Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   scann virus wie entfernen, kann nicht auf hd zugreiffen (https://www.trojaner-board.de/110009-scann-virus-entfernen-hd-zugreiffen.html)

nuck 15.02.2012 21:29
scann virus wie entfernen, kann nicht auf hd zugreiffen
 
Guten Abend
Heute hat sich ein Fenster geöffnet was mir gesagt hat ich habe ein defekt auf meiner festplatte und ich soll sie scannen lassen.Leider hab ich kein screenshot davon gemacht.
Ich habe malwarebytes und spybot sowie antivir drüber laufen lassen und malwarebytes hatte 4 sachengefunden die ich gelöscht habe.
mein start war leer und bei meinem 2 laufwerk steht zwar das die hd halb voll ist jedoch wenn ich sie am arbeitsplatz anklicke sind nur 2 sachen drin, eine datei von vlc und ein icon mit einer cd einem laufwerk und ein backup pfeil drauf. wenn ich diese datei anklicke steht:
eigene dateien aus dieser sicherung wiederherstellen,
dateien für alle benutzer dieses computers wiederherstellen
und speicherplatz verwalten der von dieser sicherung belegt wird


Danach habe ich einen wiederherstellungspunkt ausgewählt der 2 tage alt war und der normale desktop und der start ist wieder da, jedoch kann ich immernoch nicht auf die 2te festplatte zugreiffen.

gibt es eine möglichkeiten den virus zu löschen damit ich auf diese festplatte zugreiffen kann und zu einem späteren zeitpunkt mal den pc neu aufsetzen?

währe für eine hilfe sehr dankbar.

anbei noch die txt datei von dem dds

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 03.10.2011 19:17:55
System Uptime: 15.02.2012 20:27:32 (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z68AP-D3
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | Socket 1155 | 1584/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 205.949 GiB free.
D: is CDROM (UDF)
E: is FIXED (NTFS) - 699 GiB total, 277.987 GiB free.
G: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP89: 05.02.2012 18:02:36 - Installiert Mastercam X4 Maintenance Update 3
RP90: 05.02.2012 19:00:02 - Windows-Sicherung
RP91: 07.02.2012 22:13:20 - Windows Update
RP92: 12.02.2012 20:09:16 - Windows-Sicherung
RP93: 14.02.2012 17:19:40 - Windows Update
RP94: 14.02.2012 17:48:54 - DirectX wurde installiert
RP95: 14.02.2012 17:49:54 - DirectX wurde installiert
RP96: 14.02.2012 17:53:27 - Installed Windows Live ID Sign-in Assistant
RP97: 14.02.2012 17:53:45 - Installed Microsoft Games for Windows - LIVE Redistributable
RP98: 14.02.2012 17:55:40 - Installed Fable III
RP99: 15.02.2012 18:41:33 - Wiederherstellungsvorgang
.
==== Installed Programs ======================
.
@BIOS
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1) - Deutsch
Apple Application Support
Apple Software Update
AutoGreen B10.1021.1
Avira Free Antivirus
AVS Media Player 4.1.2.65
AVS Update Manager 1.0
AVS Video Converter 6
Battlefield 3™
Battlefield 3™ Open Beta
Battlelog Web Plugins
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 3 - Dedicated Server
CDBurnerXP
Corsair HS1 USB Headset
Cut3D 1.025
Cut3D Trial Edition 1.025
CyberLink PowerDVD 11
DAEMON Tools Lite
Dropbox
Easy Tune 6 B11.0512.1
ESN Sonar
Etron USB3.0 Host Controller
EVGA Precision 2.0.2
Fable III
Firebird SQL Server - MAGIX Edition
Free DWG Viewer 7.0
Free YouTube to MP3 Converter version 3.10.13.1123
Google Earth Plug-in
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 27
JDownloader 0.9
LIMBO Demo
MAGIX Online Print Service
MAGIX Photo Manager 10
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Malwarebytes Anti-Malware Version 1.60.1.1000
Mastercam X4
Mastercam X4 Maintenance Update 3
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2003 Web Components
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Applications - ENU
Mozilla Firefox 10.0.1 (x86 de)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ON_OFF Charge B11.0110.1
OpenOffice.org 3.3
Origin
Payday The Heist (c) OVERKILL Software version 1
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Smart 6 B11.0512.1
SolidWorks 2011 x64 Edition SP0
Splashtop Connect for Firefox
Splashtop Connect IE
Steam
TeamSpeak 3 Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VisualCAM 1.0
VisualMILL 6.0 Demo
VLC media player 1.1.11
XFLR5 v6.06
XpertMill
.
==== End Of File ===========================











.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27
Run by Roman at 21:14:08 on 2012-02-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1031.18.8109.5936 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\rundll32.exe
E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Splashtop Connect SearchHook: {0f3dc9e0-c459-4a40-bcf8-747bd9322e10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
mWinlogon: Userinit=userinit.exe
BHO: Splashtop Connect VisualBookmark: {0e5680d1-bf44-4929-94af-fd30d784ad1d} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
mRun: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [RemoteControl11] e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Roman\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube to MP3 Converter - C:\Users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9B6B0064-130E-499A-A590-23F640C70C8B} : DhcpNameServer = 192.168.1.1
{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun-x64: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [RemoteControl11] e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\nw45e7ap.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/02 15:30:59];E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [2011-9-16 148976]
R2 aksdf;aksdf;C:\Windows\system32\DRIVERS\aksdf.sys --> C:\Windows\system32\DRIVERS\aksdf.sys [?]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-19 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-12-19 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2012-1-2 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2012-1-2 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2012-1-2 292136]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 ntk_PowerDVD;ntk_PowerDVD;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2012-1-2 75248]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-3 2253120]
R2 SCBackService;Splashtop Connect Service;C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-10-3 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-3-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-3-22 497480]
R3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\system32\drivers\CAHS164.sys --> C:\Windows\system32\drivers\CAHS164.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-1 136176]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;E:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-10-5 87336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-16 1431888]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-1 136176]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-10-3 30528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
.
=============== Created Last 30 ================
.
2012-02-15 19:50:55 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-15 18:55:47 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-15 17:27:16 -------- d-----w- C:\Users\Roman\AppData\Roaming\Malwarebytes
2012-02-15 17:27:12 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-15 17:27:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-14 17:18:12 -------- d-sh--w- C:\ProgramData\DSS
2012-02-14 16:51:23 14744 ----a-w- C:\Users\Roman\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2012-02-14 16:50:47 -------- d--h--w- C:\Users\Roman\AppData\Roaming\Lionhead Studios
2012-02-14 16:49:52 -------- d-----w- C:\Windows\SysWow64\xlive
2012-02-14 16:49:52 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-02-14 16:19:59 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA9B4DB9-765A-4BEE-927B-C4424E818E0B}\mpengine.dll
2012-02-12 12:53:07 -------- d-----w- C:\Program Files (x86)\XFLR5
2012-02-05 17:03:40 271360 ----a-w- C:\Windows\System32\MCXApplet64.cpl
2012-02-05 17:03:16 -------- d-----w- C:\Program Files (x86)\Common Files\data dynamics
2012-02-05 17:02:57 -------- d-----w- C:\Windows\System32\uninstall MU3
2012-02-05 17:02:11 -------- d-----w- C:\Users\Roman\AppData\Local\Downloaded Installations
2012-02-05 17:01:13 314368 ----a-w- C:\Windows\System32\drivers\hardlock.sys
2012-02-05 17:01:10 65024 ----a-w- C:\Windows\System32\drivers\aksdf.sys
2012-02-05 17:00:44 -------- d-----w- C:\Program Files (x86)\Common Files\WinMain
2012-02-05 17:00:44 -------- d-----w- C:\Program Files (x86)\Codejock Software
2012-02-05 17:00:30 -------- d-----w- C:\Program Files (x86)\Common Files\Mastercam
2012-02-05 16:58:40 -------- d-----w- C:\Windows\Downloaded Installations
2012-02-01 15:30:18 -------- d--h--w- C:\Users\Roman\AppData\Local\Google
2012-01-24 20:52:46 -------- d--h--w- C:\Users\Roman\AppData\Roaming\redsn0w
.
==================== Find3M ====================
.
2012-02-15 19:28:19 25640 ----a-w- C:\Windows\gdrv.sys
2012-01-26 23:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-18 09:54:57 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-09 11:40:20 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2011-12-09 11:40:19 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
.
============= FINISH: 21:14:27.31 ===============

übrigens hat malwarebytes das hier gefunden: Rogue.FakeHDD und noch etwas was ich nichtmehr weis da es vor dem backup war und unter c benutzer hab ich 3 ordner,
öffentlich
Der mit meinem namen
und: UpdatusUser, dieser war vorher nicht. alle unterordner sind leer

habe die logdatei vom malewarebytes gefunden:
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|UhUknMwmQEyg.exe (Rogue.FakeHDD) -> Daten: C:\ProgramData\UhUknMwmQEyg.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\ProgramData\UhUknMwmQEyg.exe (Rogue.FakeHDD) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\1RLx0kqy52bHvn.exe (Rogue.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Roman\AppData\Local\Temp\7ECiT2680B5Jeb.exe.tmp (Rogue.FakeHDD) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

habe jetzt mit einem programm welches verborgene ordner wieder sichtbar macht wieder zugriff auf meine festplatte jedoch denke ich das immer noch reste vom virus vorhanden sind, also das system funktioniert soweit ausser das es ein wenig langsamer geworden ist.
würde mir bitte jemand helfen die restlichen schädlichen datein afzuspüren und zu löschen?

würde mich freuen
gruss Nuck

cosinus 16.02.2012 23:14
Unvollständige Logs sind sinnfrei. Poste die Logs von Malwarebytes und auch alle anderen immer nur vollständig und immer in CODE-Tags!

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

nuck 17.02.2012 17:53
ok sorry
also hier nochmal das log von malwarebytes
defogger hat nichts gemeldet.

Code:
Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
*** :: ***-PC [Administrator]

Schutz: Aktiviert

15.02.2012 18:28:47
mbam-log-2012-02-15 (18-28-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202581
Laufzeit: 1 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|UhUknMwmQEyg.exe (Rogue.FakeHDD) -> Daten: C:\ProgramData\UhUknMwmQEyg.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\ProgramData\UhUknMwmQEyg.exe (Rogue.FakeHDD) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\1RLx0kqy52bHvn.exe (Rogue.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\***\AppData\Local\Temp\7ECiT2680B5Jeb.exe.tmp (Rogue.FakeHDD) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
und die von dds

Code:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 1.6.0_27
Run by *** at 17:45:24 on 2012-02-17
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.41.1031.18.8109.6092 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\igfxpers.exe
C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
C:\Windows\system32\wbem\unsecapp.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Splashtop Connect SearchHook: {0f3dc9e0-c459-4a40-bcf8-747bd9322e10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
mWinlogon: Userinit=userinit.exe
BHO: Splashtop Connect VisualBookmark: {0e5680d1-bf44-4929-94af-fd30d784ad1d} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
mRun: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [RemoteControl11] e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\***\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube to MP3 Converter - C:\Users\\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93***} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9B6B0064-130E-499A-A590-23F640C70C8B} : DhcpNameServer = 192.168.1.1
{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun-x64: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [RemoteControl11] e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\nw45e7ap.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/02 15:30:59];E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [2011-9-16 148976]
R2 aksdf;aksdf;C:\Windows\system32\DRIVERS\aksdf.sys --> C:\Windows\system32\DRIVERS\aksdf.sys [?]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-19 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-12-19 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2012-1-2 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2012-1-2 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2012-1-2 292136]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-15 652360]
R2 ntk_PowerDVD;ntk_PowerDVD;E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2012-1-2 75248]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-3 2253120]
R2 SCBackService;Splashtop Connect Service;C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-10-3 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-3-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-3-22 497480]
R3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\system32\drivers\CAHS164.sys --> C:\Windows\system32\drivers\CAHS164.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-1 136176]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;E:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-10-5 87336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-16 1431888]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-1 136176]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-10-3 30528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
.
=============== Created Last 30 ================
.
2012-02-17 15:41:05        8602168        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{86D46049-DA6E-4A36-949D-BD7F8E72458C}\mpengine.dll
2012-02-16 18:21:17        --------        d-----w-        C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-15 22:03:31        --------        d-----w-        C:\Users\***\AppData\Local\PassMark
2012-02-15 21:45:44        540688        ----a-w-        C:\Windows\System32\d3dx10_39.dll
2012-02-15 21:45:44        1942552        ----a-w-        C:\Windows\System32\D3DCompiler_39.dll
2012-02-15 21:45:42        4992520        ----a-w-        C:\Windows\System32\D3DX9_39.dll
2012-02-15 21:45:16        --------        d-----w-        C:\ProgramData\Passmark
2012-02-15 21:45:14        --------        d-----w-        C:\Program Files\PerformanceTest
2012-02-15 19:50:55        23152        ----a-w-        C:\Windows\System32\drivers\mbam.sys
2012-02-15 18:55:47        --------        d-----w-        C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-15 17:27:16        --------        d-----w-        C:\Users\***\AppData\Roaming\Malwarebytes
2012-02-15 17:27:12        --------        d-----w-        C:\ProgramData\Malwarebytes
2012-02-15 17:27:11        --------        d-----w-        C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-14 17:18:12        --------        d-sh--w-        C:\ProgramData\DSS
2012-02-14 16:51:23        14744        ----a-w-        C:\Users\***\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2012-02-14 16:50:47        --------        d-----w-        C:\Users\***\AppData\Roaming\Lionhead Studios
2012-02-14 16:49:52        --------        d-----w-        C:\Windows\SysWow64\xlive
2012-02-14 16:49:52        --------        d-----w-        C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-02-12 12:53:07        --------        d-----w-        C:\Program Files (x86)\XFLR5
2012-02-05 17:03:40        271360        ----a-w-        C:\Windows\System32\MCXApplet64.cpl
2012-02-05 17:03:16        --------        d-----w-        C:\Program Files (x86)\Common Files\data dynamics
2012-02-05 17:02:57        --------        d-----w-        C:\Windows\System32\uninstall MU3
2012-02-05 17:02:11        --------        d-----w-        C:\Users\***\AppData\Local\Downloaded Installations
2012-02-05 17:01:13        314368        ----a-w-        C:\Windows\System32\drivers\hardlock.sys
2012-02-05 17:01:10        65024        ----a-w-        C:\Windows\System32\drivers\aksdf.sys
2012-02-05 17:00:44        --------        d-----w-        C:\Program Files (x86)\Common Files\WinMain
2012-02-05 17:00:44        --------        d-----w-        C:\Program Files (x86)\Codejock Software
2012-02-05 17:00:30        --------        d-----w-        C:\Program Files (x86)\Common Files\Mastercam
2012-02-05 16:58:40        --------        d-----w-        C:\Windows\Downloaded Installations
2012-02-01 15:30:18        --------        d-----w-        C:\Users\***\AppData\Local\Google
2012-01-24 20:52:46        --------        d-----w-        C:\Users\***\AppData\Roaming\redsn0w
.
==================== Find3M  ====================
.
2012-02-17 15:37:03        25640        ----a-w-        C:\Windows\gdrv.sys
2012-01-26 23:52:58        279656        ------w-        C:\Windows\System32\MpSigStub.exe
2012-01-14 04:06:27        3145728        ----a-w-        C:\Windows\System32\win32k.sys
2011-12-28 03:59:24        498688        ----a-w-        C:\Windows\System32\drivers\afd.sys
2011-12-18 09:54:57        414368        ----a-w-        C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-16 08:47:38        1188864        ----a-w-        C:\Windows\System32\wininet.dll
2011-12-16 08:46:06        634880        ----a-w-        C:\Windows\System32\msvcrt.dll
2011-12-16 07:54:22        981504        ----a-w-        C:\Windows\SysWow64\wininet.dll
2011-12-16 07:52:58        690688        ----a-w-        C:\Windows\SysWow64\msvcrt.dll
2011-12-16 06:44:38        1638912        ----a-w-        C:\Windows\System32\mshtml.tlb
2011-12-16 06:09:17        1638912        ----a-w-        C:\Windows\SysWow64\mshtml.tlb
2011-12-09 11:40:20        27760        ----a-w-        C:\Windows\System32\drivers\avkmgr.sys
2011-12-09 11:40:19        97312        ----a-w-        C:\Windows\System32\drivers\avgntflt.sys
.
============= FINISH: 17:45:48.28 ===============
und die von attach

Code:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 03.10.2011 19:17:55
System Uptime: 17.02.2012 16:36:24 (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | Z68AP-D3
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | Socket 1155 | 3601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 204.066 GiB free.
D: is CDROM (UDF)
E: is FIXED (NTFS) - 699 GiB total, 277.968 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP92: 12.02.2012 20:09:16 - Windows-Sicherung
RP93: 14.02.2012 17:19:40 - Windows Update
RP94: 14.02.2012 17:48:54 - DirectX wurde installiert
RP95: 14.02.2012 17:49:54 - DirectX wurde installiert
RP96: 14.02.2012 17:53:27 - Installed Windows Live ID Sign-in Assistant
RP97: 14.02.2012 17:53:45 - Installed Microsoft Games for Windows - LIVE Redistributable
RP98: 14.02.2012 17:55:40 - Installed Fable III
RP99: 15.02.2012 18:41:33 - Wiederherstellungsvorgang
RP100: 15.02.2012 22:45:20 - DirectX wurde installiert
RP101: 15.02.2012 23:03:00 - Installed Fable III
RP102: 16.02.2012 18:13:40 - Installed Fable III
RP103: 16.02.2012 19:18:25 - Windows Update
.
==== Installed Programs ======================
.
@BIOS
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1) - Deutsch
Apple Application Support
Apple Software Update
AutoGreen B10.1021.1
Avira Free Antivirus
AVS Media Player 4.1.2.65
AVS Update Manager 1.0
AVS Video Converter 6
Battlefield 3™
Battlefield 3™ Open Beta
Battlelog Web Plugins
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 3 - Dedicated Server
CDBurnerXP
Corsair HS1 USB Headset
Cut3D 1.025
Cut3D Trial Edition 1.025
CyberLink PowerDVD 11
DAEMON Tools Lite
Dropbox
Easy Tune 6 B11.0512.1
ESN Sonar
Etron USB3.0 Host Controller
EVGA Precision 2.0.2
Fable III
Firebird SQL Server - MAGIX Edition
Free DWG Viewer 7.0
Free YouTube to MP3 Converter version 3.10.13.1123
Google Earth Plug-in
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 27
JDownloader 0.9
LIMBO Demo
MAGIX Online Print Service
MAGIX Photo Manager 10
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Malwarebytes Anti-Malware Version 1.60.1.1000
Mastercam X4
Mastercam X4 Maintenance Update 3
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2003 Web Components
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Applications - ENU
Mozilla Firefox 10.0.1 (x86 de)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ON_OFF Charge B11.0110.1
OpenOffice.org 3.3
Origin
Payday The Heist (c) OVERKILL Software version 1
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Smart 6 B11.0512.1
SolidWorks 2011 x64 Edition SP0
Splashtop Connect for Firefox
Splashtop Connect IE
Steam
TeamSpeak 3 Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VisualCAM 1.0
VisualMILL 6.0 Demo
VLC media player 1.1.11
XFLR5 v6.06
XpertMill
.
==== End Of File ===========================
gmer hab ich nicht gemacht da ich ein 64bit sys habe
sorry hab denn 3+4 punkt im tutorial überlesen. hoffe das passt so
Danke für die Hilfe

cosinus 17.02.2012 18:30
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

nuck 17.02.2012 23:44
vollscan von malwarebytes

Code:
Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.17.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Roman :: ROMAN-PC [Administrator]

Schutz: Aktiviert

17.02.2012 20:48:45
mbam-log-2012-02-17 (20-48-45).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 375566
Laufzeit: 37 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
log von esset

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ba18da94fa590443853cbe393aec998d
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-17 10:21:12
# local_time=2012-02-17 11:21:12 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 5193156 5193156 0 0
# compatibility_mode=5893 16776573 100 94 21461 81140976 0 0
# compatibility_mode=8192 67108863 100 0 3930 3930 0 0
# scanned=181627
# found=1
# cleaned=0
# scan_time=6146
E:\***-PC\Backup Set 2012-01-08 190000\Backup Files 2012-02-12 200914\Backup files 5.zip        HTML/Fraud.BG trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 19.02.2012 18:23
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

nuck 20.02.2012 17:13
Also malwarebytes habe ich erst seit dem virus, daher sind noch keine anderen log dateien vorhanden.

habe mal otl geladen, hier sind die zwei txt files die rausgekommen sind.

Code:
OTL Extras logfile created on: 20.02.2012 17:03:28 - Run 1
OTL by OldTimer - Version 3.2.33.1    Folder = E:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
7.92 Gb Total Physical Memory | 5.92 Gb Available Physical Memory | 74.71% Memory free
15.84 Gb Paging File | 13.61 Gb Available in Paging File | 85.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 204.92 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive D: | 7.52 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 698.63 Gb Total Space | 238.38 Gb Free Space | 34.12% Space Free | Partition Type: NTFS
 
Computer Name: ROMAN-PC | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1026575537-662001013-383694450-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F113377-0BA1-4552-9ABB-9BF220FAF132}" = SolidWorks 2011 x64 Edition SP0
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5ECFC170-8934-4D31-8374-0837288D6AE3}" = SolidWorks eDrawings 2011 x64 Edition SP0
"{5F590D74-AA75-410F-A778-3CDFCE12DCD4}" = SolidWorks Explorer 2011 SP0 x64 Edition
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.38
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CEF0C5DA-21C5-4FA7-AD05-5D21C525543C}" = SolidWorks 2011 x64 German Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"PerformanceTest 7_is1" = PerformanceTest v7.0 (64-bit)
"Speccy" = Speccy
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04249B2E-9813-4D75-AD25-F444FE927A49}" = Mastercam X4 Maintenance Update 3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B4DC018-42BA-4384-8671-83F2AF623FC3}" = MAGIX Photo Manager 10
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{4099FB98-FA37-4B4E-9C81-39EE0B3CDE85}" = MAGIX Speed burnR (MSI)
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66120AC1-2B4A-4BD4-8D3C-7BC30FD5A5C4}" = MAGIX Screenshare
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB7}" = Corsair HS1 USB Headset
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D0EEBC6-361E-4D40-BA3E-E2CE05047FFB}" = VisualCAM 1.0
"{8FFCC4F5-6ED0-4814-8C8F-84D7F4857DC8}" = MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B515E79E-EAE2-4515-A334-B8B8A609A43A}" = Mastercam X4
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 7.0
"{C3CDD46D-BE0D-4401-BEBC-F5D995049DF9}" = MAGIX Online Print Service
"{C412D0F7-7F1B-4F8F-BDCD-835E2845BA53}" = VisualMILL 6.0 Demo
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Media Player_is1" = AVS Media Player 4.1.2.65
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Battlelog Web Plugins" = Battlelog Web Plugins
"Cut3D" = Cut3D 1.025
"Cut3D Trial Edition" = Cut3D Trial Edition 1.025
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"InstallShield_{04249B2E-9813-4D75-AD25-F444FE927A49}" = Mastercam X4 Maintenance Update 3
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"InstallShield_{B515E79E-EAE2-4515-A334-B8B8A609A43A}" = Mastercam X4
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"MAGIX_MSI_Foto_Manager_10" = MAGIX Photo Manager 10
"MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx" = MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Payday The Heist (c) OVERKILL Software_is1" = Payday The Heist (c) OVERKILL Software version 1
"Precision" = EVGA Precision 2.0.2
"PunkBusterSvc" = PunkBuster Services
"SolidWorks Installation Manager 20110-40000-1100-100" = SolidWorks 2011 x64 Edition SP0
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 48010" = LIMBO Demo
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.1.11
"XFLR5_is1" = XFLR5 v6.06
"XpertMill" = XpertMill
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1026575537-662001013-383694450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.02.2012 11:37:18 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 17.02.2012 16:33:16 | Computer Name = Roman-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.02.2012 04:22:37 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 18.02.2012 12:00:28 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 18.02.2012 12:28:26 | Computer Name = Roman-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.02.2012 12:30:18 | Computer Name = Roman-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "e:\downloads\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 19.02.2012 06:21:47 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 19.02.2012 12:30:05 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 19.02.2012 14:58:52 | Computer Name = Roman-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 20.02.2012 11:09:36 | Computer Name = Roman-PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 14.01.2012 07:06:05 | Computer Name = Roman-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 15.01.2012 18:20:41 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "CyberLink PowerDVD 11.0 Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 15.01.2012 18:29:09 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "CyberLink PowerDVD 11.0 Service" wurde unerwartet beendet.
 Dies ist bereits 2 Mal passiert.
 
Error - 06.02.2012 15:10:23 | Computer Name = Roman-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
 
Error - 10.02.2012 12:24:38 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 10.02.2012 12:24:38 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 11.02.2012 06:51:24 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 11.02.2012 06:51:24 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 18.02.2012 14:09:57 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 18.02.2012 14:09:57 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
 
< End of report >
Code:
OTL logfile created on: 20.02.2012 17:03:28 - Run 1
OTL by OldTimer - Version 3.2.33.1    Folder = E:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
7.92 Gb Total Physical Memory | 5.92 Gb Available Physical Memory | 74.71% Memory free
15.84 Gb Paging File | 13.61 Gb Available in Paging File | 85.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 204.92 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive D: | 7.52 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 698.63 Gb Total Space | 238.38 Gb Free Space | 34.12% Space Free | Partition Type: NTFS
 
Computer Name: ROMAN-PC | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.20 16:36:13 | 000,583,168 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
PRC - [2012.02.18 09:24:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.09 12:39:54 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.25 21:31:01 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.12 03:01:17 | 000,292,136 | ---- | M] (CyberLink) -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
PRC - [2011.10.12 03:01:08 | 000,075,048 | ---- | M] (CyberLink) -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
PRC - [2011.09.22 23:41:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.09.22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.14 14:48:20 | 000,230,696 | ---- | M] (CyberLink Corp.) -- E:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
PRC - [2011.09.14 14:48:18 | 000,083,240 | ---- | M] () -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
PRC - [2011.09.02 01:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.03.24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011.03.22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010.11.21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.11.15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010.04.22 14:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
PRC - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.18 09:24:16 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.18 10:54:57 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.09.22 11:29:36 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.10.16 15:41:00 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2012.02.17 18:08:45 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.25 21:31:01 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.12 19:05:36 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.10.12 19:05:36 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011.10.12 03:01:17 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.10.12 03:01:08 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.09.22 23:41:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.09.22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.09.14 14:48:18 | 000,083,240 | ---- | M] () [Auto | Running] -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011.03.22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010.10.05 07:07:08 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- E:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.02.15 20:45:19 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.09 12:40:20 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.09 12:40:19 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.10.12 18:21:19 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.31 18:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.16 21:10:08 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAHS164.sys -- (CorsairCAHS1)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 10:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 10:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.13 12:58:00 | 000,413,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 17:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006.12.13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2006.12.04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2012.02.20 16:09:21 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.10.03 19:38:18 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2011.09.16 10:36:34 | 000,148,976 | ---- | M] (CyberLink Corp.) [2012/01/02 15:30:59] [Kernel | Auto | Running] -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.09.14 14:48:19 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 81 71 24 7C 1F EC CC 01  [binary data]
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1026575537-662001013-383694450-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.ch/"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2011.10.03 18:27:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2011.10.03 18:27:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2011.10.03 18:27:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 09:24:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.10.03 19:11:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Extensions
[2012.02.15 20:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\nw45e7ap.default\extensions
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\nw45e7ap.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.09 19:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.18 09:24:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.09 19:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.09 19:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.09 19:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.09 19:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.09 19:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.09 19:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O4:64bit: - HKLM..\Run: [CAHS1Sound] C:\Windows\Syswow64\CAHS1.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RemoteControl11] e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1026575537-662001013-383694450-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-1026575537-662001013-383694450-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1026575537-662001013-383694450-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-1026575537-662001013-383694450-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6B0064-130E-499A-A590-23F640C70C8B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.09 20:28:18 | 000,231,518 | R--- | M] () - D:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2010.02.11 04:05:02 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2729a581-ee14-11e0-909c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2729a581-ee14-11e0-909c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2010.09.15 21:54:40 | 000,394,016 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{a5c2dc33-f4f3-11e0-89d2-50e549520e61}\Shell - "" = AutoRun
O33 - MountPoints2\{a5c2dc33-f4f3-11e0-89d2-50e549520e61}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Hintergrund-Downloader.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpFolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {3FB31358-D7A9-05A4-149A-3FCFCC1BD3EA} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {07256BB1-5D7E-942F-4813-D701CCDBE000} - Microsoft Windows Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0A4496DE-FD95-AC1F-5973-5D005E202D66} - Microsoft Windows Media Player 12.0
ActiveX: {0C712190-ED46-5CE2-DB47-0A43F7CAC660} - Themes Setup
ActiveX: {1CF52FDE-00E8-C975-7B43-FC0521B43B0B} - Microsoft Windows Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {298E5A84-0B99-8D33-819B-1B16E9D89444} - Microsoft Windows Media Player
ActiveX: {2A4C7B22-204D-EA17-ACFA-A2DD5CBD26D3} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {315DE673-C602-A776-A8D2-A4E04BC51D2C} - Browser Customizations
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C4CFC08-589B-9D5E-8967-E28DA53E99C4} - Microsoft Windows Media Player 12.0
ActiveX: {3D0AA619-6BA3-12DC-D87A-2211DEA2B735} - Themes Setup
ActiveX: {432BB57A-0FD6-76EA-960B-661323166B36} - Themes Setup
ActiveX: {445C9E49-7CF4-9A86-27D0-16979C402C26} - Microsoft Windows Media Player 12.0
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4B53BF47-AA37-1E04-DF2A-A874AAB561F7} - Microsoft Windows Media Player 12.0
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {505BE212-BEF4-9253-E031-7F3BDF59E2C6} - Microsoft Windows Media Player 12.0
ActiveX: {5595B710-F1A4-CBC2-B56E-9F81FD0840CA} - Java (Sun)
ActiveX: {5EEB403E-1743-6A6C-74B4-6C6684719C01} - Microsoft Windows Media Player 12.0
ActiveX: {5F331F7D-E73B-1F71-DAF4-582B69286AA9} - Microsoft Windows Media Player 12.0
ActiveX: {5F64676C-293D-4E41-5715-F1B83A0B9F7B} - Microsoft Windows Media Player
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7A1F8546-0B09-E924-9C8D-D63199E9E114} - Microsoft Windows Media Player 12.0
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {85838659-0A4E-4025-8B06-31A7A7CA1F29} - Offline Browsing Pack
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A912321-C4B0-52AD-0C74-3BDD516AB6DB} - Microsoft Windows Media Player
ActiveX: {A86051EE-3FC4-312F-735F-E824A3D99C2E} - Microsoft Windows Media Player
ActiveX: {A9571B04-9DA3-DB2C-2C3B-3DF9B3FE30AE} - .NET Framework
ActiveX: {ABC0FD49-C793-D6CD-66EB-F82A318FDB0E} - Microsoft Windows Media Player
ActiveX: {BB4F0292-29D6-051F-1291-9DE677D001DB} - Microsoft Windows Media Player 12.0
ActiveX: {BE283B78-9B20-07C8-4CD5-7277E6D6B495} - Browser Customizations
ActiveX: {BEEA38E6-24D9-132F-C11D-FA32A4A2649F} - Browser Customizations
ActiveX: {C97AF45D-0AA0-18F7-1733-A195197DF0EC} - Microsoft Windows Media Player
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E2E98D64-E763-DF10-4E63-4653B85AC129} - Microsoft Windows Media Player 12.0
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FA9E3ACD-A373-8054-BEBB-A485FAD77F73} - Java (Sun)
ActiveX: {FEB94680-B4B8-501D-2FCD-A2C25F3D0302} - Java (Sun)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.17 21:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.16 19:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012.02.15 23:03:40 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\PassMark
[2012.02.15 23:03:31 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\PassMark
[2012.02.15 22:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest (64-bit)
[2012.02.15 22:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Passmark
[2012.02.15 22:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\PerformanceTest
[2012.02.15 20:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.15 20:50:55 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.15 20:18:38 | 000,000,000 | ---D | C] -- C:\Users\Roman\Desktop\tdsskiller_2.5.5.0
[2012.02.15 20:15:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.02.15 19:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.02.15 19:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.02.15 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2012.02.15 18:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.15 18:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.14 18:18:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012.02.14 18:16:59 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\Games for Windows - LIVE Demos
[2012.02.14 17:50:47 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Lionhead Studios
[2012.02.14 17:50:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.02.14 17:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012.02.14 17:49:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.02.14 17:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.02.14 17:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Game Studios
[2012.02.12 13:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFLR5
[2012.02.12 13:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFLR5
[2012.02.08 19:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.02.05 18:03:40 | 000,271,360 | ---- | C] (CNC Software, Inc.) -- C:\Windows\SysNative\MCXApplet64.cpl
[2012.02.05 18:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\data dynamics
[2012.02.05 18:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\uninstall MU3
[2012.02.05 18:02:11 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Downloaded Installations
[2012.02.05 18:01:13 | 000,314,368 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2012.02.05 18:01:10 | 000,065,024 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2012.02.05 18:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mastercam X4
[2012.02.05 18:00:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\WinMain
[2012.02.05 18:00:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codejock Software
[2012.02.05 18:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Mastercam
[2012.02.05 18:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012.02.05 17:58:40 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.02.01 16:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.02.01 16:30:18 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Google
[2012.01.24 21:52:46 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\redsn0w
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.20 16:41:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.20 16:16:28 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 16:16:28 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 16:13:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.20 16:13:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.20 16:13:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.20 16:13:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.20 16:13:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.20 16:09:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.20 16:08:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.20 16:08:43 | 2082,299,903 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.16 21:23:16 | 000,390,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 22:58:30 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Fable III.lnk
[2012.02.15 21:20:56 | 000,305,246 | ---- | M] () -- C:\Users\Roman\Desktop\Unbenannt.png
[2012.02.15 21:13:14 | 000,000,168 | ---- | M] () -- C:\Users\Roman\defogger_reenable
[2012.02.15 20:50:57 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.15 20:45:19 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.02.15 20:18:24 | 001,309,375 | ---- | M] () -- C:\Users\Roman\Desktop\tdsskiller_2.5.5.0.zip
[2012.02.15 18:14:23 | 000,000,440 | ---- | M] () -- C:\ProgramData\1RLx0kqy52bHvn
[2012.02.15 18:13:36 | 000,000,312 | ---- | M] () -- C:\ProgramData\~1RLx0kqy52bHvn
[2012.02.15 18:13:36 | 000,000,216 | ---- | M] () -- C:\ProgramData\~1RLx0kqy52bHvnr
[2012.02.12 15:13:44 | 000,029,548 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\XFLR5.ini
[2012.02.12 13:53:08 | 000,000,999 | ---- | M] () -- C:\Users\Roman\Desktop\XFLR5.lnk
[2012.02.05 18:00:48 | 000,001,578 | ---- | M] () -- C:\Users\Public\Desktop\Mastercam X4.lnk
 
========== Files Created - No Company Name ==========
 
[2012.02.15 21:20:56 | 000,305,246 | ---- | C] () -- C:\Users\Roman\Desktop\Unbenannt.png
[2012.02.15 21:13:14 | 000,000,168 | ---- | C] () -- C:\Users\Roman\defogger_reenable
[2012.02.15 20:50:57 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.15 20:18:22 | 001,309,375 | ---- | C] () -- C:\Users\Roman\Desktop\tdsskiller_2.5.5.0.zip
[2012.02.15 18:11:08 | 000,000,312 | ---- | C] () -- C:\ProgramData\~1RLx0kqy52bHvn
[2012.02.15 18:11:08 | 000,000,216 | ---- | C] () -- C:\ProgramData\~1RLx0kqy52bHvnr
[2012.02.15 18:10:56 | 000,000,440 | ---- | C] () -- C:\ProgramData\1RLx0kqy52bHvn
[2012.02.14 17:53:40 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012.02.14 17:48:43 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Fable III.lnk
[2012.02.12 13:47:02 | 000,000,999 | ---- | C] () -- C:\Users\Roman\Desktop\XFLR5.lnk
[2012.02.05 18:00:48 | 000,001,578 | ---- | C] () -- C:\Users\Public\Desktop\Mastercam X4.lnk
[2012.02.05 17:22:52 | 000,029,548 | ---- | C] () -- C:\Users\Roman\AppData\Roaming\XFLR5.ini
[2012.02.01 16:30:23 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.01 16:30:22 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.06 12:33:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\glut32.dll
[2011.10.16 15:46:29 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011.10.03 20:51:05 | 000,007,597 | ---- | C] () -- C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
[2011.10.03 20:12:45 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.03 20:12:44 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.03 19:30:32 | 000,143,360 | ---- | C] () -- C:\Windows\VmixHS1.dll
[2011.10.03 19:30:28 | 000,000,266 | ---- | C] () -- C:\Windows\CAHS1.ini.cfl
[2011.10.03 19:30:24 | 000,001,525 | ---- | C] () -- C:\Windows\CAHS1.ini.cfg
[2011.10.03 19:30:24 | 000,000,347 | ---- | C] () -- C:\Windows\CAHS1.ini.imi
[2011.10.03 18:39:25 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.10.03 18:31:25 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.10.03 18:28:31 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.03 18:28:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.03 18:26:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.08.31 18:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.31 18:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.31 18:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010.07.30 04:07:30 | 000,000,539 | ---- | C] () -- C:\Windows\CAHS1.ini
 
========== LOP Check ==========
 
[2012.02.15 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Canneverbe Limited
[2011.10.12 18:22:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2011.10.31 21:22:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DassaultSystemes
[2012.02.20 16:09:44 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Dropbox
[2011.12.03 14:56:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDVideoSoft
[2011.12.03 14:56:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.15 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\IGC
[2012.02.14 17:50:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Lionhead Studios
[2012.02.15 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\MAGIX
[2012.02.15 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2011.10.24 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Origin
[2011.12.10 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\pycam
[2012.01.24 22:35:19 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\redsn0w
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Splashtop
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TS3Client
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ts3overlay
[2012.02.20 16:59:00 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\uTorrent
[2012.01.12 16:27:15 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.15 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Adobe
[2012.01.07 17:24:09 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Apple Computer
[2011.12.19 20:06:57 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Avira
[2012.01.02 14:50:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AVS4YOU
[2012.02.15 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Canneverbe Limited
[2012.02.15 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\CyberLink
[2011.10.12 18:22:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2011.10.31 21:22:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DassaultSystemes
[2012.02.20 16:09:44 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Dropbox
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\dvdcss
[2011.12.03 14:56:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDVideoSoft
[2011.12.03 14:56:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.03 18:18:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Identities
[2012.02.15 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\IGC
[2011.10.03 18:31:16 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\InstallShield
[2012.02.14 17:50:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Lionhead Studios
[2011.10.03 20:32:00 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Macromedia
[2012.02.15 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\MAGIX
[2012.02.15 18:27:16 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2011.04.12 08:54:43 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Media Center Programs
[2012.02.15 20:26:46 | 000,000,000 | --SD | M] -- C:\Users\Roman\AppData\Roaming\Microsoft
[2012.02.15 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla
[2011.12.18 20:46:26 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\NVIDIA
[2012.02.15 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2011.10.24 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Origin
[2011.12.10 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\pycam
[2012.01.24 22:35:19 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\redsn0w
[2012.02.15 20:25:59 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\SolidWorks
[2011.10.17 17:41:20 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\SolidWorks 2011
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Splashtop
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TS3Client
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ts3overlay
[2012.02.20 16:59:00 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\uTorrent
[2012.02.15 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\vlc
[2011.10.08 16:03:24 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.09.02 01:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.09.02 01:42:12 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Roman\AppData\Roaming\Dropbox\bin\Uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< End of report >

cosinus 20.02.2012 20:56
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2012.02.15 18:14:23 | 000,000,440 | ---- | M] () -- C:\ProgramData\1RLx0kqy52bHvn
[2012.02.15 18:13:36 | 000,000,312 | ---- | M] () -- C:\ProgramData\~1RLx0kqy52bHvn
[2012.02.15 18:13:36 | 000,000,216 | ---- | M] () -- C:\ProgramData\~1RLx0kqy52bHvnr
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

nuck 23.02.2012 22:12
Mit otl gefixt:


Code:
All processes killed
========== OTL ==========
C:\ProgramData\1RLx0kqy52bHvn moved successfully.
C:\ProgramData\~1RLx0kqy52bHvn moved successfully.
C:\ProgramData\~1RLx0kqy52bHvnr moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Roman
->Temp folder emptied: 67377810 bytes
->Temporary Internet Files folder emptied: 71942020 bytes
->Java cache emptied: 966681 bytes
->FireFox cache emptied: 1214699860 bytes
->Flash cache emptied: 163902 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 181740031 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 245195289 bytes
 
Total Files Cleaned = 1'700.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.33.2 log created on 02232012_220650

Files\Folders moved on Reboot...
C:\Users\Roman\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 23.02.2012 22:16
Zitat:
[2012.02.15 20:18:24 | 001,309,375 | ---- | M] () -- C:\Users\Roman\Desktop\tdsskiller_2.5.5.0.zip
Was hast du damit schon angestellt? Log dazu?

nuck 24.02.2012 20:01
hab in einem anderen beitrag gelesen das tds jemand benüzt hat und deshalb hab ichs mal runtergeladen, hat aber nichts gefunden wie ich mich erinnern mag, jedoch weis ich nicht wo es das log hinspeichert

cosinus 24.02.2012 20:04
Direkt auf C:

nuck 24.02.2012 23:08
Ah ja genau Danke!

Also tds hat das rausgespuckt:

Code:
20:19:27.0778 5716        TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
20:19:27.0863 5716        ============================================================
20:19:27.0863 5716        Current date / time: 2012/02/15 20:19:27.0863
20:19:27.0863 5716        SystemInfo:
20:19:27.0863 5716       
20:19:27.0863 5716        OS Version: 6.1.7601 ServicePack: 1.0
20:19:27.0863 5716        Product type: Workstation
20:19:27.0863 5716        ComputerName: ROMAN-PC
20:19:27.0863 5716        UserName: Roman
20:19:27.0863 5716        Windows directory: C:\Windows
20:19:27.0863 5716        System windows directory: C:\Windows
20:19:27.0863 5716        Running under WOW64
20:19:27.0863 5716        Processor architecture: Intel x64
20:19:27.0863 5716        Number of processors: 4
20:19:27.0863 5716        Page size: 0x1000
20:19:27.0863 5716        Boot type: Normal boot
20:19:27.0863 5716        ============================================================
20:19:30.0508 5716        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:19:30.0529 5716        Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:30.0535 5716        \Device\Harddisk0\DR0:
20:19:30.0544 5716        MBR used
20:19:30.0544 5716        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:19:30.0544 5716        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
20:19:30.0544 5716        \Device\Harddisk1\DR1:
20:19:30.0544 5716        MBR used
20:19:30.0544 5716        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
20:19:30.0740 5716        Initialize success
20:19:30.0740 5716        ============================================================
20:20:05.0000 5968        ============================================================
20:20:05.0000 5968        Scan started
20:20:05.0000 5968        Mode: Manual;
20:20:05.0000 5968        ============================================================
20:20:07.0725 5968        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:20:07.0734 5968        1394ohci - ok
20:20:07.0759 5968        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:20:07.0761 5968        ACPI - ok
20:20:07.0775 5968        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:20:07.0779 5968        AcpiPmi - ok
20:20:07.0845 5968        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:20:07.0855 5968        adp94xx - ok
20:20:07.0872 5968        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:20:07.0879 5968        adpahci - ok
20:20:07.0896 5968        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:20:07.0901 5968        adpu320 - ok
20:20:07.0960 5968        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:20:07.0974 5968        AFD - ok
20:20:07.0991 5968        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:20:07.0995 5968        agp440 - ok
20:20:08.0029 5968        aksdf          (bc569a6c209d94f6643ee35710aec1f6) C:\Windows\system32\DRIVERS\aksdf.sys
20:20:08.0035 5968        aksdf - ok
20:20:08.0050 5968        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:20:08.0052 5968        aliide - ok
20:20:08.0061 5968        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:20:08.0065 5968        amdide - ok
20:20:08.0076 5968        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:20:08.0080 5968        AmdK8 - ok
20:20:08.0096 5968        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:20:08.0100 5968        AmdPPM - ok
20:20:08.0135 5968        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:20:08.0139 5968        amdsata - ok
20:20:08.0165 5968        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:20:08.0171 5968        amdsbs - ok
20:20:08.0190 5968        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:20:08.0194 5968        amdxata - ok
20:20:08.0270 5968        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:20:08.0274 5968        AppID - ok
20:20:08.0325 5968        AppleCharger    (6be11ad81d4527d299f0cb5f3731aabc) C:\Windows\system32\DRIVERS\AppleCharger.sys
20:20:08.0329 5968        AppleCharger - ok
20:20:08.0355 5968        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:20:08.0359 5968        arc - ok
20:20:08.0370 5968        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:20:08.0374 5968        arcsas - ok
20:20:08.0404 5968        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:08.0404 5968        AsyncMac - ok
20:20:08.0420 5968        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:20:08.0420 5968        atapi - ok
20:20:08.0475 5968        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:08.0481 5968        avgntflt - ok
20:20:08.0505 5968        avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
20:20:08.0511 5968        avipbb - ok
20:20:08.0531 5968        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:20:08.0534 5968        avkmgr - ok
20:20:08.0571 5968        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:20:08.0580 5968        b06bdrv - ok
20:20:08.0602 5968        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:08.0607 5968        b57nd60a - ok
20:20:08.0625 5968        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:20:08.0627 5968        Beep - ok
20:20:08.0659 5968        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:08.0662 5968        blbdrive - ok
20:20:08.0692 5968        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:20:08.0696 5968        bowser - ok
20:20:08.0720 5968        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:20:08.0722 5968        BrFiltLo - ok
20:20:08.0756 5968        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:20:08.0757 5968        BrFiltUp - ok
20:20:08.0806 5968        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:20:08.0814 5968        Brserid - ok
20:20:08.0831 5968        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:08.0835 5968        BrSerWdm - ok
20:20:08.0860 5968        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:08.0862 5968        BrUsbMdm - ok
20:20:08.0871 5968        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:08.0874 5968        BrUsbSer - ok
20:20:08.0890 5968        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:20:08.0894 5968        BTHMODEM - ok
20:20:08.0927 5968        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:20:08.0929 5968        cdfs - ok
20:20:08.0971 5968        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:20:08.0977 5968        cdrom - ok
20:20:08.0994 5968        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:20:08.0999 5968        circlass - ok
20:20:09.0029 5968        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:20:09.0032 5968        CLFS - ok
20:20:09.0106 5968        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:20:09.0109 5968        CmBatt - ok
20:20:09.0125 5968        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:20:09.0129 5968        cmdide - ok
20:20:09.0205 5968        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:20:09.0217 5968        CNG - ok
20:20:09.0230 5968        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:20:09.0234 5968        Compbatt - ok
20:20:09.0261 5968        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:20:09.0265 5968        CompositeBus - ok
20:20:09.0337 5968        CorsairCAHS1    (984cc82169360ea26076a77949254a1b) C:\Windows\system32\drivers\CAHS164.sys
20:20:09.0359 5968        CorsairCAHS1 - ok
20:20:09.0372 5968        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:20:09.0375 5968        crcdisk - ok
20:20:09.0407 5968        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:20:09.0411 5968        DfsC - ok
20:20:09.0435 5968        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:20:09.0437 5968        discache - ok
20:20:09.0466 5968        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:20:09.0471 5968        Disk - ok
20:20:09.0506 5968        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:20:09.0509 5968        drmkaud - ok
20:20:09.0544 5968        dtsoftbus01    (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:20:09.0546 5968        dtsoftbus01 - ok
20:20:09.0569 5968        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:20:09.0584 5968        DXGKrnl - ok
20:20:09.0640 5968        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:20:09.0672 5968        ebdrv - ok
20:20:09.0710 5968        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:20:09.0717 5968        elxstor - ok
20:20:09.0736 5968        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:20:09.0739 5968        ErrDev - ok
20:20:09.0785 5968        EtronHub3      (3663291d0d26001a2bb67678ab61d14c) C:\Windows\system32\Drivers\EtronHub3.sys
20:20:09.0789 5968        EtronHub3 - ok
20:20:09.0810 5968        EtronXHCI      (744420d6c062c38f7361870f010d6d4b) C:\Windows\system32\Drivers\EtronXHCI.sys
20:20:09.0814 5968        EtronXHCI - ok
20:20:09.0849 5968        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:20:09.0855 5968        exfat - ok
20:20:09.0887 5968        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:20:09.0892 5968        fastfat - ok
20:20:09.0907 5968        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:20:09.0910 5968        fdc - ok
20:20:09.0942 5968        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:20:09.0947 5968        FileInfo - ok
20:20:09.0965 5968        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:20:09.0967 5968        Filetrace - ok
20:20:09.0996 5968        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:20:09.0997 5968        flpydisk - ok
20:20:10.0017 5968        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:20:10.0024 5968        FltMgr - ok
20:20:10.0050 5968        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:20:10.0052 5968        FsDepends - ok
20:20:10.0064 5968        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:20:10.0066 5968        Fs_Rec - ok
20:20:10.0087 5968        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:20:10.0094 5968        fvevol - ok
20:20:10.0141 5968        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:20:10.0146 5968        gagp30kx - ok
20:20:10.0172 5968        gdrv            (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
20:20:10.0172 5968        gdrv - ok
20:20:10.0209 5968        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:20:10.0212 5968        GEARAspiWDM - ok
20:20:10.0267 5968        GVTDrv64        (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
20:20:10.0269 5968        GVTDrv64 - ok
20:20:10.0374 5968        Hardlock        (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
20:20:10.0386 5968        Hardlock - ok
20:20:10.0406 5968        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:20:10.0410 5968        hcw85cir - ok
20:20:10.0449 5968        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:20:10.0459 5968        HdAudAddService - ok
20:20:10.0496 5968        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:10.0497 5968        HDAudBus - ok
20:20:10.0510 5968        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:20:10.0512 5968        HidBatt - ok
20:20:10.0534 5968        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:20:10.0537 5968        HidBth - ok
20:20:10.0564 5968        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:20:10.0567 5968        HidIr - ok
20:20:10.0622 5968        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:20:10.0626 5968        HidUsb - ok
20:20:10.0669 5968        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:20:10.0674 5968        HpSAMD - ok
20:20:10.0704 5968        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:20:10.0720 5968        HTTP - ok
20:20:10.0737 5968        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:20:10.0741 5968        hwpolicy - ok
20:20:10.0762 5968        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:20:10.0767 5968        i8042prt - ok
20:20:10.0815 5968        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:20:10.0825 5968        iaStorV - ok
20:20:11.0037 5968        igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:20:11.0185 5968        igfx - ok
20:20:11.0267 5968        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:20:11.0271 5968        iirsp - ok
20:20:11.0374 5968        IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys
20:20:11.0404 5968        IntcAzAudAddService - ok
20:20:11.0445 5968        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:11.0452 5968        IntcDAud - ok
20:20:11.0482 5968        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:20:11.0486 5968        intelide - ok
20:20:11.0519 5968        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:20:11.0520 5968        intelppm - ok
20:20:11.0552 5968        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:11.0557 5968        IpFilterDriver - ok
20:20:11.0585 5968        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:20:11.0590 5968        IPMIDRV - ok
20:20:11.0604 5968        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:20:11.0609 5968        IPNAT - ok
20:20:11.0640 5968        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:20:11.0642 5968        IRENUM - ok
20:20:11.0674 5968        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:20:11.0676 5968        isapnp - ok
20:20:11.0700 5968        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:20:11.0709 5968        iScsiPrt - ok
20:20:11.0726 5968        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:11.0731 5968        kbdclass - ok
20:20:11.0741 5968        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:11.0744 5968        kbdhid - ok
20:20:11.0779 5968        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:20:11.0784 5968        KSecDD - ok
20:20:11.0815 5968        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:20:11.0821 5968        KSecPkg - ok
20:20:11.0855 5968        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:20:11.0857 5968        ksthunk - ok
20:20:11.0877 5968        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:20:11.0882 5968        lltdio - ok
20:20:11.0905 5968        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:20:11.0910 5968        LSI_FC - ok
20:20:11.0940 5968        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:20:11.0944 5968        LSI_SAS - ok
20:20:11.0956 5968        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:20:11.0961 5968        LSI_SAS2 - ok
20:20:11.0977 5968        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:20:11.0981 5968        LSI_SCSI - ok
20:20:12.0006 5968        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:20:12.0010 5968        luafv - ok
20:20:12.0065 5968        MBAMProtector  (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:20:12.0069 5968        MBAMProtector - ok
20:20:12.0112 5968        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:20:12.0116 5968        megasas - ok
20:20:12.0179 5968        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:20:12.0186 5968        MegaSR - ok
20:20:12.0215 5968        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:12.0219 5968        MEIx64 - ok
20:20:12.0237 5968        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:20:12.0240 5968        Modem - ok
20:20:12.0279 5968        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:20:12.0280 5968        monitor - ok
20:20:12.0304 5968        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:20:12.0309 5968        mouclass - ok
20:20:12.0321 5968        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:20:12.0324 5968        mouhid - ok
20:20:12.0354 5968        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:20:12.0359 5968        mountmgr - ok
20:20:12.0384 5968        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:20:12.0390 5968        mpio - ok
20:20:12.0410 5968        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:20:12.0412 5968        mpsdrv - ok
20:20:12.0432 5968        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:20:12.0437 5968        MRxDAV - ok
20:20:12.0467 5968        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:12.0472 5968        mrxsmb - ok
20:20:12.0494 5968        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:12.0500 5968        mrxsmb10 - ok
20:20:12.0516 5968        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:12.0520 5968        mrxsmb20 - ok
20:20:12.0535 5968        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:20:12.0537 5968        msahci - ok
20:20:12.0559 5968        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:20:12.0562 5968        msdsm - ok
20:20:12.0581 5968        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:20:12.0584 5968        Msfs - ok
20:20:12.0601 5968        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:20:12.0604 5968        mshidkmdf - ok
20:20:12.0617 5968        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:20:12.0620 5968        msisadrv - ok
20:20:12.0656 5968        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:20:12.0657 5968        MSKSSRV - ok
20:20:12.0670 5968        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:12.0672 5968        MSPCLOCK - ok
20:20:12.0682 5968        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:20:12.0685 5968        MSPQM - ok
20:20:12.0701 5968        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:20:12.0707 5968        MsRPC - ok
20:20:12.0741 5968        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:20:12.0741 5968        mssmbios - ok
20:20:12.0757 5968        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:20:12.0760 5968        MSTEE - ok
20:20:12.0775 5968        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:20:12.0782 5968        MTConfig - ok
20:20:12.0809 5968        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:20:12.0812 5968        Mup - ok
20:20:12.0869 5968        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:20:12.0876 5968        NativeWifiP - ok
20:20:12.0916 5968        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:20:12.0927 5968        NDIS - ok
20:20:12.0947 5968        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:12.0951 5968        NdisCap - ok
20:20:12.0990 5968        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:12.0994 5968        NdisTapi - ok
20:20:13.0012 5968        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:13.0017 5968        Ndisuio - ok
20:20:13.0034 5968        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:13.0040 5968        NdisWan - ok
20:20:13.0057 5968        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:20:13.0061 5968        NDProxy - ok
20:20:13.0076 5968        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:20:13.0079 5968        NetBIOS - ok
20:20:13.0104 5968        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:20:13.0110 5968        NetBT - ok
20:20:13.0144 5968        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:20:13.0147 5968        nfrd960 - ok
20:20:13.0187 5968        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:20:13.0191 5968        Npfs - ok
20:20:13.0216 5968        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:20:13.0219 5968        nsiproxy - ok
20:20:13.0257 5968        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:20:13.0280 5968        Ntfs - ok
20:20:13.0369 5968        ntk_PowerDVD    (7420b2e1f65642129b6e23bd42f752aa) e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
20:20:13.0375 5968        ntk_PowerDVD - ok
20:20:13.0387 5968        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:20:13.0390 5968        Null - ok
20:20:13.0416 5968        NVHDA          (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
20:20:13.0435 5968        NVHDA - ok
20:20:13.0862 5968        nvlddmkm        (aa043614b7f65eaf7fa83068286d5981) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:14.0010 5968        nvlddmkm - ok
20:20:14.0107 5968        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:20:14.0114 5968        nvraid - ok
20:20:14.0130 5968        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:20:14.0136 5968        nvstor - ok
20:20:14.0182 5968        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:20:14.0189 5968        nv_agp - ok
20:20:14.0205 5968        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:20:14.0209 5968        ohci1394 - ok
20:20:14.0252 5968        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:20:14.0256 5968        Parport - ok
20:20:14.0271 5968        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:20:14.0275 5968        partmgr - ok
20:20:14.0290 5968        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:20:14.0295 5968        pci - ok
20:20:14.0312 5968        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:20:14.0315 5968        pciide - ok
20:20:14.0333 5968        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:20:14.0340 5968        pcmcia - ok
20:20:14.0351 5968        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:20:14.0355 5968        pcw - ok
20:20:14.0376 5968        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:20:14.0387 5968        PEAUTH - ok
20:20:14.0437 5968        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:20:14.0441 5968        PptpMiniport - ok
20:20:14.0465 5968        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:20:14.0467 5968        Processor - ok
20:20:14.0490 5968        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:20:14.0491 5968        Psched - ok
20:20:14.0525 5968        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:20:14.0540 5968        ql2300 - ok
20:20:14.0561 5968        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:20:14.0565 5968        ql40xx - ok
20:20:14.0581 5968        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:20:14.0582 5968        QWAVEdrv - ok
20:20:14.0595 5968        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:20:14.0597 5968        RasAcd - ok
20:20:14.0617 5968        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:14.0622 5968        RasAgileVpn - ok
20:20:14.0642 5968        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:14.0647 5968        Rasl2tp - ok
20:20:14.0682 5968        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:14.0688 5968        RasPppoe - ok
20:20:14.0703 5968        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:20:14.0707 5968        RasSstp - ok
20:20:14.0722 5968        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:20:14.0730 5968        rdbss - ok
20:20:14.0748 5968        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:20:14.0751 5968        rdpbus - ok
20:20:14.0788 5968        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:14.0791 5968        RDPCDD - ok
20:20:14.0805 5968        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:20:14.0807 5968        RDPENCDD - ok
20:20:14.0816 5968        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:20:14.0817 5968        RDPREFMP - ok
20:20:14.0840 5968        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:20:14.0846 5968        RDPWD - ok
20:20:14.0888 5968        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:20:14.0896 5968        rdyboost - ok
20:20:14.0925 5968        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:20:14.0927 5968        rspndr - ok
20:20:14.0992 5968        RTL8167        (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:20:15.0001 5968        RTL8167 - ok
20:20:15.0020 5968        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:20:15.0025 5968        sbp2port - ok
20:20:15.0061 5968        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:20:15.0065 5968        scfilter - ok
20:20:15.0082 5968        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:20:15.0085 5968        secdrv - ok
20:20:15.0113 5968        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:20:15.0116 5968        Serenum - ok
20:20:15.0132 5968        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:20:15.0136 5968        Serial - ok
20:20:15.0162 5968        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:20:15.0165 5968        sermouse - ok
20:20:15.0198 5968        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:20:15.0200 5968        sffdisk - ok
20:20:15.0216 5968        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:20:15.0218 5968        sffp_mmc - ok
20:20:15.0230 5968        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:20:15.0232 5968        sffp_sd - ok
20:20:15.0246 5968        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:20:15.0258 5968        sfloppy - ok
20:20:15.0282 5968        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:20:15.0286 5968        SiSRaid2 - ok
20:20:15.0310 5968        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:20:15.0315 5968        SiSRaid4 - ok
20:20:15.0340 5968        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:20:15.0343 5968        Smb - ok
20:20:15.0371 5968        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:20:15.0373 5968        spldr - ok
20:20:15.0403 5968        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:20:15.0412 5968        srv - ok
20:20:15.0433 5968        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:20:15.0441 5968        srv2 - ok
20:20:15.0458 5968        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:20:15.0462 5968        srvnet - ok
20:20:15.0507 5968        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:20:15.0510 5968        stexstor - ok
20:20:15.0556 5968        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:20:15.0560 5968        swenum - ok
20:20:15.0621 5968        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:20:15.0651 5968        Tcpip - ok
20:20:15.0683 5968        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:20:15.0695 5968        TCPIP6 - ok
20:20:15.0708 5968        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:20:15.0711 5968        tcpipreg - ok
20:20:15.0725 5968        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:20:15.0726 5968        TDPIPE - ok
20:20:15.0756 5968        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:20:15.0758 5968        TDTCP - ok
20:20:15.0780 5968        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:20:15.0785 5968        tdx - ok
20:20:15.0802 5968        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:20:15.0806 5968        TermDD - ok
20:20:15.0832 5968        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:15.0835 5968        tssecsrv - ok
20:20:15.0852 5968        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:20:15.0858 5968        TsUsbFlt - ok
20:20:15.0876 5968        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:20:15.0881 5968        TsUsbGD - ok
20:20:15.0912 5968        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:20:15.0918 5968        tunnel - ok
20:20:15.0930 5968        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:20:15.0935 5968        uagp35 - ok
20:20:15.0956 5968        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:20:15.0963 5968        udfs - ok
20:20:15.0990 5968        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:20:15.0993 5968        uliagpkx - ok
20:20:16.0008 5968        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:20:16.0012 5968        umbus - ok
20:20:16.0033 5968        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:20:16.0036 5968        UmPass - ok
20:20:16.0098 5968        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:20:16.0100 5968        USBAAPL64 - ok
20:20:16.0120 5968        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:20:16.0126 5968        usbaudio - ok
20:20:16.0151 5968        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:16.0155 5968        usbccgp - ok
20:20:16.0188 5968        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:20:16.0196 5968        usbcir - ok
20:20:16.0212 5968        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:20:16.0216 5968        usbehci - ok
20:20:16.0233 5968        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:20:16.0241 5968        usbhub - ok
20:20:16.0252 5968        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:20:16.0255 5968        usbohci - ok
20:20:16.0267 5968        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:20:16.0270 5968        usbprint - ok
20:20:16.0310 5968        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:16.0311 5968        USBSTOR - ok
20:20:16.0325 5968        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:20:16.0328 5968        usbuhci - ok
20:20:16.0361 5968        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:20:16.0365 5968        vdrvroot - ok
20:20:16.0378 5968        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:16.0381 5968        vga - ok
20:20:16.0395 5968        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:20:16.0397 5968        VgaSave - ok
20:20:16.0422 5968        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:20:16.0430 5968        vhdmp - ok
20:20:16.0440 5968        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:20:16.0443 5968        viaide - ok
20:20:16.0461 5968        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:20:16.0465 5968        volmgr - ok
20:20:16.0481 5968        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:20:16.0488 5968        volmgrx - ok
20:20:16.0507 5968        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:20:16.0513 5968        volsnap - ok
20:20:16.0555 5968        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:20:16.0561 5968        vsmraid - ok
20:20:16.0575 5968        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:20:16.0577 5968        vwifibus - ok
20:20:16.0601 5968        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:20:16.0603 5968        WacomPen - ok
20:20:16.0621 5968        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:16.0626 5968        WANARP - ok
20:20:16.0628 5968        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:16.0628 5968        Wanarpv6 - ok
20:20:16.0697 5968        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:20:16.0700 5968        Wd - ok
20:20:16.0718 5968        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:20:16.0730 5968        Wdf01000 - ok
20:20:16.0756 5968        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:16.0758 5968        WfpLwf - ok
20:20:16.0816 5968        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:20:16.0820 5968        WIMMount - ok
20:20:16.0913 5968        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:16.0913 5968        WinUsb - ok
20:20:16.0943 5968        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:20:16.0946 5968        WmiAcpi - ok
20:20:17.0001 5968        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:20:17.0003 5968        ws2ifsl - ok
20:20:17.0046 5968        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:20:17.0051 5968        WudfPf - ok
20:20:17.0062 5968        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:17.0063 5968        WUDFRd - ok
20:20:17.0116 5968        {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl
20:20:17.0120 5968        {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:20:17.0135 5968        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:20:17.0191 5968        \Device\Harddisk0\DR0 - ok
20:20:17.0193 5968        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
20:20:17.0195 5968        \Device\Harddisk1\DR1 - ok
20:20:17.0197 5968        Boot (0x1200)  (3230e2982ce7d9607e40bb5f3b536005) \Device\Harddisk0\DR0\Partition0
20:20:17.0198 5968        \Device\Harddisk0\DR0\Partition0 - ok
20:20:17.0222 5968        Boot (0x1200)  (8bcd2edb73221ff51818aac04574f6b0) \Device\Harddisk0\DR0\Partition1
20:20:17.0223 5968        \Device\Harddisk0\DR0\Partition1 - ok
20:20:17.0226 5968        Boot (0x1200)  (e79a095ced4ef5bd033dd33e9fb25c60) \Device\Harddisk1\DR1\Partition0
20:20:17.0233 5968        \Device\Harddisk1\DR1\Partition0 - ok
20:20:17.0233 5968        ============================================================
20:20:17.0233 5968        Scan finished
20:20:17.0233 5968        ============================================================
20:20:17.0241 5580        Detected object count: 0
20:20:17.0241 5580        Actual detected object count: 0
20:20:29.0577 5552        ============================================================
20:20:29.0577 5552        Scan started
20:20:29.0577 5552        Mode: Manual; SigCheck; TDLFS;
20:20:29.0577 5552        ============================================================
20:20:30.0103 5552        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:20:30.0227 5552        1394ohci - ok
20:20:30.0244 5552        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:20:30.0257 5552        ACPI - ok
20:20:30.0269 5552        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:20:30.0336 5552        AcpiPmi - ok
20:20:30.0363 5552        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:20:30.0377 5552        adp94xx - ok
20:20:30.0399 5552        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:20:30.0411 5552        adpahci - ok
20:20:30.0432 5552        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:20:30.0442 5552        adpu320 - ok
20:20:30.0469 5552        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:20:30.0499 5552        AFD - ok
20:20:30.0511 5552        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:20:30.0518 5552        agp440 - ok
20:20:30.0548 5552        aksdf          (bc569a6c209d94f6643ee35710aec1f6) C:\Windows\system32\DRIVERS\aksdf.sys
20:20:30.0587 5552        aksdf - ok
20:20:30.0602 5552        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:20:30.0609 5552        aliide - ok
20:20:30.0622 5552        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:20:30.0629 5552        amdide - ok
20:20:30.0653 5552        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:20:30.0681 5552        AmdK8 - ok
20:20:30.0697 5552        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:20:30.0749 5552        AmdPPM - ok
20:20:30.0778 5552        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:20:30.0791 5552        amdsata - ok
20:20:30.0808 5552        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:20:30.0818 5552        amdsbs - ok
20:20:30.0849 5552        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:20:30.0857 5552        amdxata - ok
20:20:30.0879 5552        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:20:30.0964 5552        AppID - ok
20:20:30.0993 5552        AppleCharger    (6be11ad81d4527d299f0cb5f3731aabc) C:\Windows\system32\DRIVERS\AppleCharger.sys
20:20:31.0049 5552        AppleCharger - ok
20:20:31.0064 5552        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:20:31.0076 5552        arc - ok
20:20:31.0087 5552        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:20:31.0099 5552        arcsas - ok
20:20:31.0112 5552        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:31.0198 5552        AsyncMac - ok
20:20:31.0212 5552        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:20:31.0217 5552        atapi - ok
20:20:31.0259 5552        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:31.0264 5552        avgntflt - ok
20:20:31.0297 5552        avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
20:20:31.0307 5552        avipbb - ok
20:20:31.0323 5552        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:20:31.0331 5552        avkmgr - ok
20:20:31.0356 5552        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:20:31.0423 5552        b06bdrv - ok
20:20:31.0444 5552        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:31.0469 5552        b57nd60a - ok
20:20:31.0483 5552        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:20:31.0528 5552        Beep - ok
20:20:31.0542 5552        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:31.0554 5552        blbdrive - ok
20:20:31.0576 5552        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:20:31.0608 5552        bowser - ok
20:20:31.0628 5552        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:20:31.0659 5552        BrFiltLo - ok
20:20:31.0697 5552        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:20:31.0714 5552        BrFiltUp - ok
20:20:31.0738 5552        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:20:31.0787 5552        Brserid - ok
20:20:31.0806 5552        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:31.0827 5552        BrSerWdm - ok
20:20:31.0851 5552        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:31.0871 5552        BrUsbMdm - ok
20:20:31.0887 5552        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:31.0926 5552        BrUsbSer - ok
20:20:31.0947 5552        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:20:31.0979 5552        BTHMODEM - ok
20:20:32.0001 5552        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:20:32.0068 5552        cdfs - ok
20:20:32.0086 5552        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:20:32.0118 5552        cdrom - ok
20:20:32.0149 5552        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:20:32.0202 5552        circlass - ok
20:20:32.0227 5552        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:20:32.0244 5552        CLFS - ok
20:20:32.0271 5552        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:20:32.0309 5552        CmBatt - ok
20:20:32.0331 5552        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:20:32.0341 5552        cmdide - ok
20:20:32.0369 5552        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:20:32.0402 5552        CNG - ok
20:20:32.0419 5552        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:20:32.0427 5552        Compbatt - ok
20:20:32.0449 5552        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:20:32.0476 5552        CompositeBus - ok
20:20:32.0527 5552        CorsairCAHS1    (984cc82169360ea26076a77949254a1b) C:\Windows\system32\drivers\CAHS164.sys
20:20:32.0577 5552        CorsairCAHS1 - ok
20:20:32.0594 5552        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:20:32.0602 5552        crcdisk - ok
20:20:32.0621 5552        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:20:32.0661 5552        DfsC - ok
20:20:32.0674 5552        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:20:32.0711 5552        discache - ok
20:20:32.0729 5552        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:20:32.0734 5552        Disk - ok
20:20:32.0778 5552        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:20:32.0801 5552        drmkaud - ok
20:20:32.0848 5552        dtsoftbus01    (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:20:32.0859 5552        dtsoftbus01 - ok
20:20:32.0882 5552        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:20:32.0898 5552        DXGKrnl - ok
20:20:32.0949 5552        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:20:32.0989 5552        ebdrv - ok
20:20:33.0016 5552        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:20:33.0024 5552        elxstor - ok
20:20:33.0042 5552        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:20:33.0091 5552        ErrDev - ok
20:20:33.0132 5552        EtronHub3      (3663291d0d26001a2bb67678ab61d14c) C:\Windows\system32\Drivers\EtronHub3.sys
20:20:33.0172 5552        EtronHub3 - ok
20:20:33.0189 5552        EtronXHCI      (744420d6c062c38f7361870f010d6d4b) C:\Windows\system32\Drivers\EtronXHCI.sys
20:20:33.0206 5552        EtronXHCI - ok
20:20:33.0228 5552        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:20:33.0273 5552        exfat - ok
20:20:33.0292 5552        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:20:33.0313 5552        fastfat - ok
20:20:33.0329 5552        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:20:33.0342 5552        fdc - ok
20:20:33.0364 5552        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:20:33.0369 5552        FileInfo - ok
20:20:33.0387 5552        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:20:33.0418 5552        Filetrace - ok
20:20:33.0433 5552        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:20:33.0441 5552        flpydisk - ok
20:20:33.0456 5552        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:20:33.0463 5552        FltMgr - ok
20:20:33.0479 5552        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:20:33.0484 5552        FsDepends - ok
20:20:33.0502 5552        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:20:33.0507 5552        Fs_Rec - ok
20:20:33.0526 5552        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:20:33.0533 5552        fvevol - ok
20:20:33.0554 5552        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:20:33.0559 5552        gagp30kx - ok
20:20:33.0586 5552        gdrv            (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
20:20:33.0589 5552        gdrv - ok
20:20:33.0629 5552        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:20:33.0637 5552        GEARAspiWDM - ok
20:20:33.0656 5552        GVTDrv64        (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
20:20:33.0661 5552        GVTDrv64 - ok
20:20:33.0694 5552        Hardlock        (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
20:20:33.0718 5552        Hardlock - ok
20:20:33.0737 5552        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:20:33.0773 5552        hcw85cir - ok
20:20:33.0803 5552        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:20:33.0823 5552        HdAudAddService - ok
20:20:33.0843 5552        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:33.0862 5552        HDAudBus - ok
20:20:33.0873 5552        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:20:33.0888 5552        HidBatt - ok
20:20:33.0904 5552        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:20:33.0936 5552        HidBth - ok
20:20:33.0952 5552        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:20:33.0963 5552        HidIr - ok
20:20:34.0011 5552        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:20:34.0029 5552        HidUsb - ok
20:20:34.0048 5552        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:20:34.0056 5552        HpSAMD - ok
20:20:34.0082 5552        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:20:34.0116 5552        HTTP - ok
20:20:34.0126 5552        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:20:34.0131 5552        hwpolicy - ok
20:20:34.0151 5552        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:20:34.0158 5552        i8042prt - ok
20:20:34.0194 5552        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:20:34.0202 5552        iaStorV - ok
20:20:34.0353 5552        igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:20:34.0478 5552        igfx - ok
20:20:34.0572 5552        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:20:34.0583 5552        iirsp - ok
20:20:34.0662 5552        IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys
20:20:34.0699 5552        IntcAzAudAddService - ok
20:20:34.0741 5552        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:34.0767 5552        IntcDAud - ok
20:20:34.0788 5552        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:20:34.0797 5552        intelide - ok
20:20:34.0824 5552        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:20:34.0852 5552        intelppm - ok
20:20:34.0874 5552        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:34.0906 5552        IpFilterDriver - ok
20:20:34.0923 5552        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:20:34.0971 5552        IPMIDRV - ok
20:20:34.0992 5552        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:20:35.0042 5552        IPNAT - ok
20:20:35.0061 5552        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:20:35.0102 5552        IRENUM - ok
20:20:35.0119 5552        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:20:35.0129 5552        isapnp - ok
20:20:35.0179 5552        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:20:35.0194 5552        iScsiPrt - ok
20:20:35.0206 5552        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:35.0214 5552        kbdclass - ok
20:20:35.0228 5552        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:35.0251 5552        kbdhid - ok
20:20:35.0299 5552        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:20:35.0311 5552        KSecDD - ok
20:20:35.0336 5552        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:20:35.0348 5552        KSecPkg - ok
20:20:35.0383 5552        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:20:35.0426 5552        ksthunk - ok
20:20:35.0438 5552        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:20:35.0462 5552        lltdio - ok
20:20:35.0483 5552        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:20:35.0489 5552        LSI_FC - ok
20:20:35.0501 5552        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:20:35.0507 5552        LSI_SAS - ok
20:20:35.0527 5552        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:20:35.0532 5552        LSI_SAS2 - ok
20:20:35.0547 5552        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:20:35.0553 5552        LSI_SCSI - ok
20:20:35.0568 5552        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:20:35.0593 5552        luafv - ok
20:20:35.0618 5552        MBAMProtector  (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:20:35.0623 5552        MBAMProtector - ok
20:20:35.0641 5552        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:20:35.0647 5552        megasas - ok
20:20:35.0664 5552        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:20:35.0672 5552        MegaSR - ok
20:20:35.0694 5552        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:35.0698 5552        MEIx64 - ok
20:20:35.0716 5552        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:20:35.0757 5552        Modem - ok
20:20:35.0791 5552        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:20:35.0811 5552        monitor - ok
20:20:35.0824 5552        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:20:35.0834 5552        mouclass - ok
20:20:35.0849 5552        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:20:35.0861 5552        mouhid - ok
20:20:35.0874 5552        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:20:35.0883 5552        mountmgr - ok
20:20:35.0921 5552        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:20:35.0934 5552        mpio - ok
20:20:35.0956 5552        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:20:36.0001 5552        mpsdrv - ok
20:20:36.0019 5552        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:20:36.0036 5552        MRxDAV - ok
20:20:36.0062 5552        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:36.0092 5552        mrxsmb - ok
20:20:36.0114 5552        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:36.0129 5552        mrxsmb10 - ok
20:20:36.0144 5552        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:36.0156 5552        mrxsmb20 - ok
20:20:36.0172 5552        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:20:36.0179 5552        msahci - ok
20:20:36.0194 5552        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:20:36.0203 5552        msdsm - ok
20:20:36.0213 5552        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:20:36.0249 5552        Msfs - ok
20:20:36.0263 5552        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:20:36.0289 5552        mshidkmdf - ok
20:20:36.0303 5552        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:20:36.0308 5552        msisadrv - ok
20:20:36.0333 5552        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:20:36.0371 5552        MSKSSRV - ok
20:20:36.0381 5552        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:36.0409 5552        MSPCLOCK - ok
20:20:36.0427 5552        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:20:36.0469 5552        MSPQM - ok
20:20:36.0487 5552        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:20:36.0494 5552        MsRPC - ok
20:20:36.0552 5552        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:20:36.0562 5552        mssmbios - ok
20:20:36.0584 5552        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:20:36.0629 5552        MSTEE - ok
20:20:36.0643 5552        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:20:36.0659 5552        MTConfig - ok
20:20:36.0677 5552        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:20:36.0682 5552        Mup - ok
20:20:36.0719 5552        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:20:36.0748 5552        NativeWifiP - ok
20:20:36.0779 5552        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:20:36.0793 5552        NDIS - ok
20:20:36.0808 5552        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:36.0828 5552        NdisCap - ok
20:20:36.0842 5552        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:36.0872 5552        NdisTapi - ok
20:20:36.0889 5552        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:36.0911 5552        Ndisuio - ok
20:20:36.0927 5552        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:36.0953 5552        NdisWan - ok
20:20:36.0967 5552        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:20:36.0996 5552        NDProxy - ok
20:20:37.0011 5552        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:20:37.0037 5552        NetBIOS - ok
20:20:37.0054 5552        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:20:37.0076 5552        NetBT - ok
20:20:37.0096 5552        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:20:37.0101 5552        nfrd960 - ok
20:20:37.0131 5552        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:20:37.0178 5552        Npfs - ok
20:20:37.0192 5552        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:20:37.0212 5552        nsiproxy - ok
20:20:37.0246 5552        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:20:37.0266 5552        Ntfs - ok
20:20:37.0273 5552        ntk_PowerDVD    (7420b2e1f65642129b6e23bd42f752aa) e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
20:20:37.0278 5552        ntk_PowerDVD - ok
20:20:37.0289 5552        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:20:37.0316 5552        Null - ok
20:20:37.0342 5552        NVHDA          (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
20:20:37.0347 5552        NVHDA - ok
20:20:37.0504 5552        nvlddmkm        (aa043614b7f65eaf7fa83068286d5981) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:37.0627 5552        nvlddmkm - ok
20:20:37.0727 5552        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:20:37.0741 5552        nvraid - ok
20:20:37.0758 5552        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:20:37.0772 5552        nvstor - ok
20:20:37.0827 5552        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:20:37.0839 5552        nv_agp - ok
20:20:37.0857 5552        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:20:37.0877 5552        ohci1394 - ok
20:20:37.0897 5552        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:20:37.0917 5552        Parport - ok
20:20:37.0941 5552        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:20:37.0949 5552        partmgr - ok
20:20:37.0967 5552        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:20:37.0977 5552        pci - ok
20:20:37.0989 5552        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:20:37.0997 5552        pciide - ok
20:20:38.0012 5552        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:20:38.0022 5552        pcmcia - ok
20:20:38.0037 5552        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:20:38.0044 5552        pcw - ok
20:20:38.0062 5552        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:20:38.0097 5552        PEAUTH - ok
20:20:38.0123 5552        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:20:38.0148 5552        PptpMiniport - ok
20:20:38.0167 5552        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:20:38.0187 5552        Processor - ok
20:20:38.0201 5552        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:20:38.0229 5552        Psched - ok
20:20:38.0259 5552        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:20:38.0278 5552        ql2300 - ok
20:20:38.0297 5552        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:20:38.0303 5552        ql40xx - ok
20:20:38.0324 5552        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:20:38.0334 5552        QWAVEdrv - ok
20:20:38.0347 5552        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:20:38.0368 5552        RasAcd - ok
20:20:38.0386 5552        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:38.0407 5552        RasAgileVpn - ok
20:20:38.0419 5552        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:38.0449 5552        Rasl2tp - ok
20:20:38.0468 5552        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:38.0494 5552        RasPppoe - ok
20:20:38.0513 5552        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:20:38.0534 5552        RasSstp - ok
20:20:38.0548 5552        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:20:38.0571 5552        rdbss - ok
20:20:38.0601 5552        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:20:38.0618 5552        rdpbus - ok
20:20:38.0632 5552        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:38.0652 5552        RDPCDD - ok
20:20:38.0666 5552        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:20:38.0697 5552        RDPENCDD - ok
20:20:38.0704 5552        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:20:38.0724 5552        RDPREFMP - ok
20:20:38.0741 5552        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:20:38.0762 5552        RDPWD - ok
20:20:38.0789 5552        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:20:38.0796 5552        rdyboost - ok
20:20:38.0817 5552        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:20:38.0838 5552        rspndr - ok
20:20:38.0859 5552        RTL8167        (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:20:38.0867 5552        RTL8167 - ok
20:20:38.0879 5552        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:20:38.0884 5552        sbp2port - ok
20:20:38.0896 5552        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:20:38.0927 5552        scfilter - ok
20:20:38.0942 5552        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:20:38.0962 5552        secdrv - ok
20:20:38.0982 5552        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:20:39.0018 5552        Serenum - ok
20:20:39.0032 5552        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:20:39.0053 5552        Serial - ok
20:20:39.0072 5552        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:20:39.0097 5552        sermouse - ok
20:20:39.0116 5552        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:20:39.0131 5552        sffdisk - ok
20:20:39.0151 5552        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:20:39.0174 5552        sffp_mmc - ok
20:20:39.0188 5552        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:20:39.0227 5552        sffp_sd - ok
20:20:39.0246 5552        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:20:39.0271 5552        sfloppy - ok
20:20:39.0292 5552        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:20:39.0301 5552        SiSRaid2 - ok
20:20:39.0319 5552        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:20:39.0328 5552        SiSRaid4 - ok
20:20:39.0341 5552        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:20:39.0380 5552        Smb - ok
20:20:39.0406 5552        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:20:39.0412 5552        spldr - ok
20:20:39.0446 5552        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:20:39.0467 5552        srv - ok
20:20:39.0483 5552        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:20:39.0506 5552        srv2 - ok
20:20:39.0533 5552        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:20:39.0543 5552        srvnet - ok
20:20:39.0567 5552        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:20:39.0573 5552        stexstor - ok
20:20:39.0598 5552        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:20:39.0603 5552        swenum - ok
20:20:39.0663 5552        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:20:39.0698 5552        Tcpip - ok
20:20:39.0722 5552        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:20:39.0743 5552        TCPIP6 - ok
20:20:39.0758 5552        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:20:39.0788 5552        tcpipreg - ok
20:20:39.0808 5552        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:20:39.0828 5552        TDPIPE - ok
20:20:39.0835 5552        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:20:39.0863 5552        TDTCP - ok
20:20:39.0880 5552        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:20:39.0900 5552        tdx - ok
20:20:39.0911 5552        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:20:39.0916 5552        TermDD - ok
20:20:39.0941 5552        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:40.0018 5552        tssecsrv - ok
20:20:40.0036 5552        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:20:40.0058 5552        TsUsbFlt - ok
20:20:40.0076 5552        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:20:40.0101 5552        TsUsbGD - ok
20:20:40.0120 5552        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:20:40.0157 5552        tunnel - ok
20:20:40.0171 5552        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:20:40.0177 5552        uagp35 - ok
20:20:40.0196 5552        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:20:40.0222 5552        udfs - ok
20:20:40.0238 5552        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:20:40.0243 5552        uliagpkx - ok
20:20:40.0257 5552        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:20:40.0273 5552        umbus - ok
20:20:40.0283 5552        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:20:40.0296 5552        UmPass - ok
20:20:40.0332 5552        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:20:40.0358 5552        USBAAPL64 - ok
20:20:40.0377 5552        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:20:40.0401 5552        usbaudio - ok
20:20:40.0417 5552        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:40.0436 5552        usbccgp - ok
20:20:40.0462 5552        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:20:40.0488 5552        usbcir - ok
20:20:40.0503 5552        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:20:40.0526 5552        usbehci - ok
20:20:40.0541 5552        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:20:40.0563 5552        usbhub - ok
20:20:40.0583 5552        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:20:40.0606 5552        usbohci - ok
20:20:40.0625 5552        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:20:40.0647 5552        usbprint - ok
20:20:40.0666 5552        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:40.0693 5552        USBSTOR - ok
20:20:40.0706 5552        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:20:40.0727 5552        usbuhci - ok
20:20:40.0743 5552        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:20:40.0752 5552        vdrvroot - ok
20:20:40.0768 5552        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:40.0781 5552        vga - ok
20:20:40.0793 5552        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:20:40.0818 5552        VgaSave - ok
20:20:40.0837 5552        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:20:40.0843 5552        vhdmp - ok
20:20:40.0855 5552        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:20:40.0860 5552        viaide - ok
20:20:40.0876 5552        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:20:40.0881 5552        volmgr - ok
20:20:40.0896 5552        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:20:40.0905 5552        volmgrx - ok
20:20:40.0922 5552        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:20:40.0930 5552        volsnap - ok
20:20:40.0945 5552        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:20:40.0951 5552        vsmraid - ok
20:20:40.0965 5552        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:20:40.0977 5552        vwifibus - ok
20:20:40.0991 5552        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:20:41.0010 5552        WacomPen - ok
20:20:41.0028 5552        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:41.0060 5552        WANARP - ok
20:20:41.0061 5552        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:41.0082 5552        Wanarpv6 - ok
20:20:41.0103 5552        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:20:41.0108 5552        Wd - ok
20:20:41.0125 5552        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:20:41.0135 5552        Wdf01000 - ok
20:20:41.0155 5552        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:41.0175 5552        WfpLwf - ok
20:20:41.0190 5552        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:20:41.0195 5552        WIMMount - ok
20:20:41.0228 5552        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:41.0250 5552        WinUsb - ok
20:20:41.0267 5552        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:20:41.0276 5552        WmiAcpi - ok
20:20:41.0300 5552        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:20:41.0326 5552        ws2ifsl - ok
20:20:41.0352 5552        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:20:41.0383 5552        WudfPf - ok
20:20:41.0402 5552        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:41.0423 5552        WUDFRd - ok
20:20:41.0431 5552        {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) e:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl
20:20:41.0436 5552        {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:20:41.0442 5552        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:20:41.0560 5552        \Device\Harddisk0\DR0 - ok
20:20:41.0562 5552        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
20:20:41.0607 5552        \Device\Harddisk1\DR1 - ok
20:20:41.0610 5552        Boot (0x1200)  (3230e2982ce7d9607e40bb5f3b536005) \Device\Harddisk0\DR0\Partition0
20:20:41.0611 5552        \Device\Harddisk0\DR0\Partition0 - ok
20:20:41.0637 5552        Boot (0x1200)  (8bcd2edb73221ff51818aac04574f6b0) \Device\Harddisk0\DR0\Partition1
20:20:41.0638 5552        \Device\Harddisk0\DR0\Partition1 - ok
20:20:41.0641 5552        Boot (0x1200)  (e79a095ced4ef5bd033dd33e9fb25c60) \Device\Harddisk1\DR1\Partition0
20:20:41.0642 5552        \Device\Harddisk1\DR1\Partition0 - ok
20:20:41.0642 5552        ============================================================
20:20:41.0642 5552        Scan finished
20:20:41.0642 5552        ============================================================
20:20:41.0648 5012        Detected object count: 0
20:20:41.0648 5012        Actual detected object count: 0
20:20:44.0065 5668        Deinitialize success

cosinus 25.02.2012 00:36
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

nuck 26.02.2012 15:55
ok combifix wurde ausgeführt hier die log:

Combofix Logfile:
Code:
ComboFix 12-02-25.02 - Roman 26.02.2012  15:35:57.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.41.1031.18.8109.6550 [GMT 1:00]
ausgeführt von:: e:\downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-01-26 bis 2012-02-26  ))))))))))))))))))))))))))))))
.
.
2012-02-26 14:39 . 2012-02-26 14:39        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-02-24 18:55 . 2012-02-08 07:13        8643640        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{D91FE907-0987-4954-B306-7450E6BF7A91}\mpengine.dll
2012-02-21 19:56 . 2012-02-21 19:56        --------        d-----w-        c:\users\UpdatusUser
2012-02-21 19:55 . 2012-02-22 21:20        --------        d-----w-        c:\windows\SysWow64\NV
2012-02-21 19:55 . 2012-02-22 21:20        --------        d-----w-        c:\windows\system32\NV
2012-02-21 19:55 . 2012-02-10 03:05        2497985        ----a-w-        c:\windows\system32\nvcoproc.bin
2012-02-20 17:39 . 2012-02-20 20:51        --------        d-----w-        c:\programdata\EA Logs
2012-02-17 20:33 . 2012-02-17 20:33        --------        d-----w-        c:\program files (x86)\ESET
2012-02-16 18:21 . 2012-02-16 18:21        --------        d-----w-        c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-15 22:03 . 2012-02-15 22:03        --------        d-----w-        c:\users\Roman\AppData\Local\PassMark
2012-02-15 21:45 . 2008-07-12 07:18        540688        ----a-w-        c:\windows\system32\d3dx10_39.dll
2012-02-15 21:45 . 2008-07-12 07:18        1942552        ----a-w-        c:\windows\system32\D3DCompiler_39.dll
2012-02-15 21:45 . 2008-07-12 07:18        4992520        ----a-w-        c:\windows\system32\D3DX9_39.dll
2012-02-15 21:45 . 2012-02-15 21:45        --------        d-----w-        c:\programdata\Passmark
2012-02-15 21:45 . 2012-02-15 21:45        --------        d-----w-        c:\program files\PerformanceTest
2012-02-15 19:50 . 2011-12-10 14:24        23152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-02-15 19:15 . 2012-02-15 19:15        --------        d-----w-        c:\windows\system32\Macromed
2012-02-15 18:55 . 2012-02-15 19:26        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy
2012-02-15 17:27 . 2012-02-15 17:27        --------        d-----w-        c:\users\Roman\AppData\Roaming\Malwarebytes
2012-02-15 17:27 . 2012-02-15 17:27        --------        d-----w-        c:\programdata\Malwarebytes
2012-02-15 17:27 . 2012-02-15 19:50        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-14 17:18 . 2012-02-14 17:18        --------        d-sh--w-        c:\programdata\DSS
2012-02-14 16:50 . 2012-02-14 16:50        --------        d-----w-        c:\users\Roman\AppData\Roaming\Lionhead Studios
2012-02-14 16:49 . 2012-02-14 16:50        --------        d-----w-        c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-02-14 16:49 . 2012-02-14 16:49        --------        d-----w-        c:\windows\SysWow64\xlive
2012-02-12 12:53 . 2012-02-12 12:53        --------        d-----w-        c:\program files (x86)\XFLR5
2012-02-09 19:05 . 2012-02-09 19:05        416064        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2012-02-05 17:03 . 2010-01-13 02:32        271360        ----a-w-        c:\windows\system32\MCXApplet64.cpl
2012-02-05 17:03 . 2012-02-05 17:03        --------        d-----w-        c:\program files (x86)\Common Files\data dynamics
2012-02-05 17:02 . 2012-02-05 17:02        --------        d-----w-        c:\windows\system32\uninstall MU3
2012-02-05 17:02 . 2012-02-15 19:25        --------        d-----w-        c:\users\Roman\AppData\Local\Downloaded Installations
2012-02-05 17:01 . 2006-12-04 09:44        314368        ----a-w-        c:\windows\system32\drivers\hardlock.sys
2012-02-05 17:01 . 2006-12-13 17:14        65024        ----a-w-        c:\windows\system32\drivers\aksdf.sys
2012-02-05 17:00 . 2012-02-05 17:00        --------        d-----w-        c:\program files (x86)\Common Files\WinMain
2012-02-05 17:00 . 2012-02-05 17:00        --------        d-----w-        c:\program files (x86)\Codejock Software
2012-02-05 17:00 . 2012-02-05 17:03        --------        d-----w-        c:\program files (x86)\Common Files\Mastercam
2012-02-05 17:00 . 2012-02-15 19:22        --------        d-----w-        c:\programdata\Macrovision
2012-02-05 16:58 . 2012-02-05 16:58        --------        d-----w-        c:\windows\Downloaded Installations
2012-02-01 15:30 . 2012-02-08 18:42        --------        d-----w-        c:\program files (x86)\Google
2012-02-01 15:30 . 2012-02-01 15:30        --------        d-----w-        c:\users\Roman\AppData\Local\Google
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-26 14:40 . 2011-10-03 17:47        25640        ----a-w-        c:\windows\gdrv.sys
2012-02-24 20:51 . 2011-10-03 19:52        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2012-02-24 20:51 . 2011-10-03 19:12        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2012-02-24 20:48 . 2011-10-03 19:12        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2012-02-20 18:00 . 2011-10-03 19:12        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2012-02-15 19:45 . 2011-12-19 19:06        132320        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-02-14 16:55 . 2009-08-18 11:49        564632        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-02-14 16:55 . 2009-08-18 10:24        18328        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-10 04:13 . 2011-10-03 18:51        1737536        ----a-w-        c:\windows\system32\nvdispco64.dll
2012-02-10 04:13 . 2011-10-03 18:51        1466176        ----a-w-        c:\windows\system32\nvgenco64.dll
2012-02-10 04:13 . 2011-10-03 17:44        9717568        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2012-02-10 04:13 . 2011-10-03 17:44        7713088        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2012-02-10 04:13 . 2011-10-03 17:44        2660160        ----a-w-        c:\windows\system32\nvapi64.dll
2012-02-10 04:13 . 2011-10-03 17:44        2301248        ----a-w-        c:\windows\SysWow64\nvapi.dll
2012-02-10 04:13 . 2011-10-03 17:44        15009600        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2012-02-10 03:14 . 2011-01-07 18:50        6074176        ----a-w-        c:\windows\system32\nvcpl.dll
2012-02-10 03:14 . 2011-01-07 18:49        3089728        ----a-w-        c:\windows\system32\nvsvc64.dll
2012-02-10 03:07 . 2011-01-07 18:49        2561856        ----a-w-        c:\windows\system32\nvsvcr.dll
2012-02-10 03:07 . 2011-01-07 18:49        118080        ----a-w-        c:\windows\system32\nvmctray.dll
2012-02-10 03:07 . 2011-01-07 18:49        889664        ----a-w-        c:\windows\system32\nvvsvc.exe
2012-02-10 03:07 . 2011-01-07 18:49        63296        ----a-w-        c:\windows\system32\nvshext.dll
2012-01-29 04:10 . 2010-11-21 03:27        279656        ------w-        c:\windows\system32\MpSigStub.exe
2011-12-18 09:54 . 2011-10-03 19:31        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-09 11:40 . 2011-12-19 19:06        27760        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2011-12-09 11:40 . 2011-12-19 19:06        97312        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll" [2011-03-04 165776]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-03-04 776064]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-09 258512]
"RemoteControl11"="e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe" [2011-09-14 230696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="e:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Roman\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;e:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-10-05 87336]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-16 1431888]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-10-03 30528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/02 15:30];e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [2011-09-16 09:36 148976]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-09 86224]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-09-14 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 ntk_PowerDVD;ntk_PowerDVD;e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-09-14 75248]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 CorsairCAHS1;CA-HS1 Interface;c:\windows\system32\drivers\CAHS164.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 15:30]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 15:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"CAHS1Sound"="c:\windows\Syswow64\CAHS1.dll" [2010-08-18 8724480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Roman\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\nw45e7ap.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-XpertMill - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\e:\program files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="PhotoManager10Deluxe.8.alb"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-02-26  15:43:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-02-26 14:43
.
Vor Suchlauf: 12 Verzeichnis(se), 224'469'127'168 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 224'315'871'232 Bytes frei
.
- - End Of File - - 46087D79E65EACB47B2F20248616E2E4
[/CODE]
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:33 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131