09:09:25 | 000,044,755 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\proxtube_gesperrte_youtube_videos_schauen-1.4.2-fx.xpi
[2013.01.11 19:15:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.11 19:15:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Andy\AppData\LocalLow\Sony Online Entertainment\npsoe.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Andy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: BitAccelerator = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl\1.1_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BitAcceleratorBHO Class) - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll (TODO: <Company name>)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [Arctosa] C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [Smart PC Cleaner] C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe (Avanquest Software)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A348A4E-12B6-4D90-9D3E-82F90CCECC61}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46AD437E-974A-4481-A794-78D0FB183E38}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B1EFC4C-E967-4F56-BCFB-4BAB1661DBE7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A94DD556-818D-4D53-95F6-485BF59EFEB0}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.23 15:03:22 | 001,075,256 | R--- | M] () - E:\AutoRun.bmp -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:34 | 000,002,388 | R--- | M] () - E:\Autorun.csv -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:34 | 000,000,594 | R--- | M] () - E:\AutoRun.dat -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:03:30 | 000,707,720 | R--- | M] () - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:36 | 000,000,052 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:03:28 | 000,921,390 | R--- | M] () - E:\autorun.wav -- [ UDF ]
O32 - AutoRun File - [2006.11.06 22:59:47 | 000,569,344 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.11.06 22:59:47 | 000,569,344 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.11.06 23:18:16 | 000,000,180 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.10.29 03:39:19 | 000,880,640 | R--- | M] () - G:\AutoRunGUI.dll -- [ CDFS ]
O33 - MountPoints2\{bf3e68c6-c98c-11e1-8fd9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bf3e68c6-c98c-11e1-8fd9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.09.23 15:03:30 | 000,707,720 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.19 18:25:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2013.02.18 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\HdR Die Rückkehr des Königs tm-Daten
[2013.02.18 21:36:16 | 000,000,000 | ---D | C] -- C:\Games
[2013.02.18 17:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013.02.18 15:21:27 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\ArmA 2 OA
[2013.02.18 15:21:27 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\ArmA 2
[2013.02.18 13:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.16 13:58:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.16 13:58:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.16 13:58:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.16 13:58:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.16 13:58:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.16 13:58:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.16 13:58:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.16 13:58:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.16 13:58:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.16 13:58:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.16 13:58:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.16 13:58:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.16 13:58:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.16 13:58:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.16 13:58:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.16 12:53:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.16 12:53:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.16 12:53:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.16 12:52:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.16 12:52:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.16 12:52:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.16 12:52:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.16 12:52:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.16 12:52:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.16 12:52:34 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.19 18:20:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2013.02.19 17:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.19 17:49:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000UA.job
[2013.02.19 17:42:06 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.02.19 17:39:20 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 17:39:20 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 17:31:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.19 17:31:45 | 4293,386,238 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.19 17:31:44 | 536,370,755 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.19 14:50:30 | 000,001,410 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013.02.19 14:39:26 | 000,000,858 | ---- | M] () -- C:\Users\Andy\Desktop\Der Herr der Ringe - Die Rückkehr des Königs.lnk
[2013.02.19 12:58:12 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.18 20:23:36 | 000,001,075 | ---- | M] () -- C:\Users\Andy\Desktop\ARMA 2 Combined Operations.lnk
[2013.02.18 19:49:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000Core.job
[2013.02.18 15:55:25 | 000,002,362 | ---- | M] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2013.02.18 12:52:06 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.18 12:52:06 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.02 19:39:58 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.02.02 19:39:58 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.25 19:13:04 | 004,261,494 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.25 19:13:04 | 001,255,754 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.25 19:13:04 | 001,116,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.25 19:13:04 | 000,006,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.25 19:13:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.22 16:09:28 | 135,294,528 | ---- | M] () -- C:\Users\Andy\Desktop\MP3_German_Patch_Update_1_0_0_113.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.19 14:39:26 | 000,000,858 | ---- | C] () -- C:\Users\Andy\Desktop\Der Herr der Ringe - Die Rückkehr des Königs.lnk
[2013.02.18 20:23:36 | 000,001,075 | ---- | C] () -- C:\Users\Andy\Desktop\ARMA 2 Combined Operations.lnk
[2013.02.18 16:16:41 | 000,001,410 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013.02.18 15:55:25 | 000,002,362 | ---- | C] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2013.01.23 20:17:43 | 135,294,528 | ---- | C] () -- C:\Users\Andy\Desktop\MP3_German_Patch_Update_1_0_0_113.exe
[2012.11.27 19:31:15 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.27 19:31:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.21 14:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.08.07 19:17:05 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2012.07.14 13:04:21 | 000,039,260 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.07.09 20:54:14 | 001,584,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.09 17:21:32 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.07.09 17:21:32 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.07.09 17:21:29 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.07.09 17:21:29 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.07.09 17:11:20 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.07.09 17:10:58 | 000,028,858 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.07.10 01:14:32 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\DAEMON Tools Lite
[2013.01.19 19:08:35 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Leadertech
[2012.12.25 16:51:16 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2011.01.02 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2013.01.10 18:23:25 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Mount&Blade Warband
[2012.12.13 22:05:30 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Origin
[2012.07.16 20:00:46 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Razer
[2012.07.21 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\six-updater
[2012.07.21 17:13:15 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\six-zsync
[2012.07.15 00:31:43 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Spore
[2013.02.16 12:46:08 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.09 17:09:30 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.07.14 13:12:05 | 000,000,000 | -H-D | M] -- C:\ASUS.000
[2012.07.14 13:11:33 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.09 17:07:57 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.14 13:16:09 | 000,000,000 | -H-D | M] -- C:\dvmexp
[2013.02.18 21:36:16 | 000,000,000 | ---D | M] -- C:\Games
[2012.07.09 17:12:01 | 000,000,000 | ---D | M] -- C:\Intel
[2012.11.08 23:41:51 | 000,000,000 | ---D | M] -- C:\Nexon
[2012.07.09 17:17:21 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.07.20 16:46:26 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.18 15:45:52 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.02.18 17:37:44 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.09 17:07:58 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.09 17:07:58 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.02.19 18:27:42 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.12.22 14:34:52 | 000,000,000 | -H-D | M] -- C:\temp
[2012.07.09 17:19:21 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.19 17:31:44 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.09 17:16:31 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.12 21:34:30 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000Core.job
[2012.08.12 21:34:31 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000UA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.02.19 18:36:16 | 001,572,864 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT
[2013.02.19 18:36:16 | 000,262,144 | -HS- | M] () -- C:\Users\Andy\ntuser.dat.LOG1
[2012.09.03 18:50:49 | 000,262,144 | -HS- | M] () -- C:\Users\Andy\ntuser.dat.LOG2
[2012.07.09 17:08:21 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.07.09 17:08:21 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.07.09 17:08:21 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.12.23 17:52:45 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TM.blf
[2012.12.23 17:52:45 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2012.12.23 17:52:45 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.28 17:33:00 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TM.blf
[2013.01.28 17:33:00 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.28 17:33:00 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.19 16:19:15 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TM.blf
[2013.01.19 16:19:15 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.19 16:19:15 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.09 17:37:16 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TM.blf
[2013.01.09 17:37:16 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.09 17:37:16 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2012.12.23 15:49:59 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TM.blf
[2012.12.23 15:49:59 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2012.12.23 15:49:59 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2012.07.09 17:08:19 | 000,000,020 | -HS- | M] () -- C:\Users\Andy\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---


Tut mir leid das habe ich in der tat nicht :/
Extras gab es nichtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.02.2013 18:34:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Andy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
16,00 Gb Total Physical Memory | 13,68 Gb Available Physical Memory | 85,51% Memory free
31,99 Gb Paging File | 29,57 Gb Available in Paging File | 92,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 736,20 Gb Total Space | 376,32 Gb Free Space | 51,12% Space Free | Partition Type: NTFS
Drive E: | 7,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 4,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ANDY-PC | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.19 18:20:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
PRC - [2012.12.01 02:35:17 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.11.26 23:13:32 | 007,274,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\Six Engine\SixEngine.exe
PRC - [2009.11.06 14:00:44 | 008,619,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.08.19 18:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
PRC - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.07.17 14:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2008.10.06 14:03:04 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.18 16:08:04 | 012,638,576 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2009.09.30 04:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.08.27 18:41:46 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 18:41:46 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.05.22 13:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 19:20:00 | 000,179,712 | ---- | M] () -- C:\Programme\ASUS\Six Engine\AsusService.dll
MOD - [2008.12.10 19:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.18 13:08:19 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.18 12:52:06 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.15 13:08:20 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.02 19:39:58 | 000,281,688 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.12.10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.01 02:35:17 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.08.18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.17 14:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.10 01:07:18 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.09 17:53:53 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanUZAG.sys -- (AG760V64)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.08 11:03:24 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.03 10:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 15:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006.12.22 18:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B9 8C A9 C8 89 75 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7Bc840e246-6b95-475e-9bd7-caa1c7eca9f2%7D:3.16.0.3
FF - prefs.js..extensions.enabledAddons: %7B5ddeb737-082c-48fb-8c06-aa4b38d61e5f%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Andy\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.18 13:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.18 13:08:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.09 17:41:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\mozilla\Extensions
[2012.11.23 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions
[2012.11.23 18:37:18 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2012.09.15 13:11:25 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Andy\AppData\Roaming\mozilla\Firefox\Profiles\xyjnrm76.default\extensions\ich@maltegoetz.de
[2012.11.07 19:52:22 | 000,000,931 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\xyjnrm76.default\searchplugins\conduit.xml
[2013.02.18 13:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.18 13:08:01 | 000,000,000 | ---D | M] ("BitAccelerator") -- C:\Program Files (x86)\mozilla firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
[2013.02.18 13:08:19 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.11 19:15:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.11 19:15:36 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.11 19:15:36 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.11 19:15:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.21 09:09:25 | 000,044,755 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\proxtube_gesperrte_youtube_videos_schauen-1.4.2-fx.xpi
[2013.01.11 19:15:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.11 19:15:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Andy\AppData\LocalLow\Sony Online Entertainment\npsoe.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Andy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: BitAccelerator = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl\1.1_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BitAcceleratorBHO Class) - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll (TODO: <Company name>)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [Arctosa] C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [Smart PC Cleaner] C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe (Avanquest Software)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A348A4E-12B6-4D90-9D3E-82F90CCECC61}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46AD437E-974A-4481-A794-78D0FB183E38}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B1EFC4C-E967-4F56-BCFB-4BAB1661DBE7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A94DD556-818D-4D53-95F6-485BF59EFEB0}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.23 15:03:22 | 001,075,256 | R--- | M] () - E:\AutoRun.bmp -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:34 | 000,002,388 | R--- | M] () - E:\Autorun.csv -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:34 | 000,000,594 | R--- | M] () - E:\AutoRun.dat -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:03:30 | 000,707,720 | R--- | M] () - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:09:36 | 000,000,052 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.09.23 15:03:28 | 000,921,390 | R--- | M] () - E:\autorun.wav -- [ UDF ]
O32 - AutoRun File - [2006.11.06 22:59:47 | 000,569,344 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.11.06 22:59:47 | 000,569,344 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.11.06 23:18:16 | 000,000,180 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.10.29 03:39:19 | 000,880,640 | R--- | M] () - G:\AutoRunGUI.dll -- [ CDFS ]
O33 - MountPoints2\{bf3e68c6-c98c-11e1-8fd9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bf3e68c6-c98c-11e1-8fd9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.09.23 15:03:30 | 000,707,720 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.19 18:25:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2013.02.18 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\HdR Die Rückkehr des Königs tm-Daten
[2013.02.18 21:36:16 | 000,000,000 | ---D | C] -- C:\Games
[2013.02.18 17:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013.02.18 15:21:27 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\ArmA 2 OA
[2013.02.18 15:21:27 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\ArmA 2
[2013.02.18 13:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.16 13:58:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.16 13:58:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.16 13:58:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.16 13:58:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.16 13:58:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.16 13:58:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.16 13:58:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.16 13:58:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.16 13:58:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.16 13:58:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.16 13:58:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.16 13:58:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.16 13:58:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.16 13:58:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.16 13:58:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.16 12:53:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.16 12:53:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.16 12:53:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.16 12:52:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.16 12:52:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.16 12:52:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.16 12:52:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.16 12:52:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.16 12:52:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.16 12:52:34 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.19 18:20:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2013.02.19 17:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.19 17:49:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000UA.job
[2013.02.19 17:42:06 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.02.19 17:39:20 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 17:39:20 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 17:31:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.19 17:31:45 | 4293,386,238 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.19 17:31:44 | 536,370,755 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.19 14:50:30 | 000,001,410 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013.02.19 14:39:26 | 000,000,858 | ---- | M] () -- C:\Users\Andy\Desktop\Der Herr der Ringe - Die Rückkehr des Königs.lnk
[2013.02.19 12:58:12 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.18 20:23:36 | 000,001,075 | ---- | M] () -- C:\Users\Andy\Desktop\ARMA 2 Combined Operations.lnk
[2013.02.18 19:49:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000Core.job
[2013.02.18 15:55:25 | 000,002,362 | ---- | M] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2013.02.18 12:52:06 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.18 12:52:06 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.02 19:39:58 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.02.02 19:39:58 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.25 19:13:04 | 004,261,494 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.25 19:13:04 | 001,255,754 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.25 19:13:04 | 001,116,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.25 19:13:04 | 000,006,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.25 19:13:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.22 16:09:28 | 135,294,528 | ---- | M] () -- C:\Users\Andy\Desktop\MP3_German_Patch_Update_1_0_0_113.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.19 14:39:26 | 000,000,858 | ---- | C] () -- C:\Users\Andy\Desktop\Der Herr der Ringe - Die Rückkehr des Königs.lnk
[2013.02.18 20:23:36 | 000,001,075 | ---- | C] () -- C:\Users\Andy\Desktop\ARMA 2 Combined Operations.lnk
[2013.02.18 16:16:41 | 000,001,410 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013.02.18 15:55:25 | 000,002,362 | ---- | C] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2013.01.23 20:17:43 | 135,294,528 | ---- | C] () -- C:\Users\Andy\Desktop\MP3_German_Patch_Update_1_0_0_113.exe
[2012.11.27 19:31:15 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.27 19:31:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.21 14:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.08.07 19:17:05 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2012.07.14 13:04:21 | 000,039,260 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.07.09 20:54:14 | 001,584,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.09 17:21:32 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.07.09 17:21:32 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.07.09 17:21:29 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.07.09 17:21:29 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.07.09 17:11:20 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.07.09 17:10:58 | 000,028,858 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.07.10 01:14:32 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\DAEMON Tools Lite
[2013.01.19 19:08:35 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Leadertech
[2012.12.25 16:51:16 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2011.01.02 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2013.01.10 18:23:25 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Mount&Blade Warband
[2012.12.13 22:05:30 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Origin
[2012.07.16 20:00:46 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Razer
[2012.07.21 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\six-updater
[2012.07.21 17:13:15 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\six-zsync
[2012.07.15 00:31:43 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Spore
[2013.02.16 12:46:08 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.09 17:09:30 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.07.14 13:12:05 | 000,000,000 | -H-D | M] -- C:\ASUS.000
[2012.07.14 13:11:33 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.09 17:07:57 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.14 13:16:09 | 000,000,000 | -H-D | M] -- C:\dvmexp
[2013.02.18 21:36:16 | 000,000,000 | ---D | M] -- C:\Games
[2012.07.09 17:12:01 | 000,000,000 | ---D | M] -- C:\Intel
[2012.11.08 23:41:51 | 000,000,000 | ---D | M] -- C:\Nexon
[2012.07.09 17:17:21 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.07.20 16:46:26 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.18 15:45:52 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.02.18 17:37:44 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.09 17:07:58 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.09 17:07:58 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.02.19 18:27:42 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.12.22 14:34:52 | 000,000,000 | -H-D | M] -- C:\temp
[2012.07.09 17:19:21 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.19 17:31:44 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.09 17:16:31 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.12 21:34:30 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000Core.job
[2012.08.12 21:34:31 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000UA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.02.19 18:36:16 | 001,572,864 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT
[2013.02.19 18:36:16 | 000,262,144 | -HS- | M] () -- C:\Users\Andy\ntuser.dat.LOG1
[2012.09.03 18:50:49 | 000,262,144 | -HS- | M] () -- C:\Users\Andy\ntuser.dat.LOG2
[2012.07.09 17:08:21 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.07.09 17:08:21 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.07.09 17:08:21 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.12.23 17:52:45 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TM.blf
[2012.12.23 17:52:45 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2012.12.23 17:52:45 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{1b00aa35-4d21-11e2-9cb5-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.28 17:33:00 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TM.blf
[2013.01.28 17:33:00 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.28 17:33:00 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{4bf91b45-6968-11e2-805b-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.19 16:19:15 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TM.blf
[2013.01.19 16:19:15 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.19 16:19:15 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{85824365-624b-11e2-8ef0-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2013.01.09 17:37:16 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TM.blf
[2013.01.09 17:37:16 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2013.01.09 17:37:16 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{c2e278e1-5a7a-11e2-9cbd-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2012.12.23 15:49:59 | 000,065,536 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TM.blf
[2012.12.23 15:49:59 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TMContainer00000000000000000001.regtrans-ms
[2012.12.23 15:49:59 | 000,524,288 | -HS- | M] () -- C:\Users\Andy\NTUSER.DAT{f483e1d6-4d0f-11e2-8a38-c860008d6a0c}.TMContainer00000000000000000002.regtrans-ms
[2012.07.09 17:08:19 | 000,000,020 | -HS- | M] () -- C:\Users\Andy\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---
__________________

Alt 19.02.2013, 18:55   #4
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Hi,
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 19:16   #5
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Hier der Bericht und Vielen vielen dank für die schnelle Hilfe ))

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\ not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andy
->Temp folder emptied: 3478434357 bytes
->Temporary Internet Files folder emptied: 1641744806 bytes
->Java cache emptied: 707612 bytes
->FireFox cache emptied: 444131728 bytes
->Google Chrome cache emptied: 7101230 bytes
->Flash cache emptied: 1119 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664671368 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5.948,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02192013_190555

Files\Folders moved on Reboot...
C:\Users\Andy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 19.02.2013, 19:24   #6
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> PC stürzt bei downloads ab

Alt 19.02.2013, 19:33   #7
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



19:29:10.0975 0696 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:29:11.0262 0696 ============================================================
19:29:11.0262 0696 Current date / time: 2013/02/19 19:29:11.0262
19:29:11.0262 0696 SystemInfo:
19:29:11.0262 0696
19:29:11.0262 0696 OS Version: 6.1.7601 ServicePack: 1.0
19:29:11.0262 0696 Product type: Workstation
19:29:11.0262 0696 ComputerName: ANDY-PC
19:29:11.0262 0696 UserName: Andy
19:29:11.0262 0696 Windows directory: C:\Windows
19:29:11.0262 0696 System windows directory: C:\Windows
19:29:11.0262 0696 Running under WOW64
19:29:11.0262 0696 Processor architecture: Intel x64
19:29:11.0262 0696 Number of processors: 4
19:29:11.0262 0696 Page size: 0x1000
19:29:11.0262 0696 Boot type: Normal boot

Teil 1 :

19:29:11.0262 0696 ============================================================
19:29:13.0158 0696 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0xFC58B, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000040
19:29:13.0161 0696 ============================================================
19:29:13.0161 0696 \Device\Harddisk0\DR0:
19:29:13.0161 0696 MBR partitions:
19:29:13.0161 0696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:29:13.0161 0696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x6, StartLBA 0x32800, BlocksNum 0x1866E000
19:29:13.0161 0696 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x5C065800
19:29:13.0161 0696 ============================================================
19:29:13.0194 0696 C: <-> \Device\Harddisk0\DR0\Partition3
19:29:13.0203 0696 ============================================================
19:29:13.0203 0696 Initialize success
19:29:13.0203 0696 ============================================================
19:29:20.0561 3784 ============================================================
19:29:20.0561 3784 Scan started
19:29:20.0561 3784 Mode: Manual;
19:29:20.0561 3784 ============================================================
19:29:21.0348 3784 ================ Scan system memory ========================
19:29:21.0349 3784 System memory - ok
19:29:21.0349 3784 ================ Scan services =============================
19:29:21.0478 3784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:29:21.0482 3784 1394ohci - ok
19:29:21.0491 3784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:29:21.0496 3784 ACPI - ok
19:29:21.0512 3784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:29:21.0513 3784 AcpiPmi - ok
19:29:21.0704 3784 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:29:21.0707 3784 AdobeFlashPlayerUpdateSvc - ok
19:29:21.0720 3784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:29:21.0728 3784 adp94xx - ok
19:29:21.0736 3784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:29:21.0740 3784 adpahci - ok
19:29:21.0763 3784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:29:21.0766 3784 adpu320 - ok
19:29:21.0790 3784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:29:21.0791 3784 AeLookupSvc - ok
19:29:21.0833 3784 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:29:21.0838 3784 AFD - ok
19:29:21.0875 3784 [ AEC505976EF01BBD8F57CBA912F39259 ] AG760V64 C:\Windows\system32\DRIVERS\WlanUZAG.sys
19:29:21.0919 3784 AG760V64 - ok
19:29:21.0922 3784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:29:21.0924 3784 agp440 - ok
19:29:21.0932 3784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:29:21.0933 3784 ALG - ok
19:29:21.0951 3784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:29:21.0952 3784 aliide - ok
19:29:22.0013 3784 ALSysIO - ok
19:29:22.0032 3784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:29:22.0033 3784 amdide - ok
19:29:22.0048 3784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:29:22.0050 3784 AmdK8 - ok
19:29:22.0068 3784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:29:22.0070 3784 AmdPPM - ok
19:29:22.0082 3784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:29:22.0085 3784 amdsata - ok
19:29:22.0097 3784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:29:22.0100 3784 amdsbs - ok
19:29:22.0111 3784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:29:22.0111 3784 amdxata - ok
19:29:22.0123 3784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:29:22.0125 3784 AppID - ok
19:29:22.0135 3784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:29:22.0137 3784 AppIDSvc - ok
19:29:22.0165 3784 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:29:22.0167 3784 Appinfo - ok
19:29:22.0191 3784 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:29:22.0194 3784 AppMgmt - ok
19:29:22.0212 3784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:29:22.0214 3784 arc - ok
19:29:22.0227 3784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:29:22.0229 3784 arcsas - ok
19:29:22.0278 3784 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:29:22.0278 3784 AsIO - ok
19:29:22.0382 3784 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:29:22.0384 3784 aspnet_state - ok
19:29:22.0451 3784 [ 798A87B2D7AD73B16B7CD968C5D1F18F ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
19:29:22.0494 3784 AsSysCtrlService - ok
19:29:22.0511 3784 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
19:29:22.0512 3784 AsUpIO - ok
19:29:22.0522 3784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:29:22.0523 3784 AsyncMac - ok
19:29:22.0536 3784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:29:22.0536 3784 atapi - ok
19:29:22.0592 3784 [ 96ABF88241F90FF647E55C934C55C2F1 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:29:22.0663 3784 athr - ok
19:29:22.0685 3784 [ CA0318D3FA86C173533685C2171C55AB ] athrusb C:\Windows\system32\DRIVERS\athrxusb.sys
19:29:22.0692 3784 athrusb - ok
19:29:22.0715 3784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:29:22.0724 3784 AudioEndpointBuilder - ok
19:29:22.0746 3784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:29:22.0750 3784 AudioSrv - ok
19:29:22.0844 3784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:29:22.0883 3784 AxInstSV - ok
19:29:22.0960 3784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:29:22.0968 3784 b06bdrv - ok
19:29:22.0984 3784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:29:22.0989 3784 b57nd60a - ok
19:29:22.0996 3784 BCMH43XX - ok
19:29:23.0013 3784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:29:23.0015 3784 BDESVC - ok
19:29:23.0034 3784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:29:23.0035 3784 Beep - ok
19:29:23.0090 3784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:29:23.0100 3784 BFE - ok
19:29:23.0151 3784 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:29:23.0165 3784 BITS - ok
19:29:23.0180 3784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:29:23.0181 3784 blbdrive - ok
19:29:23.0190 3784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:29:23.0192 3784 bowser - ok
19:29:23.0209 3784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:29:23.0210 3784 BrFiltLo - ok
19:29:23.0224 3784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:29:23.0225 3784 BrFiltUp - ok
19:29:23.0249 3784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:29:23.0251 3784 Browser - ok
19:29:23.0257 3784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:29:23.0261 3784 Brserid - ok
19:29:23.0270 3784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:29:23.0272 3784 BrSerWdm - ok
19:29:23.0279 3784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:29:23.0280 3784 BrUsbMdm - ok
19:29:23.0285 3784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:29:23.0286 3784 BrUsbSer - ok
19:29:23.0303 3784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:29:23.0305 3784 BTHMODEM - ok
19:29:23.0325 3784 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:29:23.0331 3784 BTHPORT - ok
19:29:23.0342 3784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:29:23.0343 3784 bthserv - ok
19:29:23.0354 3784 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:29:23.0355 3784 BTHUSB - ok
19:29:23.0368 3784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:29:23.0370 3784 cdfs - ok
19:29:23.0387 3784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:29:23.0390 3784 cdrom - ok
19:29:23.0393 3784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:29:23.0394 3784 CertPropSvc - ok
19:29:23.0398 3784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:29:23.0399 3784 circlass - ok
19:29:23.0415 3784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:29:23.0418 3784 CLFS - ok
19:29:23.0468 3784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:29:23.0469 3784 clr_optimization_v2.0.50727_32 - ok
19:29:23.0512 3784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:29:23.0515 3784 clr_optimization_v2.0.50727_64 - ok
19:29:23.0572 3784 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:29:23.0575 3784 clr_optimization_v4.0.30319_32 - ok
19:29:23.0594 3784 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:29:23.0596 3784 clr_optimization_v4.0.30319_64 - ok
19:29:23.0602 3784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:29:23.0604 3784 CmBatt - ok
19:29:23.0619 3784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:29:23.0621 3784 cmdide - ok
19:29:23.0659 3784 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:29:23.0665 3784 CNG - ok
19:29:23.0670 3784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:29:23.0671 3784 Compbatt - ok
19:29:23.0680 3784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:29:23.0681 3784 CompositeBus - ok
19:29:23.0685 3784 COMSysApp - ok
19:29:23.0696 3784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:29:23.0697 3784 crcdisk - ok
19:29:23.0731 3784 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:29:23.0734 3784 CryptSvc - ok
19:29:23.0753 3784 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:29:23.0759 3784 CSC - ok
19:29:23.0784 3784 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:29:23.0791 3784 CscService - ok
19:29:23.0814 3784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:29:23.0821 3784 DcomLaunch - ok
19:29:23.0838 3784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:29:23.0842 3784 defragsvc - ok
19:29:23.0862 3784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:29:23.0864 3784 DfsC - ok
19:29:23.0883 3784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:29:23.0888 3784 Dhcp - ok
19:29:23.0905 3784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:29:23.0906 3784 discache - ok
19:29:23.0922 3784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:29:23.0923 3784 Disk - ok
19:29:23.0935 3784 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:29:23.0936 3784 dmvsc - ok
19:29:23.0954 3784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:29:23.0957 3784 Dnscache - ok
19:29:23.0979 3784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:29:23.0982 3784 dot3svc - ok
19:29:23.0986 3784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:29:23.0989 3784 DPS - ok
19:29:24.0012 3784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:29:24.0013 3784 drmkaud - ok
19:29:24.0052 3784 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:29:24.0055 3784 dtsoftbus01 - ok
19:29:24.0148 3784 [ E5B95C75557120881076C45CD146D72C ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe
19:29:24.0248 3784 DvmMDES - ok
19:29:24.0306 3784 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:29:24.0319 3784 DXGKrnl - ok
19:29:24.0358 3784 EagleX64 - ok
19:29:24.0371 3784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:29:24.0373 3784 EapHost - ok
19:29:24.0428 3784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:29:24.0486 3784 ebdrv - ok
19:29:24.0519 3784 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:29:24.0521 3784 EFS - ok
19:29:24.0560 3784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:29:24.0571 3784 ehRecvr - ok
19:29:24.0586 3784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:29:24.0588 3784 ehSched - ok
19:29:24.0612 3784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:29:24.0619 3784 elxstor - ok
19:29:24.0631 3784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:29:24.0632 3784 ErrDev - ok
19:29:24.0654 3784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:29:24.0660 3784 EventSystem - ok
19:29:24.0673 3784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:29:24.0676 3784 exfat - ok
19:29:24.0693 3784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:29:24.0696 3784 fastfat - ok
19:29:24.0721 3784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:29:24.0729 3784 Fax - ok
19:29:24.0743 3784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:29:24.0744 3784 fdc - ok
19:29:24.0759 3784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:29:24.0761 3784 fdPHost - ok
19:29:24.0769 3784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:29:24.0771 3784 FDResPub - ok
19:29:24.0781 3784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:29:24.0782 3784 FileInfo - ok
19:29:24.0797 3784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:29:24.0798 3784 Filetrace - ok
19:29:24.0801 3784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:29:24.0802 3784 flpydisk - ok
19:29:24.0822 3784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:29:24.0825 3784 FltMgr - ok
19:29:24.0856 3784 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:29:24.0867 3784 FontCache - ok
19:29:24.0902 3784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:29:24.0903 3784 FontCache3.0.0.0 - ok
19:29:24.0922 3784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:29:24.0923 3784 FsDepends - ok
19:29:24.0941 3784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:29:24.0941 3784 Fs_Rec - ok
19:29:24.0956 3784 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:29:24.0960 3784 fvevol - ok
19:29:24.0975 3784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:29:24.0977 3784 gagp30kx - ok
19:29:25.0005 3784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:29:25.0016 3784 gpsvc - ok
19:29:25.0047 3784 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:29:25.0048 3784 hamachi - ok
19:29:25.0126 3784 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:29:25.0326 3784 Hamachi2Svc - ok
19:29:25.0329 3784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:29:25.0330 3784 hcw85cir - ok
19:29:25.0353 3784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:29:25.0356 3784 HdAudAddService - ok
19:29:25.0383 3784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:29:25.0384 3784 HDAudBus - ok
19:29:25.0388 3784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:29:25.0389 3784 HidBatt - ok
19:29:25.0392 3784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:29:25.0394 3784 HidBth - ok
19:29:25.0401 3784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:29:25.0402 3784 HidIr - ok
19:29:25.0418 3784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:29:25.0419 3784 hidserv - ok
19:29:25.0436 3784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:29:25.0437 3784 HidUsb - ok
19:29:25.0450 3784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:29:25.0452 3784 hkmsvc - ok
19:29:25.0466 3784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:29:25.0470 3784 HomeGroupListener - ok
19:29:25.0495 3784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:29:25.0498 3784 HomeGroupProvider - ok
19:29:25.0515 3784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:29:25.0517 3784 HpSAMD - ok
19:29:25.0541 3784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:29:25.0552 3784 HTTP - ok
19:29:25.0565 3784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:29:25.0566 3784 hwpolicy - ok
19:29:25.0583 3784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:29:25.0586 3784 i8042prt - ok
19:29:25.0595 3784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:29:25.0600 3784 iaStorV - ok
19:29:25.0639 3784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:29:25.0653 3784 idsvc - ok
19:29:25.0822 3784 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:29:25.0940 3784 igfx - ok
19:29:25.0957 3784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:29:25.0958 3784 iirsp - ok
19:29:25.0986 3784 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:29:25.0997 3784 IKEEXT - ok
19:29:26.0058 3784 [ D42D651676883181400E22957A7E0B1E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:29:26.0072 3784 IntcAzAudAddService - ok
19:29:26.0083 3784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:29:26.0084 3784 intelide - ok
19:29:26.0096 3784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:29:26.0097 3784 intelppm - ok
19:29:26.0109 3784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:29:26.0111 3784 IPBusEnum - ok
19:29:26.0128 3784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:29:26.0130 3784 IpFilterDriver - ok
19:29:26.0148 3784 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:29:26.0154 3784 iphlpsvc - ok
19:29:26.0157 3784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:29:26.0159 3784 IPMIDRV - ok
19:29:26.0181 3784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:29:26.0183 3784 IPNAT - ok
19:29:26.0204 3784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:29:26.0205 3784 IRENUM - ok
19:29:26.0208 3784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:29:26.0209 3784 isapnp - ok
19:29:26.0215 3784 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:29:26.0218 3784 iScsiPrt - ok
19:29:26.0235 3784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:29:26.0235 3784 kbdclass - ok
19:29:26.0238 3784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:29:26.0239 3784 kbdhid - ok
19:29:26.0252 3784 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:29:26.0253 3784 KeyIso - ok
19:29:26.0270 3784 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:29:26.0272 3784 KSecDD - ok
19:29:26.0286 3784 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:29:26.0287 3784 KSecPkg - ok
19:29:26.0291 3784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:29:26.0291 3784 ksthunk - ok
19:29:26.0310 3784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:29:26.0315 3784 KtmRm - ok
19:29:26.0342 3784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:29:26.0346 3784 LanmanServer - ok
19:29:26.0356 3784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:29:26.0359 3784 LanmanWorkstation - ok
19:29:26.0385 3784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:29:26.0387 3784 lltdio - ok
19:29:26.0401 3784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:29:26.0406 3784 lltdsvc - ok
19:29:26.0419 3784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:29:26.0421 3784 lmhosts - ok
19:29:26.0434 3784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:29:26.0436 3784 LSI_FC - ok
19:29:26.0443 3784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:29:26.0445 3784 LSI_SAS - ok
19:29:26.0459 3784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:29:26.0461 3784 LSI_SAS2 - ok
19:29:26.0474 3784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:29:26.0475 3784 LSI_SCSI - ok
19:29:26.0486 3784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:29:26.0488 3784 luafv - ok
19:29:26.0499 3784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:29:26.0501 3784 Mcx2Svc - ok
19:29:26.0504 3784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:29:26.0506 3784 megasas - ok
19:29:26.0526 3784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:29:26.0529 3784 MegaSR - ok
19:29:26.0543 3784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:29:26.0545 3784 MMCSS - ok
19:29:26.0556 3784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:29:26.0557 3784 Modem - ok
19:29:26.0581 3784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:29:26.0582 3784 monitor - ok
19:29:26.0593 3784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:29:26.0593 3784 mouclass - ok
19:29:26.0604 3784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:29:26.0605 3784 mouhid - ok
19:29:26.0613 3784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:29:26.0614 3784 mountmgr - ok
19:29:26.0674 3784 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:29:26.0731 3784 MozillaMaintenance - ok
19:29:26.0769 3784 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:29:26.0772 3784 MpFilter - ok
19:29:26.0793 3784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:29:26.0796 3784 mpio - ok
19:29:26.0809 3784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:29:26.0811 3784 mpsdrv - ok
19:29:26.0839 3784 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:29:26.0852 3784 MpsSvc - ok
19:29:26.0864 3784 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:29:26.0866 3784 MRxDAV - ok
19:29:26.0871 3784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:29:26.0874 3784 mrxsmb - ok
19:29:26.0886 3784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:29:26.0889 3784 mrxsmb10 - ok
19:29:26.0897 3784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:29:26.0899 3784 mrxsmb20 - ok
19:29:26.0904 3784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:29:26.0905 3784 msahci - ok
19:29:26.0921 3784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:29:26.0922 3784 msdsm - ok
19:29:26.0937 3784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:29:26.0940 3784 MSDTC - ok
19:29:26.0950 3784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:29:26.0951 3784 Msfs - ok
19:29:26.0958 3784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:29:26.0959 3784 mshidkmdf - ok
19:29:26.0962 3784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:29:26.0962 3784 msisadrv - ok
19:29:26.0975 3784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:29:26.0977 3784 MSiSCSI - ok
19:29:26.0980 3784 msiserver - ok
19:29:27.0002 3784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:29:27.0003 3784 MSKSSRV - ok
19:29:27.0044 3784 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:29:27.0045 3784 MsMpSvc - ok
19:29:27.0050 3784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:29:27.0051 3784 MSPCLOCK - ok
19:29:27.0063 3784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:29:27.0065 3784 MSPQM - ok
19:29:27.0079 3784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:29:27.0083 3784 MsRPC - ok
19:29:27.0095 3784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:29:27.0096 3784 mssmbios - ok
19:29:27.0099 3784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:29:27.0100 3784 MSTEE - ok
19:29:27.0108 3784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:29:27.0109 3784 MTConfig - ok
19:29:27.0147 3784 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:29:27.0148 3784 MTsensor - ok
19:29:27.0151 3784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:29:27.0151 3784 Mup - ok
19:29:27.0183 3784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:29:27.0188 3784 napagent - ok
19:29:27.0203 3784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:29:27.0206 3784 NativeWifiP - ok
19:29:27.0241 3784 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:29:27.0250 3784 NDIS - ok
19:29:27.0259 3784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:29:27.0261 3784 NdisCap - ok
19:29:27.0264 3784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:29:27.0265 3784 NdisTapi - ok
19:29:27.0278 3784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:29:27.0280 3784 Ndisuio - ok
19:29:27.0288 3784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:29:27.0291 3784 NdisWan - ok
19:29:27.0303 3784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:29:27.0304 3784 NDProxy - ok
19:29:27.0318 3784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:29:27.0319 3784 NetBIOS - ok
19:29:27.0336 3784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:29:27.0339 3784 NetBT - ok
19:29:27.0352 3784 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:29:27.0353 3784 Netlogon - ok
19:29:27.0388 3784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:29:27.0392 3784 Netman - ok
19:29:27.0449 3784 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:29:27.0452 3784 NetMsmqActivator - ok
19:29:27.0491 3784 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:29:27.0493 3784 NetPipeActivator - ok
19:29:27.0513 3784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:29:27.0521 3784 netprofm - ok
19:29:27.0541 3784 netr28ux - ok
19:29:27.0556 3784 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:29:27.0557 3784 NetTcpActivator - ok
19:29:27.0561 3784 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:29:27.0562 3784 NetTcpPortSharing - ok
19:29:27.0570 3784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:29:27.0571 3784 nfrd960 - ok
19:29:27.0610 3784 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:29:27.0611 3784 NisDrv - ok
19:29:27.0633 3784 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:29:27.0639 3784 NisSrv - ok
19:29:27.0664 3784 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:29:27.0670 3784 NlaSvc - ok
19:29:27.0706 3784 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\DRIVERS\npf.sys
19:29:27.0708 3784 NPF - ok
19:29:27.0719 3784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:29:27.0720 3784 Npfs - ok
19:29:27.0732 3784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:29:27.0734 3784 nsi - ok
19:29:27.0751 3784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:29:27.0752 3784 nsiproxy - ok
19:29:27.0795 3784 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:29:27.0827 3784 Ntfs - ok
19:29:27.0853 3784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:29:27.0854 3784 Null - ok
19:29:27.0890 3784 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:29:27.0893 3784 NVHDA - ok
19:29:28.0157 3784 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:29:28.0197 3784 nvlddmkm - ok
19:29:28.0216 3784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:29:28.0218 3784 nvraid - ok
19:29:28.0235 3784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:29:28.0237 3784 nvstor - ok
19:29:28.0288 3784 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
19:29:28.0302 3784 nvsvc - ok
19:29:28.0368 3784 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:29:28.0386 3784 nvUpdatusService - ok
19:29:28.0404 3784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:29:28.0407 3784 nv_agp - ok
19:29:28.0416 3784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:29:28.0418 3784 ohci1394 - ok
19:29:28.0433 3784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:29:28.0438 3784 p2pimsvc - ok
19:29:28.0460 3784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:29:28.0467 3784 p2psvc - ok
19:29:28.0482 3784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:29:28.0484 3784 Parport - ok
19:29:28.0500 3784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:29:28.0501 3784 partmgr - ok
19:29:28.0516 3784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:29:28.0519 3784 PcaSvc - ok
19:29:28.0527 3784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:29:28.0529 3784 pci - ok
19:29:28.0531 3784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:29:28.0532 3784 pciide - ok
19:29:28.0547 3784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:29:28.0550 3784 pcmcia - ok
19:29:28.0563 3784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:29:28.0564 3784 pcw - ok
19:29:28.0572 3784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:29:28.0579 3784 PEAUTH - ok
19:29:28.0616 3784 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:29:28.0629 3784 PeerDistSvc - ok
19:29:28.0700 3784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:29:28.0703 3784 PerfHost - ok
19:29:28.0756 3784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:29:28.0786 3784 pla - ok
19:29:28.0834 3784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:29:28.0841 3784 PlugPlay - ok
19:29:28.0882 3784 PnkBstrA - ok
19:29:28.0911 3784 PnkBstrB - ok
19:29:28.0923 3784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:29:28.0926 3784 PNRPAutoReg - ok
19:29:28.0934 3784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:29:28.0938 3784 PNRPsvc - ok
19:29:28.0962 3784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:29:28.0970 3784 PolicyAgent - ok
19:29:28.0997 3784 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:29:28.0999 3784 Power - ok
19:29:29.0031 3784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:29:29.0033 3784 PptpMiniport - ok
19:29:29.0040 3784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:29:29.0042 3784 Processor - ok
19:29:29.0072 3784 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:29:29.0075 3784 ProfSvc - ok
19:29:29.0078 3784 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:29:29.0079 3784 ProtectedStorage - ok
19:29:29.0109 3784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:29:29.0110 3784 Psched - ok
19:29:29.0151 3784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:29:29.0172 3784 ql2300 - ok
19:29:29.0192 3784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:29:29.0194 3784 ql40xx - ok
19:29:29.0208 3784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:29:29.0212 3784 QWAVE - ok
19:29:29.0227 3784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:29:29.0228 3784 QWAVEdrv - ok
19:29:29.0243 3784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:29:29.0244 3784 RasAcd - ok
19:29:29.0251 3784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:29:29.0252 3784 RasAgileVpn - ok
19:29:29.0270 3784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:29:29.0273 3784 RasAuto - ok
19:29:29.0289 3784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:29:29.0291 3784 Rasl2tp - ok
19:29:29.0306 3784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:29:29.0312 3784 RasMan - ok
19:29:29.0335 3784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:29:29.0336 3784 RasPppoe - ok
19:29:29.0352 3784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:29:29.0354 3784 RasSstp - ok
19:29:29.0368 3784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:29:29.0372 3784 rdbss - ok
19:29:29.0384 3784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:29:29.0385 3784 rdpbus - ok
19:29:29.0393 3784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:29:29.0394 3784 RDPCDD - ok
19:29:29.0412 3784 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:29:29.0414 3784 RDPDR - ok
19:29:29.0434 3784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:29:29.0435 3784 RDPENCDD - ok
19:29:29.0451 3784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:29:29.0452 3784 RDPREFMP - ok
19:29:29.0468 3784 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:29:29.0469 3784 RdpVideoMiniport - ok
19:29:29.0495 3784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:29:29.0498 3784 RDPWD - ok
19:29:29.0511 3784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:29:29.0514 3784 rdyboost - ok
19:29:29.0533 3784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:29:29.0536 3784 RemoteAccess - ok
19:29:29.0550 3784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:29:29.0553 3784 RemoteRegistry - ok
19:29:29.0573 3784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:29:29.0575 3784 RpcEptMapper - ok
19:29:29.0587 3784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:29:29.0588 3784 RpcLocator - ok
19:29:29.0603 3784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:29:29.0606 3784 RpcSs - ok
19:29:29.0613 3784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:29:29.0615 3784 rspndr - ok
19:29:29.0633 3784 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:29:29.0635 3784 RTL8167 - ok
19:29:29.0648 3784 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:29:29.0649 3784 s3cap - ok
19:29:29.0652 3784 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:29:29.0653 3784 SamSs - ok
19:29:29.0660 3784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:29:29.0662 3784 sbp2port - ok
19:29:29.0677 3784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:29:29.0680 3784 SCardSvr - ok
19:29:29.0684 3784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:29:29.0685 3784 scfilter - ok
19:29:29.0716 3784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:29:29.0727 3784 Schedule - ok
19:29:29.0736 3784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:29:29.0737 3784 SCPolicySvc - ok
19:29:29.0756 3784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:29:29.0759 3784 SDRSVC - ok
19:29:29.0778 3784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:29:29.0779 3784 secdrv - ok
19:29:29.0791 3784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:29:29.0793 3784 seclogon - ok
19:29:29.0809 3784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:29:29.0811 3784 SENS - ok
19:29:29.0818 3784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:29:29.0820 3784 SensrSvc - ok
19:29:29.0836 3784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:29:29.0837 3784 Serenum - ok
19:29:29.0850 3784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:29:29.0852 3784 Serial - ok
19:29:29.0867 3784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:29:29.0868 3784 sermouse - ok
19:29:29.0892 3784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:29:29.0895 3784 SessionEnv - ok
19:29:29.0912 3784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:29:29.0913 3784 sffdisk - ok
19:29:29.0919 3784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:29:29.0920 3784 sffp_mmc - ok
19:29:29.0932 3784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:29:29.0933 3784 sffp_sd - ok
19:29:29.0936 3784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:29:29.0937 3784 sfloppy - ok
19:29:29.0974 3784 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:29:29.0978 3784 SharedAccess - ok
19:29:29.0998 3784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:29:30.0005 3784 ShellHWDetection - ok
19:29:30.0016 3784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:29:30.0018 3784 SiSRaid2 - ok
19:29:30.0029 3784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:29:30.0031 3784 SiSRaid4 - ok
19:29:30.0069 3784 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:29:30.0072 3784 SkypeUpdate - ok
19:29:30.0095 3784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:29:30.0097 3784 Smb - ok
19:29:30.0114 3784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:29:30.0118 3784 SNMPTRAP - ok
19:29:30.0126 3784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:29:30.0127 3784 spldr - ok
19:29:30.0138 3784 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:29:30.0145 3784 Spooler - ok
19:29:30.0220 3784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:29:30.0280 3784 sppsvc - ok
19:29:30.0295 3784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:29:30.0297 3784 sppuinotify - ok
19:29:30.0313 3784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:29:30.0318 3784 srv - ok
19:29:30.0325 3784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:29:30.0329 3784 srv2 - ok
19:29:30.0338 3784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:29:30.0340 3784 srvnet - ok
19:29:30.0368 3784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:29:30.0371 3784 SSDPSRV - ok
19:29:30.0382 3784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:29:30.0385 3784 SstpSvc - ok
19:29:30.0402 3784 Steam Client Service - ok
19:29:30.0461 3784 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:29:30.0467 3784 Stereo Service - ok
19:29:30.0485 3784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:29:30.0486 3784 stexstor - ok
19:29:30.0540 3784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:29:30.0551 3784 stisvc - ok
19:29:30.0567 3784 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:29:30.0568 3784 storflt - ok
19:29:30.0583 3784 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:29:30.0585 3784 storvsc - ok
19:29:30.0598 3784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:29:30.0599 3784 swenum - ok
19:29:30.0619 3784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:29:30.0626 3784 swprv - ok
19:29:30.0639 3784 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
19:29:30.0641 3784 Synth3dVsc - ok
19:29:30.0676 3784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:29:30.0709 3784 SysMain - ok
19:29:30.0732 3784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:29:30.0735 3784 TabletInputService - ok
19:29:30.0753 3784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:29:30.0759 3784 TapiSrv - ok
19:29:30.0771 3784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:29:30.0773 3784 TBS - ok
19:29:30.0833 3784 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:29:30.0843 3784 Tcpip - ok
19:29:30.0876 3784 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:29:30.0882 3784 TCPIP6 - ok
19:29:30.0903 3784 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:29:30.0905 3784 tcpipreg - ok
19:29:30.0919 3784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:29:30.0920 3784 TDPIPE - ok
19:29:30.0940 3784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:29:30.0941 3784 TDTCP - ok
19:29:30.0953 3784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:29:30.0955 3784 tdx - ok
19:29:30.0961 3784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:29:30.0962 3784 TermDD - ok
19:29:30.0979 3784 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:29:30.0980 3784 terminpt - ok
19:29:31.0006 3784 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:29:31.0013 3784 TermService - ok
19:29:31.0025 3784 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:29:31.0027 3784 Themes - ok
19:29:31.0043 3784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:29:31.0044 3784 THREADORDER - ok
19:29:31.0061 3784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:29:31.0063 3784 TrkWks - ok
19:29:31.0099 3784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:29:31.0102 3784 TrustedInstaller - ok
19:29:31.0107 3784 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:29:31.0108 3784 tssecsrv - ok
19:29:31.0118 3784 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:29:31.0119 3784 TsUsbFlt - ok
19:29:31.0122 3784 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:29:31.0123 3784 TsUsbGD - ok
19:29:31.0137 3784 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:29:31.0138 3784 tsusbhub - ok
19:29:31.0161 3784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:29:31.0162 3784 tunnel - ok
19:29:31.0165 3784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:29:31.0167 3784 uagp35 - ok
19:29:31.0185 3784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:29:31.0189 3784 udfs - ok
19:29:31.0199 3784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:29:31.0202 3784 UI0Detect - ok
19:29:31.0226 3784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:29:31.0228 3784 uliagpkx - ok
19:29:31.0237 3784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:29:31.0239 3784 umbus - ok
19:29:31.0250 3784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:29:31.0251 3784 UmPass - ok
19:29:31.0271 3784 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:29:31.0275 3784 UmRdpService - ok
19:29:31.0295 3784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:29:31.0300 3784 upnphost - ok
19:29:31.0318 3784 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:29:31.0319 3784 usbccgp - ok
19:29:31.0341 3784 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:29:31.0343 3784 usbcir - ok
19:29:31.0353 3784 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:29:31.0355 3784 usbehci - ok
19:29:31.0368 3784 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:29:31.0373 3784 usbhub - ok
19:29:31.0382 3784 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:29:31.0383 3784 usbohci - ok
19:29:31.0386 3784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:29:31.0387 3784 usbprint - ok
19:29:31.0396 3784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:29:31.0398 3784 USBSTOR - ok
19:29:31.0404 3784 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:29:31.0405 3784 usbuhci - ok
19:29:31.0428 3784 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:29:31.0431 3784 usbvideo - ok
19:29:31.0445 3784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:29:31.0447 3784 UxSms - ok
19:29:31.0449 3784 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:29:31.0450 3784 VaultSvc - ok
19:29:31.0464 3784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:29:31.0464 3784 vdrvroot - ok
19:29:31.0490 3784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:29:31.0497 3784 vds - ok
19:29:31.0500 3784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:29:31.0501 3784 vga - ok
19:29:31.0515 3784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:29:31.0516 3784 VgaSave - ok
19:29:31.0518 3784 VGPU - ok
19:29:31.0535 3784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:29:31.0538 3784 vhdmp - ok
19:29:31.0552 3784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:29:31.0553 3784 viaide - ok
19:29:31.0564 3784 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:29:31.0567 3784 vmbus - ok
19:29:31.0570 3784 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:29:31.0571 3784 VMBusHID - ok
19:29:31.0579 3784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:29:31.0580 3784 volmgr - ok
19:29:31.0601 3784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:29:31.0604 3784 volmgrx - ok
19:29:31.0641 3784 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:29:31.0645 3784 volsnap - ok
19:29:31.0665 3784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:29:31.0668 3784 vsmraid - ok
19:29:31.0714 3784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:29:31.0744 3784 VSS - ok
19:29:31.0749 3784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:29:31.0751 3784 vwifibus - ok
19:29:31.0777 3784 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:29:31.0779 3784 vwififlt - ok
19:29:31.0803 3784 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:29:31.0811 3784 W32Time - ok
19:29:31.0821 3784 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:29:31.0827 3784 WacomPen - ok
19:29:31.0847 3784 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:29:31.0849 3784 WANARP - ok
19:29:31.0865 3784 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

Alt 19.02.2013, 19:36   #8
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Teil 2 :

19:29:31.0866 3784 Wanarpv6 - ok
19:29:31.0910 3784 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:29:31.0940 3784 wbengine - ok
19:29:31.0959 3784 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:29:31.0964 3784 WbioSrvc - ok
19:29:31.0985 3784 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:29:31.0991 3784 wcncsvc - ok
19:29:32.0008 3784 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:29:32.0011 3784 WcsPlugInService - ok
19:29:32.0021 3784 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:29:32.0023 3784 Wd - ok
19:29:32.0041 3784 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:29:32.0049 3784 Wdf01000 - ok
19:29:32.0063 3784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:29:32.0066 3784 WdiServiceHost - ok
19:29:32.0070 3784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:29:32.0072 3784 WdiSystemHost - ok
19:29:32.0124 3784 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:29:32.0131 3784 WebClient - ok
19:29:32.0146 3784 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:29:32.0153 3784 Wecsvc - ok
19:29:32.0167 3784 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:29:32.0171 3784 wercplsupport - ok
19:29:32.0202 3784 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:29:32.0206 3784 WerSvc - ok
19:29:32.0218 3784 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:29:32.0220 3784 WfpLwf - ok
19:29:32.0224 3784 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:29:32.0226 3784 WIMMount - ok
19:29:32.0240 3784 WinDefend - ok
19:29:32.0246 3784 WinHttpAutoProxySvc - ok
19:29:32.0290 3784 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:29:32.0294 3784 Winmgmt - ok
19:29:32.0338 3784 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:29:32.0384 3784 WinRM - ok
19:29:32.0435 3784 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:29:32.0436 3784 WinUsb - ok
19:29:32.0468 3784 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:29:32.0481 3784 Wlansvc - ok
19:29:32.0589 3784 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:29:32.0643 3784 wlidsvc - ok
19:29:32.0652 3784 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:29:32.0653 3784 WmiAcpi - ok
19:29:32.0667 3784 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:29:32.0670 3784 wmiApSrv - ok
19:29:32.0678 3784 WMPNetworkSvc - ok
19:29:32.0689 3784 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:29:32.0691 3784 WPCSvc - ok
19:29:32.0706 3784 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:29:32.0708 3784 WPDBusEnum - ok
19:29:32.0716 3784 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:29:32.0717 3784 ws2ifsl - ok
19:29:32.0727 3784 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:29:32.0729 3784 wscsvc - ok
19:29:32.0733 3784 WSearch - ok
19:29:32.0798 3784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:29:32.0856 3784 wuauserv - ok
19:29:32.0878 3784 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:29:32.0880 3784 WudfPf - ok
19:29:32.0918 3784 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:29:32.0921 3784 WUDFRd - ok
19:29:32.0940 3784 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:29:32.0945 3784 wudfsvc - ok
19:29:32.0958 3784 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:29:32.0964 3784 WwanSvc - ok
19:29:33.0044 3784 ================ Scan global ===============================
19:29:33.0107 3784 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:29:33.0198 3784 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:29:33.0253 3784 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:29:33.0275 3784 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:29:33.0301 3784 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:29:33.0306 3784 [Global] - ok
19:29:33.0306 3784 ================ Scan MBR ==================================
19:29:33.0324 3784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:29:33.0782 3784 \Device\Harddisk0\DR0 - ok
19:29:33.0783 3784 ================ Scan VBR ==================================
19:29:33.0785 3784 [ 7CDBAD815DE035B35384D734F16BF333 ] \Device\Harddisk0\DR0\Partition1
19:29:33.0786 3784 \Device\Harddisk0\DR0\Partition1 - ok
19:29:36.0466 3784 [ 3D526E67FD5BDC1720679A70DB3310FC ] \Device\Harddisk0\DR0\Partition3
19:29:36.0468 3784 \Device\Harddisk0\DR0\Partition3 - ok
19:29:36.0469 3784 ============================================================
19:29:36.0469 3784 Scan finished
19:29:36.0469 3784 ============================================================
19:29:36.0481 3796 Detected object count: 0
19:29:36.0481 3796 Actual detected object count: 0
19:30:10.0836 3792 ============================================================
19:30:10.0836 3792 Scan started
19:30:10.0836 3792 Mode: Manual; SigCheck; TDLFS;
19:30:10.0836 3792 ============================================================
19:30:11.0664 3792 ================ Scan system memory ========================
19:30:11.0664 3792 System memory - ok
19:30:11.0665 3792 ================ Scan services =============================
19:30:11.0777 3792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:30:11.0864 3792 1394ohci - ok
19:30:11.0883 3792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:30:11.0895 3792 ACPI - ok
19:30:11.0911 3792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:30:11.0941 3792 AcpiPmi - ok
19:30:12.0114 3792 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:30:12.0134 3792 AdobeFlashPlayerUpdateSvc - ok
19:30:12.0144 3792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:30:12.0163 3792 adp94xx - ok
19:30:12.0169 3792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:30:12.0180 3792 adpahci - ok
19:30:12.0196 3792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:30:12.0204 3792 adpu320 - ok
19:30:12.0233 3792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:30:12.0260 3792 AeLookupSvc - ok
19:30:12.0287 3792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:30:12.0307 3792 AFD - ok
19:30:12.0341 3792 [ AEC505976EF01BBD8F57CBA912F39259 ] AG760V64 C:\Windows\system32\DRIVERS\WlanUZAG.sys
19:30:12.0371 3792 AG760V64 ( UnsignedFile.Multi.Generic ) - warning
19:30:12.0371 3792 AG760V64 - detected UnsignedFile.Multi.Generic (1)
19:30:12.0386 3792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:30:12.0401 3792 agp440 - ok
19:30:12.0420 3792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:30:12.0447 3792 ALG - ok
19:30:12.0461 3792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:30:12.0476 3792 aliide - ok
19:30:12.0523 3792 ALSysIO - ok
19:30:12.0542 3792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:30:12.0557 3792 amdide - ok
19:30:12.0570 3792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:30:12.0586 3792 AmdK8 - ok
19:30:12.0591 3792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:30:12.0621 3792 AmdPPM - ok
19:30:12.0637 3792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:30:12.0648 3792 amdsata - ok
19:30:12.0663 3792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:30:12.0672 3792 amdsbs - ok
19:30:12.0688 3792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:30:12.0695 3792 amdxata - ok
19:30:12.0711 3792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:30:12.0797 3792 AppID - ok
19:30:12.0813 3792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:30:12.0871 3792 AppIDSvc - ok
19:30:12.0887 3792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:30:12.0924 3792 Appinfo - ok
19:30:12.0934 3792 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:30:12.0969 3792 AppMgmt - ok
19:30:12.0978 3792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:30:12.0988 3792 arc - ok
19:30:13.0004 3792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:30:13.0015 3792 arcsas - ok
19:30:13.0066 3792 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:30:13.0087 3792 AsIO - ok
19:30:13.0160 3792 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:30:13.0184 3792 aspnet_state - ok
19:30:13.0261 3792 [ 798A87B2D7AD73B16B7CD968C5D1F18F ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
19:30:13.0272 3792 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning
19:30:13.0272 3792 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1)
19:30:13.0289 3792 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
19:30:13.0299 3792 AsUpIO - ok
19:30:13.0310 3792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:30:13.0351 3792 AsyncMac - ok
19:30:13.0368 3792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:30:13.0376 3792 atapi - ok
19:30:13.0414 3792 [ 96ABF88241F90FF647E55C934C55C2F1 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:30:13.0450 3792 athr ( UnsignedFile.Multi.Generic ) - warning
19:30:13.0450 3792 athr - detected UnsignedFile.Multi.Generic (1)
19:30:13.0472 3792 [ CA0318D3FA86C173533685C2171C55AB ] athrusb C:\Windows\system32\DRIVERS\athrxusb.sys
19:30:13.0485 3792 athrusb - ok
19:30:13.0503 3792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:30:13.0558 3792 AudioEndpointBuilder - ok
19:30:13.0566 3792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:30:13.0600 3792 AudioSrv - ok
19:30:13.0621 3792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:30:13.0664 3792 AxInstSV - ok
19:30:13.0691 3792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:30:13.0712 3792 b06bdrv - ok
19:30:13.0727 3792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:30:13.0776 3792 b57nd60a - ok
19:30:13.0781 3792 BCMH43XX - ok
19:30:13.0790 3792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:30:13.0819 3792 BDESVC - ok
19:30:13.0834 3792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:30:13.0860 3792 Beep - ok
19:30:13.0924 3792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:30:13.0980 3792 BFE - ok
19:30:14.0013 3792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:30:14.0054 3792 BITS - ok
19:30:14.0068 3792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:30:14.0089 3792 blbdrive - ok
19:30:14.0100 3792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:30:14.0118 3792 bowser - ok
19:30:14.0130 3792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:30:14.0142 3792 BrFiltLo - ok
19:30:14.0156 3792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:30:14.0167 3792 BrFiltUp - ok
19:30:14.0192 3792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:30:14.0212 3792 Browser - ok
19:30:14.0220 3792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:30:14.0271 3792 Brserid - ok
19:30:14.0276 3792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:30:14.0311 3792 BrSerWdm - ok
19:30:14.0316 3792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:30:14.0332 3792 BrUsbMdm - ok
19:30:14.0335 3792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:30:14.0351 3792 BrUsbSer - ok
19:30:14.0369 3792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:30:14.0381 3792 BTHMODEM - ok
19:30:14.0403 3792 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:30:14.0440 3792 BTHPORT - ok
19:30:14.0463 3792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:30:14.0494 3792 bthserv - ok
19:30:14.0520 3792 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:30:14.0550 3792 BTHUSB - ok
19:30:14.0579 3792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:30:14.0686 3792 cdfs - ok
19:30:14.0698 3792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:30:14.0710 3792 cdrom - ok
19:30:14.0714 3792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:30:14.0754 3792 CertPropSvc - ok
19:30:14.0770 3792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:30:14.0780 3792 circlass - ok
19:30:14.0792 3792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:30:14.0803 3792 CLFS - ok
19:30:14.0845 3792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:30:14.0852 3792 clr_optimization_v2.0.50727_32 - ok
19:30:14.0900 3792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:30:14.0915 3792 clr_optimization_v2.0.50727_64 - ok
19:30:14.0949 3792 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:30:14.0959 3792 clr_optimization_v4.0.30319_32 - ok
19:30:14.0981 3792 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:30:14.0992 3792 clr_optimization_v4.0.30319_64 - ok
19:30:14.0995 3792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:30:15.0023 3792 CmBatt - ok
19:30:15.0041 3792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:30:15.0049 3792 cmdide - ok
19:30:15.0079 3792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:30:15.0097 3792 CNG - ok
19:30:15.0107 3792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:30:15.0114 3792 Compbatt - ok
19:30:15.0123 3792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:30:15.0135 3792 CompositeBus - ok
19:30:15.0137 3792 COMSysApp - ok
19:30:15.0151 3792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:30:15.0159 3792 crcdisk - ok
19:30:15.0186 3792 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:30:15.0215 3792 CryptSvc - ok
19:30:15.0230 3792 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:30:15.0260 3792 CSC - ok
19:30:15.0283 3792 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:30:15.0309 3792 CscService - ok
19:30:15.0336 3792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:30:15.0383 3792 DcomLaunch - ok
19:30:15.0415 3792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:30:15.0445 3792 defragsvc - ok
19:30:15.0461 3792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:30:15.0495 3792 DfsC - ok
19:30:15.0515 3792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:30:15.0565 3792 Dhcp - ok
19:30:15.0582 3792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:30:15.0613 3792 discache - ok
19:30:15.0621 3792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:30:15.0629 3792 Disk - ok
19:30:15.0645 3792 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:30:15.0664 3792 dmvsc - ok
19:30:15.0676 3792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:30:15.0717 3792 Dnscache - ok
19:30:15.0744 3792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:30:15.0806 3792 dot3svc - ok
19:30:15.0811 3792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:30:15.0856 3792 DPS - ok
19:30:15.0866 3792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:30:15.0885 3792 drmkaud - ok
19:30:15.0916 3792 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:30:15.0926 3792 dtsoftbus01 - ok
19:30:15.0967 3792 [ E5B95C75557120881076C45CD146D72C ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe
19:30:15.0974 3792 DvmMDES ( UnsignedFile.Multi.Generic ) - warning
19:30:15.0974 3792 DvmMDES - detected UnsignedFile.Multi.Generic (1)
19:30:16.0003 3792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:30:16.0024 3792 DXGKrnl - ok
19:30:16.0027 3792 EagleX64 - ok
19:30:16.0036 3792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:30:16.0064 3792 EapHost - ok
19:30:16.0110 3792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:30:16.0155 3792 ebdrv - ok
19:30:16.0173 3792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:30:16.0196 3792 EFS - ok
19:30:16.0234 3792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:30:16.0284 3792 ehRecvr - ok
19:30:16.0296 3792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:30:16.0308 3792 ehSched - ok
19:30:16.0333 3792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:30:16.0350 3792 elxstor - ok
19:30:16.0362 3792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:30:16.0381 3792 ErrDev - ok
19:30:16.0401 3792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:30:16.0437 3792 EventSystem - ok
19:30:16.0450 3792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:30:16.0479 3792 exfat - ok
19:30:16.0492 3792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:30:16.0521 3792 fastfat - ok
19:30:16.0541 3792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:30:16.0561 3792 Fax - ok
19:30:16.0576 3792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:30:16.0584 3792 fdc - ok
19:30:16.0592 3792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:30:16.0630 3792 fdPHost - ok
19:30:16.0635 3792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:30:16.0672 3792 FDResPub - ok
19:30:16.0691 3792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:30:16.0700 3792 FileInfo - ok
19:30:16.0707 3792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:30:16.0749 3792 Filetrace - ok
19:30:16.0752 3792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:30:16.0761 3792 flpydisk - ok
19:30:16.0777 3792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:30:16.0788 3792 FltMgr - ok
19:30:16.0905 3792 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:30:16.0951 3792 FontCache - ok
19:30:16.0979 3792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:30:16.0987 3792 FontCache3.0.0.0 - ok
19:30:16.0999 3792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:30:17.0009 3792 FsDepends - ok
19:30:17.0029 3792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:30:17.0038 3792 Fs_Rec - ok
19:30:17.0055 3792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:30:17.0070 3792 fvevol - ok
19:30:17.0085 3792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:30:17.0096 3792 gagp30kx - ok
19:30:17.0114 3792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:30:17.0153 3792 gpsvc - ok
19:30:17.0180 3792 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:30:17.0185 3792 hamachi - ok
19:30:17.0259 3792 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:30:17.0304 3792 Hamachi2Svc - ok
19:30:17.0308 3792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:30:17.0322 3792 hcw85cir - ok
19:30:17.0341 3792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:30:17.0364 3792 HdAudAddService - ok
19:30:17.0382 3792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:30:17.0407 3792 HDAudBus - ok
19:30:17.0410 3792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:30:17.0424 3792 HidBatt - ok
19:30:17.0427 3792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:30:17.0440 3792 HidBth - ok
19:30:17.0456 3792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:30:17.0468 3792 HidIr - ok
19:30:17.0484 3792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:30:17.0514 3792 hidserv - ok
19:30:17.0517 3792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:30:17.0525 3792 HidUsb - ok
19:30:17.0538 3792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:30:17.0565 3792 hkmsvc - ok
19:30:17.0577 3792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:30:17.0599 3792 HomeGroupListener - ok
19:30:17.0617 3792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:30:17.0638 3792 HomeGroupProvider - ok
19:30:17.0647 3792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:30:17.0656 3792 HpSAMD - ok
19:30:17.0665 3792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:30:17.0705 3792 HTTP - ok
19:30:17.0720 3792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:30:17.0727 3792 hwpolicy - ok
19:30:17.0738 3792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:30:17.0747 3792 i8042prt - ok
19:30:17.0752 3792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:30:17.0764 3792 iaStorV - ok
19:30:17.0790 3792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:30:17.0805 3792 idsvc - ok
19:30:17.0933 3792 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:30:18.0004 3792 igfx - ok
19:30:18.0023 3792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:30:18.0031 3792 iirsp - ok
19:30:18.0052 3792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:30:18.0101 3792 IKEEXT - ok
19:30:18.0141 3792 [ D42D651676883181400E22957A7E0B1E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:30:18.0169 3792 IntcAzAudAddService - ok
19:30:18.0183 3792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:30:18.0190 3792 intelide - ok
19:30:18.0206 3792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:30:18.0223 3792 intelppm - ok
19:30:18.0242 3792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:30:18.0281 3792 IPBusEnum - ok
19:30:18.0294 3792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:30:18.0322 3792 IpFilterDriver - ok
19:30:18.0336 3792 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:30:18.0367 3792 iphlpsvc - ok
19:30:18.0370 3792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:30:18.0379 3792 IPMIDRV - ok
19:30:18.0402 3792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:30:18.0437 3792 IPNAT - ok
19:30:18.0448 3792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:30:18.0474 3792 IRENUM - ok
19:30:18.0477 3792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:30:18.0485 3792 isapnp - ok
19:30:18.0499 3792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:30:18.0509 3792 iScsiPrt - ok
19:30:18.0523 3792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:30:18.0531 3792 kbdclass - ok
19:30:18.0534 3792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:30:18.0554 3792 kbdhid - ok
19:30:18.0563 3792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:30:18.0571 3792 KeyIso - ok
19:30:18.0592 3792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:30:18.0600 3792 KSecDD - ok
19:30:18.0618 3792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:30:18.0627 3792 KSecPkg - ok
19:30:18.0630 3792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:30:18.0664 3792 ksthunk - ok
19:30:18.0687 3792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:30:18.0719 3792 KtmRm - ok
19:30:18.0741 3792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:30:18.0776 3792 LanmanServer - ok
19:30:18.0789 3792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:30:18.0818 3792 LanmanWorkstation - ok
19:30:18.0829 3792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:30:18.0873 3792 lltdio - ok
19:30:18.0889 3792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:30:18.0930 3792 lltdsvc - ok
19:30:18.0940 3792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:30:18.0981 3792 lmhosts - ok
19:30:19.0000 3792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:30:19.0008 3792 LSI_FC - ok
19:30:19.0020 3792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:30:19.0030 3792 LSI_SAS - ok
19:30:19.0036 3792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:30:19.0044 3792 LSI_SAS2 - ok
19:30:19.0062 3792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:30:19.0070 3792 LSI_SCSI - ok
19:30:19.0086 3792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:30:19.0123 3792 luafv - ok
19:30:19.0131 3792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:30:19.0145 3792 Mcx2Svc - ok
19:30:19.0148 3792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:30:19.0155 3792 megasas - ok
19:30:19.0191 3792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:30:19.0202 3792 MegaSR - ok
19:30:19.0209 3792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:30:19.0239 3792 MMCSS - ok
19:30:19.0244 3792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:30:19.0271 3792 Modem - ok
19:30:19.0280 3792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:30:19.0296 3792 monitor - ok
19:30:19.0303 3792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:30:19.0311 3792 mouclass - ok
19:30:19.0326 3792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:30:19.0334 3792 mouhid - ok
19:30:19.0345 3792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:30:19.0354 3792 mountmgr - ok
19:30:19.0395 3792 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:30:19.0415 3792 MozillaMaintenance - ok
19:30:19.0447 3792 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:30:19.0468 3792 MpFilter - ok
19:30:19.0480 3792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:30:19.0491 3792 mpio - ok
19:30:19.0497 3792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:30:19.0526 3792 mpsdrv - ok
19:30:19.0548 3792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:30:19.0581 3792 MpsSvc - ok
19:30:19.0597 3792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:30:19.0610 3792 MRxDAV - ok
19:30:19.0614 3792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:30:19.0632 3792 mrxsmb - ok
19:30:19.0652 3792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:30:19.0662 3792 mrxsmb10 - ok
19:30:19.0753 3792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:30:19.0773 3792 mrxsmb20 - ok
19:30:19.0781 3792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:30:19.0791 3792 msahci - ok
19:30:19.0809 3792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:30:19.0819 3792 msdsm - ok
19:30:19.0837 3792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:30:19.0849 3792 MSDTC - ok
19:30:19.0855 3792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:30:19.0885 3792 Msfs - ok
19:30:19.0913 3792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:30:19.0950 3792 mshidkmdf - ok
19:30:19.0967 3792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:30:19.0975 3792 msisadrv - ok
19:30:19.0985 3792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:30:20.0021 3792 MSiSCSI - ok
19:30:20.0024 3792 msiserver - ok
19:30:20.0034 3792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:30:20.0062 3792 MSKSSRV - ok
19:30:20.0095 3792 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:30:20.0104 3792 MsMpSvc - ok
19:30:20.0108 3792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:30:20.0148 3792 MSPCLOCK - ok
19:30:20.0162 3792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:30:20.0189 3792 MSPQM - ok
19:30:20.0200 3792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:30:20.0212 3792 MsRPC - ok
19:30:20.0228 3792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:30:20.0235 3792 mssmbios - ok
19:30:20.0237 3792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:30:20.0264 3792 MSTEE - ok
19:30:20.0267 3792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:30:20.0275 3792 MTConfig - ok
19:30:20.0302 3792 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:30:20.0307 3792 MTsensor - ok
19:30:20.0313 3792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:30:20.0321 3792 Mup - ok
19:30:20.0337 3792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:30:20.0374 3792 napagent - ok
19:30:20.0391 3792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:30:20.0413 3792 NativeWifiP - ok
19:30:20.0440 3792 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:30:20.0458 3792 NDIS - ok
19:30:20.0470 3792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:30:20.0497 3792 NdisCap - ok
19:30:20.0500 3792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:30:20.0527 3792 NdisTapi - ok
19:30:20.0533 3792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:30:20.0559 3792 Ndisuio - ok
19:30:20.0576 3792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:30:20.0611 3792 NdisWan - ok
19:30:20.0624 3792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:30:20.0651 3792 NDProxy - ok
19:30:20.0661 3792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:30:20.0698 3792 NetBIOS - ok
19:30:20.0713 3792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:30:20.0739 3792 NetBT - ok
19:30:20.0752 3792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:30:20.0760 3792 Netlogon - ok
19:30:20.0775 3792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:30:20.0825 3792 Netman - ok
19:30:20.0859 3792 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:30:20.0883 3792 NetMsmqActivator - ok
19:30:20.0893 3792 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:30:20.0908 3792 NetPipeActivator - ok
19:30:20.0933 3792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:30:20.0986 3792 netprofm - ok
19:30:20.0988 3792 netr28ux - ok
19:30:20.0992 3792 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:30:21.0002 3792 NetTcpActivator - ok
19:30:21.0005 3792 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:30:21.0015 3792 NetTcpPortSharing - ok
19:30:21.0025 3792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:30:21.0032 3792 nfrd960 - ok
19:30:21.0065 3792 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:30:21.0075 3792 NisDrv - ok
19:30:21.0086 3792 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:30:21.0100 3792 NisSrv - ok
19:30:21.0117 3792 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:30:21.0159 3792 NlaSvc - ok
19:30:21.0228 3792 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\DRIVERS\npf.sys
19:30:21.0243 3792 NPF - ok
19:30:21.0251 3792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:30:21.0299 3792 Npfs - ok
19:30:21.0309 3792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:30:21.0337 3792 nsi - ok
19:30:21.0350 3792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:30:21.0377 3792 nsiproxy - ok
19:30:21.0410 3792 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:30:21.0436 3792 Ntfs - ok
19:30:21.0441 3792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:30:21.0475 3792 Null - ok
19:30:21.0489 3792 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:30:21.0497 3792 NVHDA - ok
19:30:21.0681 3792 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:30:21.0816 3792 nvlddmkm - ok
19:30:21.0838 3792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:30:21.0846 3792 nvraid - ok
19:30:21.0856 3792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:30:21.0866 3792 nvstor - ok
19:30:21.0875 3792 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
19:30:21.0891 3792 nvsvc - ok
19:30:21.0956 3792 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:30:22.0007 3792 nvUpdatusService - ok
19:30:22.0014 3792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:30:22.0023 3792 nv_agp - ok
19:30:22.0037 3792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:30:22.0050 3792 ohci1394 - ok
19:30:22.0065 3792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:30:22.0104 3792 p2pimsvc - ok
19:30:22.0125 3792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:30:22.0139 3792 p2psvc - ok
19:30:22.0159 3792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:30:22.0182 3792 Parport - ok
19:30:22.0199 3792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:30:22.0208 3792 partmgr - ok
19:30:22.0226 3792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:30:22.0243 3792 PcaSvc - ok
19:30:22.0259 3792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:30:22.0270 3792 pci - ok
19:30:22.0272 3792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:30:22.0279 3792 pciide - ok
19:30:22.0291 3792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:30:22.0300 3792 pcmcia - ok
19:30:22.0307 3792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:30:22.0314 3792 pcw - ok
19:30:22.0322 3792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:30:22.0353 3792 PEAUTH - ok
19:30:22.0382 3792 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:30:22.0435 3792 PeerDistSvc - ok
19:30:22.0499 3792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:30:22.0518 3792 PerfHost - ok
19:30:22.0561 3792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:30:22.0613 3792 pla - ok
19:30:22.0643 3792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:30:22.0665 3792 PlugPlay - ok
19:30:22.0668 3792 PnkBstrA - ok
19:30:22.0670 3792 PnkBstrB - ok
19:30:22.0689 3792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:30:22.0711 3792 PNRPAutoReg - ok
19:30:22.0716 3792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:30:22.0729 3792 PNRPsvc - ok
19:30:22.0749 3792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:30:22.0793 3792 PolicyAgent - ok
19:30:22.0807 3792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:30:22.0837 3792 Power - ok
19:30:22.0852 3792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:30:22.0885 3792 PptpMiniport - ok
19:30:22.0895 3792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:30:22.0908 3792 Processor - ok
19:30:22.0927 3792 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:30:22.0964 3792 ProfSvc - ok
19:30:22.0966 3792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:30:22.0975 3792 ProtectedStorage - ok
19:30:22.0986 3792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:30:23.0018 3792 Psched - ok
19:30:23.0044 3792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:30:23.0067 3792 ql2300 - ok
19:30:23.0079 3792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:30:23.0088 3792 ql40xx - ok
19:30:23.0107 3792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:30:23.0120 3792 QWAVE - ok
19:30:23.0137 3792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:30:23.0149 3792 QWAVEdrv - ok
19:30:23.0165 3792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:30:23.0190 3792 RasAcd - ok
19:30:23.0206 3792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:30:23.0237 3792 RasAgileVpn - ok
19:30:23.0247 3792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:30:23.0276 3792 RasAuto - ok
19:30:23.0288 3792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:30:23.0320 3792 Rasl2tp - ok
19:30:23.0349 3792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:30:23.0381 3792 RasMan - ok
19:30:23.0400 3792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:30:23.0428 3792 RasPppoe - ok
19:30:23.0440 3792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:30:23.0468 3792 RasSstp - ok
19:30:23.0478 3792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:30:23.0518 3792 rdbss - ok
19:30:23.0528 3792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:30:23.0539 3792 rdpbus - ok
19:30:23.0547 3792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:30:23.0574 3792 RDPCDD - ok
19:30:23.0589 3792 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:30:23.0611 3792 RDPDR - ok
19:30:23.0622 3792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:30:23.0656 3792 RDPENCDD - ok
19:30:23.0673 3792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:30:23.0699 3792 RDPREFMP - ok
19:30:23.0722 3792 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:30:23.0744 3792 RdpVideoMiniport - ok
19:30:23.0773 3792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:30:23.0810 3792 RDPWD - ok
19:30:23.0822 3792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:30:23.0837 3792 rdyboost - ok
19:30:23.0855 3792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:30:23.0884 3792 RemoteAccess - ok
19:30:23.0904 3792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:30:23.0943 3792 RemoteRegistry - ok
19:30:23.0961 3792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:30:24.0000 3792 RpcEptMapper - ok
19:30:24.0008 3792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:30:24.0024 3792 RpcLocator - ok
19:30:24.0047 3792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:30:24.0081 3792 RpcSs - ok
19:30:24.0090 3792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:30:24.0119 3792 rspndr - ok
19:30:24.0143 3792 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:30:24.0152 3792 RTL8167 - ok
19:30:24.0158 3792 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:30:24.0166 3792 s3cap - ok
19:30:24.0174 3792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:30:24.0182 3792 SamSs - ok
19:30:24.0193 3792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:30:24.0202 3792 sbp2port - ok
19:30:24.0220 3792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:30:24.0254 3792 SCardSvr - ok
19:30:24.0273 3792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:30:24.0309 3792 scfilter - ok
19:30:24.0337 3792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:30:24.0375 3792 Schedule - ok
19:30:24.0402 3792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:30:24.0431 3792 SCPolicySvc - ok
19:30:24.0444 3792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:30:24.0462 3792 SDRSVC - ok
19:30:24.0477 3792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:30:24.0505 3792 secdrv - ok
19:30:24.0512 3792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:30:24.0541 3792 seclogon - ok
19:30:24.0552 3792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:30:24.0593 3792 SENS - ok
19:30:24.0606 3792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:30:24.0630 3792 SensrSvc - ok
19:30:24.0647 3792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:30:24.0657 3792 Serenum - ok
19:30:24.0671 3792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:30:24.0683 3792 Serial - ok
19:30:24.0699 3792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:30:24.0724 3792 sermouse - ok
19:30:24.0747 3792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:30:24.0793 3792 SessionEnv - ok
19:30:24.0834 3792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:30:24.0859 3792 sffdisk - ok
19:30:24.0886 3792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:30:24.0944 3792 sffp_mmc - ok
19:30:24.0976 3792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:30:24.0992 3792 sffp_sd - ok
19:30:24.0995 3792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:30:25.0006 3792 sfloppy - ok
19:30:25.0028 3792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:30:25.0071 3792 SharedAccess - ok
19:30:25.0085 3792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:30:25.0114 3792 ShellHWDetection - ok
19:30:25.0126 3792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:30:25.0134 3792 SiSRaid2 - ok
19:30:25.0150 3792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:30:25.0158 3792 SiSRaid4 - ok
19:30:25.0190 3792 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:30:25.0197 3792 SkypeUpdate - ok
19:30:25.0205 3792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:30:25.0233 3792 Smb - ok
19:30:25.0247 3792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:30:25.0264 3792 SNMPTRAP - ok
19:30:25.0281 3792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:30:25.0288 3792 spldr - ok
19:30:25.0307 3792 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:30:25.0338 3792 Spooler - ok
19:30:25.0392 3792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:30:25.0446 3792 sppsvc - ok
19:30:25.0461 3792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:30:25.0488 3792 sppuinotify - ok
19:30:25.0512 3792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:30:25.0522 3792 srv - ok
19:30:25.0528 3792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:30:25.0539 3792 srv2 - ok
19:30:25.0548 3792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:30:25.0556 3792 srvnet - ok
19:30:25.0567 3792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:30:25.0594 3792 SSDPSRV - ok
19:30:25.0603 3792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:30:25.0630 3792 SstpSvc - ok
19:30:25.0645 3792 Steam Client Service - ok
19:30:25.0669 3792 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:30:25.0679 3792 Stereo Service - ok
19:30:25.0695 3792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:30:25.0703 3792 stexstor - ok
19:30:25.0725 3792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:30:25.0748 3792 stisvc - ok
19:30:25.0766 3792 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:30:25.0774 3792 storflt - ok
19:30:25.0783 3792 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:30:25.0790 3792 storvsc - ok
19:30:25.0797 3792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:30:25.0805 3792 swenum - ok
19:30:25.0828 3792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:30:25.0865 3792 swprv - ok
19:30:25.0882 3792 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
19:30:25.0891 3792 Synth3dVsc - ok
19:30:25.0929 3792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:30:25.0964 3792 SysMain - ok
19:30:25.0976 3792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:30:25.0989 3792 TabletInputService - ok
19:30:26.0008 3792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:30:26.0051 3792 TapiSrv - ok
19:30:26.0059 3792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:30:26.0086 3792 TBS - ok
19:30:26.0141 3792 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:30:26.0173 3792 Tcpip - ok
19:30:26.0208 3792 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:30:26.0237 3792 TCPIP6 - ok
19:30:26.0258 3792 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:30:26.0295 3792 tcpipreg - ok
19:30:26.0307 3792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:30:26.0333 3792 TDPIPE - ok
19:30:26.0348 3792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:30:26.0358 3792 TDTCP - ok
19:30:26.0374 3792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:30:26.0406 3792 tdx - ok
19:30:26.0416 3792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:30:26.0424 3792 TermDD - ok
19:30:26.0433 3792 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:30:26.0451 3792 terminpt - ok
19:30:26.0471 3792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:30:26.0523 3792 TermService - ok
19:30:26.0535 3792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:30:26.0549 3792 Themes - ok
19:30:26.0564 3792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:30:26.0594 3792 THREADORDER - ok
19:30:26.0604 3792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:30:26.0644 3792 TrkWks - ok
19:30:26.0676 3792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:30:26.0706 3792 TrustedInstaller - ok
19:30:26.0710 3792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:30:26.0737 3792 tssecsrv - ok
19:30:26.0750 3792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:30:26.0760 3792 TsUsbFlt - ok
19:30:26.0771 3792 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:30:26.0794 3792 TsUsbGD - ok
19:30:26.0813 3792 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:30:26.0823 3792 tsusbhub - ok
19:30:26.0837 3792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:30:26.0879 3792 tunnel - ok
19:30:26.0882 3792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:30:26.0892 3792 uagp35 - ok
19:30:26.0906 3792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:30:26.0948 3792 udfs - ok
19:30:26.0965 3792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:30:26.0985 3792 UI0Detect - ok
19:30:27.0003 3792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:30:27.0010 3792 uliagpkx - ok
19:30:27.0025 3792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:30:27.0050 3792 umbus - ok
19:30:27.0060 3792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:30:27.0084 3792 UmPass - ok
19:30:27.0103 3792 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:30:27.0115 3792 UmRdpService - ok
19:30:27.0138 3792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:30:27.0169 3792 upnphost - ok
19:30:27.0183 3792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:30:27.0211 3792 usbccgp - ok
19:30:27.0215 3792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:30:27.0226 3792 usbcir - ok
19:30:27.0241 3792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:30:27.0261 3792 usbehci - ok
19:30:27.0278 3792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:30:27.0288 3792 usbhub - ok
19:30:27.0303 3792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:30:27.0320 3792 usbohci - ok
19:30:27.0323 3792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:30:27.0340 3792 usbprint - ok
19:30:27.0350 3792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:30:27.0377 3792 USBSTOR - ok
19:30:27.0381 3792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:30:27.0390 3792 usbuhci - ok
19:30:27.0405 3792 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:30:27.0419 3792 usbvideo - ok
19:30:27.0433 3792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:30:27.0466 3792 UxSms - ok
19:30:27.0504 3792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:30:27.0512 3792 VaultSvc - ok
19:30:27.0529 3792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:30:27.0538 3792 vdrvroot - ok
19:30:27.0556 3792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:30:27.0588 3792 vds - ok
19:30:27.0591 3792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:30:27.0601 3792 vga - ok
19:30:27.0614 3792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:30:27.0645 3792 VgaSave - ok
19:30:27.0647 3792 VGPU - ok
19:30:27.0667 3792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:30:27.0677 3792 vhdmp - ok
19:30:27.0684 3792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:30:27.0692 3792 viaide - ok
19:30:27.0707 3792 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:30:27.0717 3792 vmbus - ok
19:30:27.0720 3792 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:30:27.0729 3792 VMBusHID - ok
19:30:27.0745 3792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:30:27.0754 3792 volmgr - ok
19:30:27.0766 3792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:30:27.0779 3792 volmgrx - ok
19:30:27.0805 3792 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:30:27.0817 3792 volsnap - ok
19:30:27.0830 3792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:30:27.0842 3792 vsmraid - ok
19:30:27.0875 3792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:30:27.0935 3792 VSS - ok
19:30:27.0938 3792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:30:27.0957 3792 vwifibus - ok
19:30:27.0976 3792 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:30:27.0990 3792 vwififlt - ok
19:30:28.0012 3792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:30:28.0044 3792 W32Time - ok
19:30:28.0048 3792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:30:28.0056 3792 WacomPen - ok
19:30:28.0069 3792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:30:28.0095 3792 WANARP - ok
19:30:28.0097 3792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:30:28.0123 3792 Wanarpv6 - ok
19:30:28.0159 3792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:30:28.0185 3792 wbengine - ok
19:30:28.0202 3792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:30:28.0216 3792 WbioSrvc - ok
19:30:28.0228 3792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:30:28.0255 3792 wcncsvc - ok
19:30:28.0263 3792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:30:28.0294 3792 WcsPlugInService - ok
19:30:28.0309 3792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:30:28.0318 3792 Wd - ok
19:30:28.0339 3792 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:30:28.0354 3792 Wdf01000 - ok
19:30:28.0362 3792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:30:28.0444 3792 WdiServiceHost - ok
19:30:28.0446 3792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:30:28.0463 3792 WdiSystemHost - ok
19:30:28.0477 3792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:30:28.0511 3792 WebClient - ok
19:30:28.0533 3792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:30:28.0580 3792 Wecsvc - ok
19:30:28.0588 3792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:30:28.0618 3792 wercplsupport - ok
19:30:28.0634 3792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:30:28.0663 3792 WerSvc - ok
19:30:28.0673 3792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:30:28.0699 3792 WfpLwf - ok
19:30:28.0702 3792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:30:28.0710 3792 WIMMount - ok
19:30:28.0716 3792 WinDefend - ok
19:30:28.0720 3792 WinHttpAutoProxySvc - ok
19:30:28.0768 3792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:30:28.0822 3792 Winmgmt - ok
19:30:28.0867 3792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:30:28.0910 3792 WinRM - ok
19:30:28.0945 3792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:30:28.0956 3792 WinUsb - ok
19:30:28.0985 3792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:30:29.0013 3792 Wlansvc - ok
19:30:29.0078 3792 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:30:29.0111 3792 wlidsvc - ok
19:30:29.0118 3792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:30:29.0127 3792 WmiAcpi - ok
19:30:29.0144 3792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:30:29.0165 3792 wmiApSrv - ok
19:30:29.0177 3792 WMPNetworkSvc - ok
19:30:29.0188 3792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:30:29.0213 3792 WPCSvc - ok
19:30:29.0227 3792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:30:29.0240 3792 WPDBusEnum - ok
19:30:29.0243 3792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:30:29.0274 3792 ws2ifsl - ok
19:30:29.0281 3792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:30:29.0304 3792 wscsvc - ok
19:30:29.0306 3792 WSearch - ok
19:30:29.0497 3792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:30:29.0558 3792 wuauserv - ok
19:30:29.0646 3792 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:30:29.0699 3792 WudfPf - ok
19:30:29.0739 3792 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:30:29.0790 3792 WUDFRd - ok
19:30:29.0806 3792 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:30:29.0832 3792 wudfsvc - ok
19:30:29.0845 3792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:30:29.0865 3792 WwanSvc - ok
19:30:29.0875 3792 ================ Scan global ===============================
19:30:29.0895 3792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:30:29.0931 3792 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:30:29.0941 3792 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:30:29.0963 3792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:30:30.0015 3792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:30:30.0020 3792 [Global] - ok
19:30:30.0021 3792 ================ Scan MBR ==================================
19:30:30.0057 3792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:30:30.0567 3792 \Device\Harddisk0\DR0 - ok
19:30:30.0568 3792 ================ Scan VBR ==================================
19:30:30.0570 3792 [ 7CDBAD815DE035B35384D734F16BF333 ] \Device\Harddisk0\DR0\Partition1
19:30:30.0571 3792 \Device\Harddisk0\DR0\Partition1 - ok
19:30:33.0254 3792 [ 3D526E67FD5BDC1720679A70DB3310FC ] \Device\Harddisk0\DR0\Partition3
19:30:33.0256 3792 \Device\Harddisk0\DR0\Partition3 - ok
19:30:33.0257 3792 ============================================================
19:30:33.0257 3792 Scan finished
19:30:33.0257 3792 ============================================================
19:30:33.0272 2632 Detected object count: 4
19:30:33.0272 2632 Actual detected object count: 4
19:30:48.0108 2632 AG760V64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:48.0108 2632 AG760V64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:48.0109 2632 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:48.0109 2632 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:48.0110 2632 athr ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:48.0110 2632 athr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:48.0111 2632 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:48.0111 2632 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:31:29.0399 2088 Deinitialize success

Alt 19.02.2013, 19:38   #9
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 20:02   #10
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-18.02 - Andy 19.02.2013  19:46:05.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16382.14609 [GMT 1:00]
ausgeführt von:: c:\users\Andy\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\BitAccelerator
c:\program files (x86)\BitAccelerator\BitAccelerator.dll
c:\users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-19 bis 2013-02-19  ))))))))))))))))))))))))))))))
.
.
2013-02-19 18:05 . 2013-02-19 18:05	--------	d-----w-	C:\_OTL
2013-02-19 13:46 . 2013-02-19 13:46	76232	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F2CF87C-823B-412D-B10D-C34A1A2F3744}\offreg.dll
2013-02-19 12:09 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F2CF87C-823B-412D-B10D-C34A1A2F3744}\mpengine.dll
2013-02-18 22:41 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 22:41 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 20:36 . 2013-02-18 20:36	--------	d-----w-	C:\Games
2013-02-18 16:37 . 2013-02-18 16:37	--------	d-----w-	c:\programdata\Bohemia Interactive Studio
2013-02-18 14:21 . 2013-02-18 15:36	--------	d-----w-	c:\users\Andy\AppData\Local\ArmA 2 OA
2013-02-18 11:59 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-16 11:53 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-16 11:53 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-16 11:53 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-16 11:52 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-16 11:52 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-16 11:52 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-16 11:52 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-16 11:52 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-16 11:52 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-16 11:52 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-16 11:52 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-16 11:52 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-18 11:52 . 2012-07-09 16:16	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-18 11:52 . 2012-07-09 16:16	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-16 13:01 . 2011-09-13 18:36	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-02 18:39 . 2012-10-02 15:52	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-01-30 10:53 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-19 18:17 . 2013-01-19 18:17	108144	----a-w-	c:\windows\SysWow64\CmdLineExt.dll
2013-01-19 15:50 . 2012-10-01 21:28	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-01-06 19:02 . 2013-01-06 19:03	859072	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-01-06 19:02 . 2013-01-06 19:03	779704	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-01-04 04:43 . 2013-02-16 11:52	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 19:06	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 19:06	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 19:06	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 19:06	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-03 15:47 . 2012-12-22 13:32	9271352	----a-w-	c:\windows\system32\nvcuda.dll
2012-12-03 15:47 . 2012-12-22 13:32	841272	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2012-12-03 15:47 . 2012-12-22 13:32	7819016	----a-w-	c:\windows\SysWow64\nvcuda.dll
2012-12-03 15:47 . 2012-12-22 13:32	7446192	----a-w-	c:\windows\system32\nvopencl.dll
2012-12-03 15:47 . 2012-12-22 13:32	6149904	----a-w-	c:\windows\SysWow64\nvopencl.dll
2012-12-03 15:47 . 2012-12-22 13:32	26811240	----a-w-	c:\windows\system32\nvoglv64.dll
2012-12-03 15:47 . 2012-12-22 13:32	2606440	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2012-12-03 15:47 . 2012-12-22 13:32	25256296	----a-w-	c:\windows\system32\nvcompiler.dll
2012-12-03 15:47 . 2012-12-22 13:32	2226024	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-12-03 15:47 . 2012-12-22 13:32	20335976	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2012-12-03 15:47 . 2012-12-22 13:32	1874280	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2012-12-03 15:47 . 2012-12-22 13:32	18045968	----a-w-	c:\windows\system32\nvd3dumx.dll
2012-12-03 15:47 . 2012-12-22 13:32	17559912	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2012-12-03 15:47 . 2012-12-22 13:32	15122280	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-12-03 15:47 . 2012-12-22 13:32	15016256	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-12-03 15:47 . 2012-12-22 13:32	11532648	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-12-03 15:47 . 2012-12-22 13:32	2784104	----a-w-	c:\windows\system32\nvcuvid.dll
2012-12-03 15:47 . 2012-12-22 13:32	245432	----a-w-	c:\windows\system32\nvinitx.dll
2012-12-03 15:47 . 2012-12-22 13:32	201136	----a-w-	c:\windows\SysWow64\nvinit.dll
2012-12-03 15:47 . 2012-10-10 20:23	1504104	----a-w-	c:\windows\system32\nvdispgenco64.dll
2012-12-03 15:47 . 2012-10-10 20:23	2816824	----a-w-	c:\windows\system32\nvapi64.dll
2012-12-03 15:47 . 2012-10-10 20:23	983936	----a-w-	c:\windows\system32\nvumdshimx.dll
2012-12-03 15:47 . 2012-10-10 20:23	12603960	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-12-03 15:47 . 2012-10-10 20:22	2496976	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-12-03 15:47 . 2012-07-09 16:17	1805672	----a-w-	c:\windows\system32\nvdispco64.dll
2012-12-01 05:49 . 2012-07-09 16:18	3663213	----a-w-	c:\windows\system32\nvcoproc.bin
2012-12-01 05:49 . 2012-07-09 16:18	2557800	----a-w-	c:\windows\system32\nvsvcr.dll
2012-12-01 05:49 . 2012-07-09 16:18	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-12-01 05:49 . 2012-07-09 16:18	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-12-01 05:49 . 2012-07-09 16:18	890216	----a-w-	c:\windows\system32\nvvsvc.exe
2012-12-01 05:48 . 2012-07-09 16:18	6223208	----a-w-	c:\windows\system32\nvcpl.dll
2012-12-01 05:48 . 2012-07-09 16:18	3311464	----a-w-	c:\windows\system32\nvsvc64.dll
2012-12-01 01:35 . 2012-11-27 18:31	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-11-30 21:43 . 2012-11-30 21:43	438632	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-11-28 17:49 . 2012-11-28 17:49	972264	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E579A500-990C-4499-859A-503D4BB82F56}\gapaengine.dll
2012-11-23 03:13 . 2013-01-09 16:31	68608	----a-w-	c:\windows\system32\taskhost.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smart PC Cleaner"="c:\program files (x86)\Smart PC Cleaner\SPCLauncher.exe" [2012-01-28 80016]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-11-08 438272]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-02-15 1597864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2009-11-06 8619008]
"Arctosa"="c:\program files (x86)\Razer\Arctosa\razerhid.exe" [2008-10-06 147456]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AG760V64;NB 802.11a/b/g 760 1211B vista Driver;c:\windows\system32\DRIVERS\WlanUZAG.sys [2012-07-09 1041920]
R3 ALSysIO;ALSysIO;c:\users\Andy\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-10 283200]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [2006-12-22 559104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-09 11:52]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000Core.job
- c:\users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-12 20:34]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2711053297-3438581198-3341579686-1000UA.job
- c:\users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-12 20:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-22 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-05-22 1833504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\xyjnrm76.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - uTorrentBar_DE Customized Web Search
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-10 19:59; {5ddeb737-082c-48fb-8c06-aa4b38d61e5f}; c:\program files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
BHO-{CAC42510-9B41-42c1-9DCD-7282A2D07C61} - c:\program files (x86)\BitAccelerator\BitAccelerator.dll
AddRemove-BattlEye for A2 - c:\program files\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2711053297-3438581198-3341579686-1000\Software\SecuROM\License information*]
"datasecu"=hex:a1,e2,02,9e,d4,bd,8f,70,47,af,cf,63,fc,3a,a2,5e,1c,c5,dd,11,56,
   ad,e3,ac,d2,bf,b4,13,51,4f,4b,2a,f1,1d,f9,b9,59,1d,cc,43,86,14,b9,40,0a,6d,\
"rkeysecu"=hex:4b,27,50,8a,e9,13,73,ae,1f,d3,4f,05,96,3a,fc,9a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-19  19:55:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-02-19 18:55
.
Vor Suchlauf: 11 Verzeichnis(se), 409.872.916.480 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 409.552.769.024 Bytes frei
.
- - End Of File - - 4734CDD8B1BD1E69A130FB8A1CEC1E69
         
--- --- ---

Alt 19.02.2013, 20:04   #11
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Hi
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 20:40   #12
Andycover90
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.02.19.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Andy :: ANDY-PC [Administrator]

19.02.2013 20:08:34
mbam-log-2013-02-19 (20-08-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 342967
Laufzeit: 22 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Andy\Desktop\Need for Speed\Need For Speed - Most Wanted\Crack\Alcohol 120% v1.9.5.3105 Retail\patch_3105.exe (RiskWare.Tool.HCK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Andy\Downloads\Mount_And_Blade_Warband_1.153_Multiplayer_Crack_Working_Scippio.exe (Adware.DirectDownload) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 19.02.2013, 20:45   #13
markusg
/// Malware-holic
 
PC stürzt bei downloads ab - Standard

PC stürzt bei downloads ab



C:\Users\Andy\Desktop\Need for Speed\Need For Speed - Most Wanted\Crack\Alcohol 120% v1.9.5.3105 Retail\patch_3105.exe (RiskWare.Tool.HCK) -> Erfolgreich
gelöscht und in Quarantäne gestellt.
C:\Users\Andy\Downloads\Mount_And_Blade_Warband_1.153_Multiplayer_Crack_Working_Scippio.exe (Adware.DirectDownload) -> Erfolgreich gelöscht und in Quarantäne
http://www.trojaner-board.de/95394-c...-software.html
deswegen gibts hier nur Hilfe beim neu aufsetzen und pc absichern:
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu PC stürzt bei downloads ab
adobe, adobe flash player, asus, bho, computer, downloader, explorer, flash player, google, helper, hijack, hijackthis, internet, internet explorer, lsass.exe, micro, microsoft, mozilla, nvidia, nvidia update, object, problem, software, windows, windows media player, wmp



Ähnliche Themen: PC stürzt bei downloads ab


  1. Win7 Laptop stürzt häufig bei Downloads ab
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (11)
  2. Mein Computer stürzt bei Downloads ab (standbild)
    Plagegeister aller Art und deren Bekämpfung - 21.02.2013 (1)
  3. Downloads wie Flash, Java oder Firefox Updates laden sehr langsam. Unbekannte Downloads laden jedoch schnell.
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (7)
  4. Auf www.Downloads.de reingefallen
    Plagegeister aller Art und deren Bekämpfung - 29.01.2012 (3)
  5. Pc stürzt bei Downloads ab + SMART zeigt Fehler an
    Plagegeister aller Art und deren Bekämpfung - 28.11.2010 (4)
  6. 2 KB/s downloads
    Alles rund um Windows - 28.11.2010 (9)
  7. unmotivierte pdf-Downloads
    Log-Analyse und Auswertung - 28.01.2010 (10)
  8. PC stürzt bei Downloads ab
    Log-Analyse und Auswertung - 27.11.2009 (1)
  9. Pc läuft, stürzt ab, fährt hoch und stürzt sofort beim Reboot wieder ab
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (14)
  10. Pc stürzt bei Downloads ab!
    Log-Analyse und Auswertung - 27.09.2007 (4)
  11. IE6 und downloads blockiert
    Log-Analyse und Auswertung - 25.04.2007 (1)
  12. downloads.aaa1screensavers.com
    Plagegeister aller Art und deren Bekämpfung - 18.05.2006 (1)
  13. www.downloads.de/forum
    Alles rund um Windows - 12.01.2006 (1)
  14. Downloads!!!
    Plagegeister aller Art und deren Bekämpfung - 30.07.2005 (2)
  15. zu hohe up-und downloads
    Antiviren-, Firewall- und andere Schutzprogramme - 06.03.2005 (8)
  16. Downloads
    Netzwerk und Hardware - 10.02.2003 (7)

Zum Thema PC stürzt bei downloads ab - Guten Tag ich hab seit längerem ein Problem und zwar stürzt mein Pc (wie im Titel bereits erwähnt) beim downloaden ab..... weiß echt nicht was ich tuen soll hab mal - PC stürzt bei downloads ab...
Archiv
Du betrachtest: PC stürzt bei downloads ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.