| |
| |||||||
Log-Analyse und Auswertung: Firefox Tab öffnet sich automatischWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.10.2011, 18:00
| #1 |
 |  Firefox Tab öffnet sich automatisch Hallloooooo... folgender Tab öffnet sich automatisch, während ich mit dem Firefox browse: hxxp://p4.foisdxw4jglxe.63s3jygpwlk25zye.if.v4.ipv6-exp.l.google.com/intl/en/ipv6/exp/iframe.html ist seit wenigen Tagen so. Habe leider kein Plan was das ist und was ich dagegen machen soll, trotz Internet recherche. OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.10.2011 18:43:54 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\*****\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 68,32% Memory free 7,99 Gb Paging File | 6,53 Gb Available in Paging File | 81,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,56 Gb Total Space | 53,22 Gb Free Space | 54,56% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 35,62 Gb Free Space | 24,32% Space Free | Partition Type: NTFS Drive E: | 221,61 Gb Total Space | 131,40 Gb Free Space | 59,29% Space Free | Partition Type: NTFS Drive G: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,17% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.10.22 18:38:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- E:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011.06.14 21:09:04 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) -- e:\Program Files (x86)\Secunia\PSI\psia.exe PRC - [2011.04.19 08:44:40 | 000,399,416 | ---- | M] (Secunia) -- e:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.09.08 19:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.10.04 22:31:05 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.09.08 13:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2011.08.27 21:16:32 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- e:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2011.06.14 21:09:04 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- e:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2011.04.19 08:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- e:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2011.01.13 19:23:02 | 000,129,440 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010.11.23 21:33:01 | 004,012,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.09.08 20:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.09.08 18:52:40 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.19 04:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.11.19 04:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.11.12 00:16:00 | 000,037,504 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2010.11.12 00:15:58 | 000,077,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010.11.11 08:37:32 | 000,408,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.09.29 23:19:58 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010.06.17 12:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010.04.27 04:25:22 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdm.sys -- (sscemdm) DRV:64bit: - [2010.04.27 04:25:22 | 000,129,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM) DRV:64bit: - [2010.04.27 04:25:22 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) DRV:64bit: - [2010.04.27 04:25:22 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl) DRV:64bit: - [2010.04.27 04:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2010.04.27 04:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV:64bit: - [2010.04.27 04:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2011.08.27 21:16:30 | 000,156,288 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- e:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 3B DE 24 96 19 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..keyword.URL: "hxxp://startsear.ch/?aff=1&src=sp&cf=90aa589c-f9bb-11e0-959d-6cf04972ee3a&q=" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: E:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.08.30 22:25:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components [2011.10.02 03:14:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.18 21:01:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.19 15:12:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.25 17:29:03 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components [2011.10.02 03:14:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.18 21:01:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.19 15:12:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.25 17:29:03 | 000,000,000 | ---D | M] [2011.04.14 16:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2011.04.14 16:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.10.17 13:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\vkfo8lu6.default\extensions [2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vkfo8lu6.default\searchplugins\startsear.xml () (No name found) -- C:\USERS\JANSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VKFO8LU6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\JANSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VKFO8LU6.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI O1 HOSTS File: ([2011.10.16 18:25:53 | 000,437,925 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15060 more lines... O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast5] E:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ICQ] E:\Program Files (x86)\Icq\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Program Files (x86)\Icq\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Program Files (x86)\Icq\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{663A91A8-D95E-4C38-B8A9-F0D631BD3832}: NameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - E:\Program Files (x86)\Secunia\PSI\psi_tray.exe - (Secunia) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AutoStartNPSAgent - hkey= - key= - E:\Program Files (x86)\NPS\NPSAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MsConfig:64bit - StartUpReg: Epson Stylus Photo PX820FWD(Netzwerk) - hkey= - key= - C:\Windows\SysNative\spool\DRIVERS\x64\3\E_IATIGXE.EXE (SEIKO EPSON CORPORATION) MsConfig:64bit - StartUpReg: FUFAXSTM - hkey= - key= - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - E:\Program Files (x86)\Icq\ICQ7.4\ICQ.exe (ICQ, LLC.) MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MsConfig:64bit - StartUpReg: SandboxieControl - hkey= - key= - e:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) MsConfig:64bit - StartUpReg: Skype - hkey= - key= - File not found MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.10.22 18:38:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2011.10.22 18:24:48 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\*****\Desktop\HiJackThis204.exe [2011.10.20 15:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.10.20 15:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2011.10.20 15:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2011.10.20 15:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011.10.20 15:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2011.10.20 15:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.10.18 21:55:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\ts3overlay [2011.10.18 21:01:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vShare.tv plugin [2011.10.17 23:34:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\CrashRpt [2011.10.17 23:34:25 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Arktos [2011.10.17 23:34:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Arktos [2011.10.13 19:19:29 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\PMB Files [2011.10.13 19:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.10.12 20:47:50 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Casper-Hin_Zur_Sonne [2011.10.12 20:47:01 | 000,000,000 | R--D | C] -- C:\Users\*****\Searches [2011.10.12 20:41:07 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Casper - XOXO [2011.10.09 23:16:12 | 000,000,000 | R--D | C] -- C:\Sandbox [2011.10.09 21:50:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.10.09 21:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie [2011.10.09 21:18:17 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Secunia PSI [2011.10.09 21:15:22 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\KeePass [2011.10.09 13:15:41 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2011.10.09 13:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.10.09 13:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.10.09 13:15:13 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.10.05 01:16:18 | 000,000,000 | ---D | C] -- C:\Users\*****\.dvdcss [2011.10.04 22:27:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2011.10.02 21:48:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steamless Counter Strike Source Pack [2011.10.02 03:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.10.02 03:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.10.01 01:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004 [2011.09.30 22:55:35 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2011.09.30 22:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake III Arena [2011.09.30 22:55:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quake III Arena [2011.09.30 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.03.13 11:26:20 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll ========== Files - Modified Within 30 Days ========== [2011.10.22 18:40:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.10.22 18:40:29 | 3218,939,904 | -HS- | M] () -- C:\hiberfil.sys [2011.10.22 18:39:22 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable [2011.10.22 18:38:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2011.10.22 18:24:50 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\*****\Desktop\HiJackThis204.exe [2011.10.22 16:04:03 | 009,999,517 | ---- | M] () -- C:\Users\*****\Desktop\Pitbull feat Ne Yo, Afrojack Nayer Give Me Everything Official Lyrics On Screen HQHD.mp3 [2011.10.22 16:01:13 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.10.22 16:01:13 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.10.20 15:55:06 | 000,011,703 | ---- | M] () -- C:\Users\*****\Desktop\wkm.ods [2011.10.17 20:28:27 | 000,000,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2011.10.17 20:28:27 | 000,000,828 | ---- | M] () -- C:\Users\*****\Desktop\LOL Recorder.lnk [2011.10.16 18:25:53 | 000,437,925 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011.10.16 14:07:43 | 000,024,424 | ---- | M] () -- C:\Users\*****\Desktop\Lösungen.lnk [2011.10.14 19:34:13 | 008,556,637 | ---- | M] () -- C:\Users\*****\Desktop\Die Atzen Strobo Pop mit Nena (Official Video HD) OUT NOW!.mp3 [2011.10.14 16:11:47 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.10.14 15:53:52 | 001,665,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.10.14 15:53:52 | 000,707,908 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.10.14 15:53:52 | 000,661,504 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.10.14 15:53:52 | 000,153,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.10.14 15:53:52 | 000,125,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.10.13 19:22:41 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.10.09 23:00:41 | 009,945,633 | ---- | M] () -- C:\Users\*****\Desktop\Casper Hin zur Sonne.mp3 [2011.10.09 22:52:02 | 014,318,433 | ---- | M] () -- C:\Users\*****\Desktop\Casper Alaska.mp3 [2011.10.09 22:33:40 | 010,769,313 | ---- | M] () -- C:\Users\*****\Desktop\Casper Michael X[1].mp3 [2011.10.09 22:32:43 | 010,769,313 | ---- | M] () -- C:\Users\*****\Desktop\Casper Michael X.mp3 [2011.10.09 22:27:34 | 009,640,353 | ---- | M] () -- C:\Users\*****\Desktop\Casper ft Thees Uhlmann XOXO.mp3 [2011.10.09 21:47:23 | 000,001,670 | ---- | M] () -- C:\Windows\Sandboxie.ini [2011.10.09 21:20:34 | 000,000,892 | ---- | M] () -- C:\Users\*****\Desktop\Sandboxed Web Browser.lnk [2011.10.09 21:19:48 | 000,002,350 | ---- | M] () -- C:\Users\*****\Desktop\NewDatabase.kdbx [2011.10.09 13:15:17 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.06 19:21:32 | 010,846,113 | ---- | M] () -- C:\Users\*****\Desktop\Coldplay Fix You [HD].mp3 [2011.10.05 23:09:10 | 000,437,925 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111016-182553.backup [2011.10.05 21:08:08 | 012,620,568 | ---- | M] () -- C:\Users\*****\Desktop\Casper KontrolleSchlaf (Lyric).mp3 [2011.10.05 21:01:20 | 008,841,633 | ---- | M] () -- C:\Users\*****\Desktop\Casper 230409.mp3 [2011.10.05 21:00:09 | 012,162,063 | ---- | M] () -- C:\Users\*****\Desktop\Casper Unzerbrechlich Video BlaCk_TiGer3 MyVideo.mp3 [2011.10.05 20:56:05 | 010,237,473 | ---- | M] () -- C:\Users\*****\Desktop\CASPER DER DRUCK STEIGT BLUT SEHEN.mp3 [2011.10.05 20:55:00 | 008,791,713 | ---- | M] () -- C:\Users\*****\Desktop\Casper Feat Marteria So Perfekt [HQ].mp3 [2011.10.02 03:28:15 | 000,437,695 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111005-230910.backup [2011.10.02 03:26:00 | 000,437,695 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111002-032815.backup [2011.10.02 02:34:09 | 008,431,128 | ---- | M] () -- C:\Users\*****\Desktop\David Guetta feat Flo Rida Nicki Minaj Where Them Girls At Lyrics video.mp3 ========== Files Created - No Company Name ========== [2011.10.22 18:39:22 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable [2011.10.22 16:03:52 | 009,999,517 | ---- | C] () -- C:\Users\*****\Desktop\Pitbull feat Ne Yo, Afrojack Nayer Give Me Everything Official Lyrics On Screen HQHD.mp3 [2011.10.17 20:28:27 | 000,000,828 | ---- | C] () -- C:\Users\*****\Desktop\LOL Recorder.lnk [2011.10.14 19:34:05 | 008,556,637 | ---- | C] () -- C:\Users\*****\Desktop\Die Atzen Strobo Pop mit Nena (Official Video HD) OUT NOW!.mp3 [2011.10.13 19:22:41 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.10.09 23:00:31 | 009,945,633 | ---- | C] () -- C:\Users\*****\Desktop\Casper Hin zur Sonne.mp3 [2011.10.09 22:51:49 | 014,318,433 | ---- | C] () -- C:\Users\*****\Desktop\Casper Alaska.mp3 [2011.10.09 22:33:28 | 010,769,313 | ---- | C] () -- C:\Users\*****\Desktop\Casper Michael X[1].mp3 [2011.10.09 22:32:31 | 010,769,313 | ---- | C] () -- C:\Users\*****\Desktop\Casper Michael X.mp3 [2011.10.09 22:27:24 | 009,640,353 | ---- | C] () -- C:\Users\*****\Desktop\Casper ft Thees Uhlmann XOXO.mp3 [2011.10.09 21:20:41 | 000,000,892 | ---- | C] () -- C:\Users\*****\Desktop\Sandboxed Web Browser.lnk [2011.10.09 21:20:39 | 000,001,670 | ---- | C] () -- C:\Windows\Sandboxie.ini [2011.10.09 21:19:47 | 000,002,350 | ---- | C] () -- C:\Users\*****\Desktop\NewDatabase.kdbx [2011.10.09 21:18:05 | 000,000,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2011.10.09 15:12:14 | 000,024,424 | ---- | C] () -- C:\Users\*****\Desktop\Lösungen.lnk [2011.10.09 13:15:17 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.06 19:21:20 | 010,846,113 | ---- | C] () -- C:\Users\*****\Desktop\Coldplay Fix You [HD].mp3 [2011.10.05 21:07:55 | 012,620,568 | ---- | C] () -- C:\Users\*****\Desktop\Casper KontrolleSchlaf (Lyric).mp3 [2011.10.05 21:01:11 | 008,841,633 | ---- | C] () -- C:\Users\*****\Desktop\Casper 230409.mp3 [2011.10.05 20:59:58 | 012,162,063 | ---- | C] () -- C:\Users\*****\Desktop\Casper Unzerbrechlich Video BlaCk_TiGer3 MyVideo.mp3 [2011.10.05 20:55:54 | 010,237,473 | ---- | C] () -- C:\Users\*****\Desktop\CASPER DER DRUCK STEIGT BLUT SEHEN.mp3 [2011.10.05 20:54:51 | 008,791,713 | ---- | C] () -- C:\Users\*****\Desktop\Casper Feat Marteria So Perfekt [HQ].mp3 [2011.10.02 02:34:00 | 008,431,128 | ---- | C] () -- C:\Users\*****\Desktop\David Guetta feat Flo Rida Nicki Minaj Where Them Girls At Lyrics video.mp3 [2011.09.14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.06.14 21:02:17 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.06.14 21:02:16 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.06.14 21:02:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.05.31 23:29:04 | 000,000,094 | ---- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2011.05.19 23:24:41 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll [2011.05.19 23:24:41 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll [2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.03.03 01:30:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.02.21 22:56:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.19 22:56:16 | 001,621,332 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2002.10.03 14:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini ========== LOP Check ========== [2011.07.17 21:26:54 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\.minecraft [2011.05.20 00:17:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\BugTrap Console Test108 [2011.06.01 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\elsterformular [2011.07.17 19:29:26 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Epson [2011.06.17 15:20:13 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\gamigoGr [2011.10.22 18:41:15 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2011.02.27 21:18:32 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ijjigame [2011.10.09 21:20:15 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\KeePass [2011.06.17 14:31:59 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\launcher [2011.04.14 20:08:48 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\LolClien [2011.04.19 19:35:59 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org [2011.03.14 01:42:29 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Samsung [2011.04.14 16:50:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird [2011.10.18 21:55:14 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ts3overlay [2011.07.08 17:18:16 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.07.10 22:18:59 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.01.19 21:50:48 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.10.20 15:21:14 | 000,000,000 | R--D | M] -- C:\Program Files [2011.10.20 15:22:00 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.10.20 15:26:37 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.01.19 21:50:48 | 000,000,000 | -HSD | M] -- C:\Programme [2011.01.19 21:50:48 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.10.09 23:16:12 | 000,000,000 | R--D | M] -- C:\Sandbox [2011.03.03 00:44:41 | 000,000,000 | ---D | M] -- C:\symbols [2011.10.22 18:45:11 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.04.14 16:38:51 | 000,000,000 | R--D | M] -- C:\Users [2011.10.20 15:26:42 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.08.30 22:47:08 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\*****\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@SYSTEM@\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2010.03.09 15:42:45 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010.03.09 15:36:22 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.03.09 15:42:45 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2010.03.09 15:36:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2010.03.09 15:42:45 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2010.03.09 15:36:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2010.03.09 15:42:45 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2010.03.09 15:36:22 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2010.03.09 15:42:45 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2010.03.09 15:42:45 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.10.2011 18:43:54 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\*****\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 68,32% Memory free
7,99 Gb Paging File | 6,53 Gb Available in Paging File | 81,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 53,22 Gb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 35,62 Gb Free Space | 24,32% Space Free | Partition Type: NTFS
Drive E: | 221,61 Gb Total Space | 131,40 Gb Free Space | 59,29% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,17% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0CC44ABB-62F1-FDA7-02C8-DCCC2A239DDE}" = AMD Fuel
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{44E3AB6B-453B-8DAE-9777-1C48F5AB8965}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}" = Debugging Tools for Windows (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"EPSON PX820FWD Series" = EPSON PX820FWD Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Sandboxie" = Sandboxie 3.58 (64-bit)
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 2.9.0
"{5EB3F5E2-1533-42D2-97C2-E0BA06CA6939}" = GenesisAD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Combat Arms EU" = Combat Arms EU
"Debut" = Debut Video Capture Software
"DivX Setup" = DivX-Setup
"ElsterFormular für Privatanwender 12.2.1.6570p" = ElsterFormular für Privatanwender
"EPSON PX820FWD Series Manual" = EPSON PX820FWD Series Handbuch
"EPSON PX820FWD Series Network Guide" = EPSON PX820FWD Series Netzwerk-Handbuch
"EPSON Scanner" = EPSON Scan
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KaloMa_is1" = KaloMa 4.92
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"PhotoStitch" = Canon Utilities PhotoStitch
"PunkBusterSvc" = PunkBuster Services
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SopCast" = SopCast 3.3.2
"Steam App 10" = Counter-Strike
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steamless Counter Strike Source Pack" = Steamless Counter Strike Source Pack
"UT2004" = Unreal Tournament 2004
"VLC media player" = VLC media player 1.1.9
"vShare.tv plugin" = vShare.tv plugin 1.3
"World of Warcraft" = World of Warcraft
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.10.2011 08:53:01 | Computer Name = ***** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "e:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"e:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 17.10.2011 14:24:04 | Computer Name = ***** | Source = Application Hang | ID = 1002
Description = Programm LOLRecorder.exe, Version 1.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1264 Startzeit:
01cc8cf4b93f1216 Endzeit: 3 Anwendungspfad: E:\Program Files (x86)\LOLReplay\LOLRecorder.exe
Berichts-ID:
2fd9e659-f8ed-11e0-96c4-6cf04972ee3a
Error - 17.10.2011 17:24:37 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rsupdate.exe.new.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e933ba0 Name des fehlerhaften Moduls: steam.dll, Version: 2.0.1210.574,
Zeitstempel: 0x4e8cc0ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x00169608 ID des fehlerhaften
Prozesses: 0x1618 Startzeit der fehlerhaften Anwendung: 0x01cc8d132bc0c106 Pfad der
fehlerhaften Anwendung: E:\games\steam\steamapps\common\warincbattlezone\rsupdate.exe.new.exe
Pfad
des fehlerhaften Moduls: E:\games\steam\steam.dll Berichtskennung: 6a4f6ea0-f906-11e0-96c4-6cf04972ee3a
Error - 17.10.2011 19:40:37 | Computer Name =***** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "e:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"e:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 18.10.2011 06:04:31 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 2.5.0.16600,
Zeitstempel: 0x4ca30e16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000121da ID des fehlerhaften
Prozesses: 0xdac Startzeit der fehlerhaften Anwendung: 0x01cc8d726f5ed475 Pfad der
fehlerhaften Anwendung: E:\games\leauge of legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.90\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: E:\games\leauge of legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.90\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 92546cf1-f970-11e0-959d-6cf04972ee3a
Error - 18.10.2011 06:07:16 | Computer Name = ***** | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: b54 Startzeit: 01cc8d7d9b7e194f Endzeit: 4 Anwendungspfad: E:\games\leauge
of legends\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: e59b64db-f970-11e0-959d-6cf04972ee3a
Error - 18.10.2011 06:07:36 | Computer Name = ***** | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 624 Startzeit: 01cc8d7db92615f9 Endzeit: 3 Anwendungspfad: E:\games\leauge
of legends\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: ff6e5657-f970-11e0-959d-6cf04972ee3a
Error - 18.10.2011 18:57:21 | Computer Name = ***** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "e:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"e:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 19.10.2011 18:35:12 | Computer Name = ***** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "e:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"e:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 20.10.2011 18:32:33 | Computer Name = *****| Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "e:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"e:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
[ Media Center Events ]
Error - 26.03.2011 15:40:59 | Computer Name = ***** | Source = MCUpdate | ID = 0
Description = 20:40:59 - Fehler beim Herstellen der Internetverbindung. 20:40:59
- Serververbindung konnte nicht hergestellt werden..
Error - 26.03.2011 15:41:32 | Computer Name = ***** | Source = MCUpdate | ID = 0
Description = 20:41:28 - Fehler beim Herstellen der Internetverbindung. 20:41:28
- Serververbindung konnte nicht hergestellt werden..
Error - 27.03.2011 18:04:43 | Computer Name = ***** | Source = MCUpdate | ID = 0
Description = 00:04:43 - Fehler beim Herstellen der Internetverbindung. 00:04:43
- Serververbindung konnte nicht hergestellt werden..
Error - 27.03.2011 18:05:15 | Computer Name =***** | Source = MCUpdate | ID = 0
Description = 00:05:12 - Fehler beim Herstellen der Internetverbindung. 00:05:12
- Serververbindung konnte nicht hergestellt werden..
Error - 27.03.2011 19:05:58 | Computer Name = ***** | Source = MCUpdate | ID = 0
Description = 01:05:57 - Fehler beim Herstellen der Internetverbindung. 01:05:57
- Serververbindung konnte nicht hergestellt werden..
Error - 27.03.2011 19:06:27 | Computer Name = ***** | Source = MCUpdate | ID = 0
Description = 01:06:27 - Fehler beim Herstellen der Internetverbindung. 01:06:27
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 04.10.2011 16:25:58 | Computer Name = ***** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\e:\Program
Files (x86)\Unlocker\UnlockerDriver5.sys nicht geladen. Wenden Sie sich an den
Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error - 04.10.2011 16:25:58 | Computer Name = ***** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\e:\Program
Files (x86)\Unlocker\UnlockerDriver5.sys nicht geladen. Wenden Sie sich an den
Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error - 04.10.2011 16:26:42 | Computer Name = ***** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\e:\Program
Files (x86)\Unlocker\UnlockerDriver5.sys nicht geladen. Wenden Sie sich an den
Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error - 04.10.2011 16:26:42 | Computer Name =***** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\e:\Program
Files (x86)\Unlocker\UnlockerDriver5.sys nicht geladen. Wenden Sie sich an den
Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error - 09.10.2011 06:54:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SBSD Security Center Service erreicht.
Error - 09.10.2011 06:54:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 15.10.2011 13:30:24 | Computer Name = ***** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?10.?2011 um 19:45:50 unerwartet heruntergefahren.
Error - 17.10.2011 11:39:24 | Computer Name = ***** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 17.10.2011 11:39:24 | Computer Name = ***** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 20.10.2011 09:26:54 | Computer Name = ***** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst WMPNetworkSvc erreicht.
< End of report >
Geändert von minman (22.10.2011 um 18:07 Uhr) |
|
22.10.2011, 18:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox Tab öffnet sich automatisch Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ |
|
23.10.2011, 00:01
| #3 |
| | Firefox Tab öffnet sich automatisch Beide haben nichts gefunden....
__________________eset: ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=d090cedc01749f46aeb2f668581c9f3f # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-10-22 09:27:11 # local_time=2011-10-22 11:27:11 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=768 16777215 100 0 0 0 0 0 # compatibility_mode=5893 16776573 100 94 0 70946262 0 0 # compatibility_mode=8192 67108863 100 0 4203 4203 0 0 # scanned=121018 # found=0 # cleaned=0 # scan_time=2419 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=d090cedc01749f46aeb2f668581c9f3f # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-10-22 10:55:08 # local_time=2011-10-23 12:55:08 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=768 16777215 100 0 0 0 0 0 # compatibility_mode=5893 16776573 100 94 197 70949717 0 0 # compatibility_mode=8192 67108863 100 0 7658 7658 0 0 # scanned=255367 # found=0 # cleaned=0 # scan_time=4241 |
|
23.10.2011, 18:25
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatisch Das Log von Malwarebytes möchte ich trotzdem sehen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.10.2011, 21:10
| #5 |
| | Firefox Tab öffnet sich automatisch Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8000 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 22.10.2011 20:08:57 mbam-log-2011-10-22 (20-08-57).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|) Durchsuchte Objekte: 418232 Laufzeit: 59 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
24.10.2011, 10:03
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatisch Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 3B DE 24 96 19 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=90aa589c-f9bb-11e0-959d-6cf04972ee3a&q="
FF - prefs.js..network.proxy.type: 0
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ --> Firefox Tab öffnet sich automatisch |
|
24.10.2011, 12:53
| #7 |
| | Firefox Tab öffnet sich automatisch All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! Prefs.js: "Web Search" removed from browser.search.defaultengine Prefs.js: "Web Search" removed from browser.search.defaultenginename Prefs.js: "Web Search" removed from browser.search.order.1 Prefs.js: "hxxp://startsear.ch/?aff=1&src=sp&cf=90aa589c-f9bb-11e0-959d-6cf04972ee3a&q=" removed from keyword.URL Prefs.js: 0 removed from network.proxy.type ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: ****** ->Temp folder emptied: 188866141 bytes ->Temporary Internet Files folder emptied: 52441070 bytes ->Java cache emptied: 547338 bytes ->FireFox cache emptied: 76882860 bytes ->Flash cache emptied: 929 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1704542 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 306,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 10242011_134746 Files\Folders moved on Reboot... C:\Users\*****\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Geändert von minman (24.10.2011 um 13:00 Uhr) |
|
24.10.2011, 13:36
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatisch Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2011, 14:24
| #9 |
| | Firefox Tab öffnet sich automatisch 15:19:47.0736 4964 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48 15:19:47.0795 4964 ============================================================ 15:19:47.0795 4964 Current date / time: 2011/10/24 15:19:47.0795 15:19:47.0795 4964 SystemInfo: 15:19:47.0795 4964 15:19:47.0795 4964 OS Version: 6.1.7601 ServicePack: 1.0 15:19:47.0795 4964 Product type: Workstation 15:19:47.0795 4964 ComputerName: ******* 15:19:47.0795 4964 UserName: ***** 15:19:47.0795 4964 Windows directory: C:\Windows 15:19:47.0795 4964 System windows directory: C:\Windows 15:19:47.0795 4964 Running under WOW64 15:19:47.0795 4964 Processor architecture: Intel x64 15:19:47.0795 4964 Number of processors: 4 15:19:47.0795 4964 Page size: 0x1000 15:19:47.0795 4964 Boot type: Normal boot 15:19:47.0795 4964 ============================================================ 15:19:48.0075 4964 Initialize success 15:21:03.0113 4092 ============================================================ 15:21:03.0113 4092 Scan started 15:21:03.0113 4092 Mode: Manual; SigCheck; TDLFS; 15:21:03.0113 4092 ============================================================ 15:21:04.0205 4092 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:21:04.0268 4092 1394ohci - ok 15:21:04.0315 4092 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:21:04.0361 4092 ACPI - ok 15:21:04.0393 4092 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:21:04.0439 4092 AcpiPmi - ok 15:21:04.0533 4092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:21:04.0580 4092 adp94xx - ok 15:21:04.0611 4092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:21:04.0627 4092 adpahci - ok 15:21:04.0642 4092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:21:04.0658 4092 adpu320 - ok 15:21:04.0720 4092 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 15:21:04.0767 4092 AFD - ok 15:21:04.0814 4092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:21:04.0861 4092 agp440 - ok 15:21:04.0907 4092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:21:04.0939 4092 aliide - ok 15:21:05.0001 4092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:21:05.0032 4092 amdide - ok 15:21:05.0063 4092 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 15:21:05.0110 4092 amdiox64 - ok 15:21:05.0157 4092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:21:05.0188 4092 AmdK8 - ok 15:21:05.0375 4092 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys 15:21:05.0578 4092 amdkmdag - ok 15:21:05.0703 4092 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys 15:21:05.0765 4092 amdkmdap - ok 15:21:05.0797 4092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:21:05.0843 4092 AmdPPM - ok 15:21:05.0875 4092 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:21:05.0906 4092 amdsata - ok 15:21:05.0937 4092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:21:05.0953 4092 amdsbs - ok 15:21:05.0968 4092 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:21:05.0984 4092 amdxata - ok 15:21:06.0015 4092 amd_sata (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\DRIVERS\amd_sata.sys 15:21:06.0031 4092 amd_sata - ok 15:21:06.0062 4092 amd_xata (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\DRIVERS\amd_xata.sys 15:21:06.0062 4092 amd_xata - ok 15:21:06.0155 4092 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 15:21:06.0187 4092 AODDriver4.01 - ok 15:21:06.0233 4092 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:21:06.0296 4092 AppID - ok 15:21:06.0327 4092 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:21:06.0327 4092 arc - ok 15:21:06.0343 4092 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:21:06.0358 4092 arcsas - ok 15:21:06.0389 4092 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys 15:21:06.0405 4092 aswFsBlk - ok 15:21:06.0436 4092 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys 15:21:06.0452 4092 aswMonFlt - ok 15:21:06.0452 4092 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys 15:21:06.0467 4092 aswRdr - ok 15:21:06.0499 4092 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys 15:21:06.0530 4092 aswSnx - ok 15:21:06.0545 4092 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys 15:21:06.0561 4092 aswSP - ok 15:21:06.0577 4092 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys 15:21:06.0577 4092 aswTdi - ok 15:21:06.0608 4092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:21:06.0639 4092 AsyncMac - ok 15:21:06.0670 4092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:21:06.0701 4092 atapi - ok 15:21:06.0733 4092 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys 15:21:06.0748 4092 AtiHDAudioService - ok 15:21:06.0779 4092 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys 15:21:06.0811 4092 AtiPcie - ok 15:21:06.0873 4092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:21:06.0904 4092 b06bdrv - ok 15:21:06.0920 4092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:21:06.0951 4092 b57nd60a - ok 15:21:06.0967 4092 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:21:07.0013 4092 Beep - ok 15:21:07.0045 4092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:21:07.0091 4092 blbdrive - ok 15:21:07.0107 4092 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:21:07.0138 4092 bowser - ok 15:21:07.0154 4092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:21:07.0185 4092 BrFiltLo - ok 15:21:07.0185 4092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:21:07.0201 4092 BrFiltUp - ok 15:21:07.0216 4092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:21:07.0247 4092 Brserid - ok 15:21:07.0247 4092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:21:07.0263 4092 BrSerWdm - ok 15:21:07.0279 4092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:21:07.0279 4092 BrUsbMdm - ok 15:21:07.0294 4092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:21:07.0310 4092 BrUsbSer - ok 15:21:07.0310 4092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:21:07.0325 4092 BTHMODEM - ok 15:21:07.0341 4092 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:21:07.0372 4092 cdfs - ok 15:21:07.0419 4092 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 15:21:07.0466 4092 cdrom - ok 15:21:07.0497 4092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:21:07.0544 4092 circlass - ok 15:21:07.0575 4092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:21:07.0606 4092 CLFS - ok 15:21:07.0622 4092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:21:07.0653 4092 CmBatt - ok 15:21:07.0684 4092 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:21:07.0684 4092 cmdide - ok 15:21:07.0715 4092 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 15:21:07.0747 4092 CNG - ok 15:21:07.0778 4092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:21:07.0793 4092 Compbatt - ok 15:21:07.0825 4092 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:21:07.0871 4092 CompositeBus - ok 15:21:07.0887 4092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:21:07.0903 4092 crcdisk - ok 15:21:07.0934 4092 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 15:21:07.0965 4092 CSC - ok 15:21:08.0012 4092 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:21:08.0074 4092 DfsC - ok 15:21:08.0090 4092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:21:08.0121 4092 discache - ok 15:21:08.0137 4092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:21:08.0152 4092 Disk - ok 15:21:08.0183 4092 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:21:08.0230 4092 drmkaud - ok 15:21:08.0277 4092 dump_wmimmc - ok 15:21:08.0339 4092 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:21:08.0386 4092 DXGKrnl - ok 15:21:08.0417 4092 EagleX64 - ok 15:21:08.0495 4092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:21:08.0542 4092 ebdrv - ok 15:21:08.0573 4092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:21:08.0589 4092 elxstor - ok 15:21:08.0620 4092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:21:08.0636 4092 ErrDev - ok 15:21:08.0651 4092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:21:08.0683 4092 exfat - ok 15:21:08.0698 4092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:21:08.0745 4092 fastfat - ok 15:21:08.0776 4092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:21:08.0839 4092 fdc - ok 15:21:08.0870 4092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:21:08.0901 4092 FileInfo - ok 15:21:08.0917 4092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:21:08.0963 4092 Filetrace - ok 15:21:08.0963 4092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:21:08.0979 4092 flpydisk - ok 15:21:09.0026 4092 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:21:09.0026 4092 FltMgr - ok 15:21:09.0057 4092 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:21:09.0057 4092 FsDepends - ok 15:21:09.0073 4092 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:21:09.0088 4092 Fs_Rec - ok 15:21:09.0119 4092 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:21:09.0166 4092 fvevol - ok 15:21:09.0182 4092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:21:09.0197 4092 gagp30kx - ok 15:21:09.0213 4092 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:21:09.0229 4092 hamachi - ok 15:21:09.0244 4092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:21:09.0244 4092 hcw85cir - ok 15:21:09.0291 4092 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:21:09.0338 4092 HdAudAddService - ok 15:21:09.0369 4092 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:21:09.0400 4092 HDAudBus - ok 15:21:09.0400 4092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:21:09.0431 4092 HidBatt - ok 15:21:09.0447 4092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:21:09.0478 4092 HidBth - ok 15:21:09.0494 4092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:21:09.0509 4092 HidIr - ok 15:21:09.0541 4092 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:21:09.0587 4092 HidUsb - ok 15:21:09.0634 4092 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:21:09.0650 4092 HpSAMD - ok 15:21:09.0697 4092 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:21:09.0759 4092 HTTP - ok 15:21:09.0790 4092 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:21:09.0806 4092 hwpolicy - ok 15:21:09.0821 4092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:21:09.0837 4092 i8042prt - ok 15:21:09.0868 4092 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:21:09.0884 4092 iaStorV - ok 15:21:09.0899 4092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:21:09.0915 4092 iirsp - ok 15:21:10.0009 4092 IntcAzAudAddService (0b21b66574e5478fa10cca2d36694c2d) C:\Windows\system32\drivers\RTKVHD64.sys 15:21:10.0055 4092 IntcAzAudAddService - ok 15:21:10.0071 4092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:21:10.0071 4092 intelide - ok 15:21:10.0087 4092 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:21:10.0102 4092 intelppm - ok 15:21:10.0133 4092 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:21:10.0196 4092 IpFilterDriver - ok 15:21:10.0227 4092 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:21:10.0274 4092 IPMIDRV - ok 15:21:10.0274 4092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:21:10.0321 4092 IPNAT - ok 15:21:10.0336 4092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:21:10.0367 4092 IRENUM - ok 15:21:10.0383 4092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:21:10.0399 4092 isapnp - ok 15:21:10.0430 4092 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:21:10.0445 4092 iScsiPrt - ok 15:21:10.0461 4092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:21:10.0461 4092 kbdclass - ok 15:21:10.0492 4092 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:21:10.0539 4092 kbdhid - ok 15:21:10.0555 4092 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 15:21:10.0570 4092 KSecDD - ok 15:21:10.0617 4092 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 15:21:10.0617 4092 KSecPkg - ok 15:21:10.0633 4092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:21:10.0711 4092 ksthunk - ok 15:21:10.0742 4092 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:21:10.0773 4092 lltdio - ok 15:21:10.0804 4092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:21:10.0820 4092 LSI_FC - ok 15:21:10.0835 4092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:21:10.0835 4092 LSI_SAS - ok 15:21:10.0851 4092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:21:10.0851 4092 LSI_SAS2 - ok 15:21:10.0882 4092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:21:10.0882 4092 LSI_SCSI - ok 15:21:10.0898 4092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:21:10.0976 4092 luafv - ok 15:21:10.0991 4092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:21:10.0991 4092 megasas - ok 15:21:11.0007 4092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:21:11.0023 4092 MegaSR - ok 15:21:11.0038 4092 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:21:11.0069 4092 Modem - ok 15:21:11.0101 4092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:21:11.0147 4092 monitor - ok 15:21:11.0163 4092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:21:11.0179 4092 mouclass - ok 15:21:11.0179 4092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:21:11.0210 4092 mouhid - ok 15:21:11.0225 4092 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:21:11.0241 4092 mountmgr - ok 15:21:11.0272 4092 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:21:11.0288 4092 mpio - ok 15:21:11.0303 4092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:21:11.0350 4092 mpsdrv - ok 15:21:11.0381 4092 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:21:11.0413 4092 MRxDAV - ok 15:21:11.0444 4092 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:21:11.0475 4092 mrxsmb - ok 15:21:11.0491 4092 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:21:11.0506 4092 mrxsmb10 - ok 15:21:11.0537 4092 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:21:11.0553 4092 mrxsmb20 - ok 15:21:11.0553 4092 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:21:11.0569 4092 msahci - ok 15:21:11.0584 4092 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:21:11.0584 4092 msdsm - ok 15:21:11.0615 4092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:21:11.0662 4092 Msfs - ok 15:21:11.0678 4092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:21:11.0709 4092 mshidkmdf - ok 15:21:11.0725 4092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:21:11.0740 4092 msisadrv - ok 15:21:11.0771 4092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:21:11.0803 4092 MSKSSRV - ok 15:21:11.0818 4092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:21:11.0849 4092 MSPCLOCK - ok 15:21:11.0849 4092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:21:11.0881 4092 MSPQM - ok 15:21:11.0912 4092 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:21:11.0927 4092 MsRPC - ok 15:21:11.0943 4092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:21:11.0943 4092 mssmbios - ok 15:21:11.0959 4092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:21:11.0974 4092 MSTEE - ok 15:21:11.0990 4092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:21:12.0005 4092 MTConfig - ok 15:21:12.0037 4092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:21:12.0037 4092 Mup - ok 15:21:12.0068 4092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:21:12.0083 4092 NativeWifiP - ok 15:21:12.0130 4092 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:21:12.0177 4092 NDIS - ok 15:21:12.0193 4092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:21:12.0208 4092 NdisCap - ok 15:21:12.0239 4092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:21:12.0302 4092 NdisTapi - ok 15:21:12.0333 4092 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:21:12.0395 4092 Ndisuio - ok 15:21:12.0411 4092 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:21:12.0442 4092 NdisWan - ok 15:21:12.0473 4092 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:21:12.0536 4092 NDProxy - ok 15:21:12.0551 4092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:21:12.0583 4092 NetBIOS - ok 15:21:12.0614 4092 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:21:12.0645 4092 NetBT - ok 15:21:12.0661 4092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:21:12.0676 4092 nfrd960 - ok 15:21:12.0707 4092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:21:12.0739 4092 Npfs - ok 15:21:12.0785 4092 NPPTNT2 - ok 15:21:12.0817 4092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:21:12.0848 4092 nsiproxy - ok 15:21:12.0895 4092 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:21:12.0926 4092 Ntfs - ok 15:21:12.0941 4092 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:21:12.0973 4092 Null - ok 15:21:13.0019 4092 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:21:13.0051 4092 nusb3hub - ok 15:21:13.0082 4092 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:21:13.0097 4092 nusb3xhc - ok 15:21:13.0129 4092 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:21:13.0144 4092 nvraid - ok 15:21:13.0160 4092 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:21:13.0175 4092 nvstor - ok 15:21:13.0191 4092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:21:13.0222 4092 nv_agp - ok 15:21:13.0253 4092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:21:13.0300 4092 ohci1394 - ok 15:21:13.0331 4092 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:21:13.0347 4092 Parport - ok 15:21:13.0378 4092 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 15:21:13.0409 4092 partmgr - ok 15:21:13.0425 4092 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:21:13.0441 4092 pci - ok 15:21:13.0456 4092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:21:13.0472 4092 pciide - ok 15:21:13.0487 4092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:21:13.0503 4092 pcmcia - ok 15:21:13.0534 4092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:21:13.0534 4092 pcw - ok 15:21:13.0565 4092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:21:13.0628 4092 PEAUTH - ok 15:21:13.0675 4092 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:21:13.0721 4092 PptpMiniport - ok 15:21:13.0721 4092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:21:13.0737 4092 Processor - ok 15:21:13.0768 4092 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:21:13.0831 4092 Psched - ok 15:21:13.0877 4092 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 15:21:13.0909 4092 PSI - ok 15:21:13.0955 4092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:21:14.0002 4092 ql2300 - ok 15:21:14.0018 4092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:21:14.0033 4092 ql40xx - ok 15:21:14.0080 4092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:21:14.0143 4092 QWAVEdrv - ok 15:21:14.0158 4092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:21:14.0221 4092 RasAcd - ok 15:21:14.0252 4092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:21:14.0283 4092 RasAgileVpn - ok 15:21:14.0314 4092 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:21:14.0377 4092 Rasl2tp - ok 15:21:14.0392 4092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:21:14.0423 4092 RasPppoe - ok 15:21:14.0439 4092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:21:14.0470 4092 RasSstp - ok 15:21:14.0501 4092 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:21:14.0517 4092 rdbss - ok 15:21:14.0548 4092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:21:14.0595 4092 rdpbus - ok 15:21:14.0611 4092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:21:14.0657 4092 RDPCDD - ok 15:21:14.0673 4092 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 15:21:14.0689 4092 RDPDR - ok 15:21:14.0704 4092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:21:14.0735 4092 RDPENCDD - ok 15:21:14.0751 4092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:21:14.0767 4092 RDPREFMP - ok 15:21:14.0813 4092 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 15:21:14.0813 4092 RdpVideoMiniport - ok 15:21:14.0845 4092 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 15:21:14.0907 4092 RDPWD - ok 15:21:14.0938 4092 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:21:14.0954 4092 rdyboost - ok 15:21:14.0985 4092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:21:15.0016 4092 rspndr - ok 15:21:15.0047 4092 RTL8167 (fcaf9c2c9eadf8f397c3350760ef500f) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:21:15.0063 4092 RTL8167 - ok 15:21:15.0079 4092 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 15:21:15.0094 4092 s3cap - ok 15:21:15.0188 4092 SbieDrv (742112ce7abb11dc17a561b4291be9c6) e:\Program Files\Sandboxie\SbieDrv.sys 15:21:15.0219 4092 SbieDrv - ok 15:21:15.0250 4092 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:21:15.0266 4092 sbp2port - ok 15:21:15.0328 4092 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:21:15.0359 4092 scfilter - ok 15:21:15.0406 4092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:21:15.0437 4092 secdrv - ok 15:21:15.0469 4092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:21:15.0484 4092 Serenum - ok 15:21:15.0484 4092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:21:15.0515 4092 Serial - ok 15:21:15.0531 4092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:21:15.0578 4092 sermouse - ok 15:21:15.0609 4092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:21:15.0640 4092 sffdisk - ok 15:21:15.0640 4092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:21:15.0671 4092 sffp_mmc - ok 15:21:15.0671 4092 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:21:15.0687 4092 sffp_sd - ok 15:21:15.0718 4092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:21:15.0765 4092 sfloppy - ok 15:21:15.0781 4092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:21:15.0796 4092 SiSRaid2 - ok 15:21:15.0812 4092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:21:15.0812 4092 SiSRaid4 - ok 15:21:15.0827 4092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:21:15.0874 4092 Smb - ok 15:21:15.0905 4092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:21:15.0905 4092 spldr - ok 15:21:15.0952 4092 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:21:15.0983 4092 srv - ok 15:21:15.0999 4092 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:21:16.0015 4092 srv2 - ok 15:21:16.0030 4092 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:21:16.0046 4092 srvnet - ok 15:21:16.0077 4092 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys 15:21:16.0124 4092 sscdbus - ok 15:21:16.0124 4092 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys 15:21:16.0139 4092 sscdmdfl - ok 15:21:16.0171 4092 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys 15:21:16.0186 4092 sscdmdm - ok 15:21:16.0217 4092 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys 15:21:16.0233 4092 sscebus - ok 15:21:16.0264 4092 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys 15:21:16.0280 4092 sscemdfl - ok 15:21:16.0295 4092 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys 15:21:16.0295 4092 sscemdm - ok 15:21:16.0327 4092 ssceserd (db504ef6d73f6b8ab5cf8a18560c4e2a) C:\Windows\system32\DRIVERS\ssceserd.sys 15:21:16.0342 4092 ssceserd - ok 15:21:16.0373 4092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:21:16.0373 4092 stexstor - ok 15:21:16.0420 4092 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 15:21:16.0451 4092 storflt - ok 15:21:16.0467 4092 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 15:21:16.0483 4092 storvsc - ok 15:21:16.0498 4092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:21:16.0514 4092 swenum - ok 15:21:16.0514 4092 Synth3dVsc - ok 15:21:16.0561 4092 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 15:21:16.0592 4092 Tcpip - ok 15:21:16.0623 4092 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 15:21:16.0639 4092 TCPIP6 - ok 15:21:16.0685 4092 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:21:16.0763 4092 tcpipreg - ok 15:21:16.0763 4092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:21:16.0810 4092 TDPIPE - ok 15:21:16.0810 4092 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:21:16.0841 4092 TDTCP - ok 15:21:16.0873 4092 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:21:16.0904 4092 tdx - ok 15:21:16.0919 4092 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:21:16.0935 4092 TermDD - ok 15:21:16.0982 4092 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys 15:21:17.0013 4092 TFsExDisk - ok 15:21:17.0060 4092 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:21:17.0107 4092 tssecsrv - ok 15:21:17.0122 4092 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:21:17.0153 4092 TsUsbFlt - ok 15:21:17.0153 4092 tsusbhub - ok 15:21:17.0185 4092 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:21:17.0247 4092 tunnel - ok 15:21:17.0263 4092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:21:17.0263 4092 uagp35 - ok 15:21:17.0294 4092 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:21:17.0325 4092 udfs - ok 15:21:17.0341 4092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:21:17.0356 4092 uliagpkx - ok 15:21:17.0387 4092 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:21:17.0403 4092 umbus - ok 15:21:17.0434 4092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:21:17.0450 4092 UmPass - ok 15:21:17.0512 4092 UnlockerDriver5 (9dc07e73a4abb9acf692113b36a5009f) e:\Program Files\Unlocker\UnlockerDriver5.sys 15:21:17.0528 4092 UnlockerDriver5 - ok 15:21:17.0559 4092 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 15:21:17.0590 4092 usbccgp - ok 15:21:17.0621 4092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:21:17.0637 4092 usbcir - ok 15:21:17.0668 4092 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:21:17.0684 4092 usbehci - ok 15:21:17.0715 4092 usbfilter (917a716639c8ff1c396d4b13889552d8) C:\Windows\system32\DRIVERS\usbfilter.sys 15:21:17.0715 4092 usbfilter - ok 15:21:17.0731 4092 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:21:17.0762 4092 usbhub - ok 15:21:17.0777 4092 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 15:21:17.0793 4092 usbohci - ok 15:21:17.0809 4092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:21:17.0840 4092 usbprint - ok 15:21:17.0855 4092 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:21:17.0887 4092 usbscan - ok 15:21:17.0902 4092 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:21:17.0933 4092 USBSTOR - ok 15:21:17.0949 4092 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:21:17.0965 4092 usbuhci - ok 15:21:18.0011 4092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:21:18.0027 4092 vdrvroot - ok 15:21:18.0058 4092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:21:18.0074 4092 vga - ok 15:21:18.0089 4092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:21:18.0121 4092 VgaSave - ok 15:21:18.0136 4092 VGPU - ok 15:21:18.0183 4092 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:21:18.0214 4092 vhdmp - ok 15:21:18.0245 4092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:21:18.0245 4092 viaide - ok 15:21:18.0277 4092 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 15:21:18.0292 4092 vmbus - ok 15:21:18.0308 4092 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 15:21:18.0323 4092 VMBusHID - ok 15:21:18.0339 4092 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:21:18.0355 4092 volmgr - ok 15:21:18.0386 4092 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:21:18.0401 4092 volmgrx - ok 15:21:18.0433 4092 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:21:18.0448 4092 volsnap - ok 15:21:18.0464 4092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:21:18.0479 4092 vsmraid - ok 15:21:18.0511 4092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 15:21:18.0542 4092 vwifibus - ok 15:21:18.0573 4092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:21:18.0589 4092 WacomPen - ok 15:21:18.0604 4092 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:21:18.0651 4092 WANARP - ok 15:21:18.0667 4092 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:21:18.0682 4092 Wanarpv6 - ok 15:21:18.0698 4092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:21:18.0713 4092 Wd - ok 15:21:18.0745 4092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:21:18.0760 4092 Wdf01000 - ok 15:21:18.0791 4092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:21:18.0807 4092 WfpLwf - ok 15:21:18.0823 4092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:21:18.0838 4092 WIMMount - ok 15:21:18.0885 4092 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:21:18.0932 4092 WinUsb - ok 15:21:18.0963 4092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:21:18.0979 4092 WmiAcpi - ok 15:21:19.0010 4092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:21:19.0072 4092 ws2ifsl - ok 15:21:19.0103 4092 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:21:19.0166 4092 WudfPf - ok 15:21:19.0181 4092 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:21:19.0213 4092 WUDFRd - ok 15:21:19.0275 4092 X6va002 - ok 15:21:19.0291 4092 X6va005 - ok 15:21:19.0306 4092 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:21:19.0353 4092 \Device\Harddisk0\DR0 - ok 15:21:19.0353 4092 Boot (0x1200) (7f19f660614eeb2f5e1b2548f318bff0) \Device\Harddisk0\DR0\Partition0 15:21:19.0353 4092 \Device\Harddisk0\DR0\Partition0 - ok 15:21:19.0384 4092 Boot (0x1200) (557724867055e57b98b37ee736dbce4a) \Device\Harddisk0\DR0\Partition1 15:21:19.0384 4092 \Device\Harddisk0\DR0\Partition1 - ok 15:21:19.0415 4092 Boot (0x1200) (155a065b1dad48ef717f8726d210db79) \Device\Harddisk0\DR0\Partition2 15:21:19.0415 4092 \Device\Harddisk0\DR0\Partition2 - ok 15:21:19.0431 4092 Boot (0x1200) (733ebcd7c249cb8a3f8b717d514f1d2e) \Device\Harddisk0\DR0\Partition3 15:21:19.0431 4092 \Device\Harddisk0\DR0\Partition3 - ok 15:21:19.0431 4092 ============================================================ 15:21:19.0431 4092 Scan finished 15:21:19.0431 4092 ============================================================ 15:21:19.0462 3960 Detected object count: 0 15:21:19.0462 3960 Actual detected object count: 0 15:21:48.0744 4352 ============================================================ 15:21:48.0744 4352 Scan started 15:21:48.0744 4352 Mode: Manual; SigCheck; TDLFS; 15:21:48.0744 4352 ============================================================ 15:21:49.0118 4352 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:21:49.0149 4352 1394ohci - ok 15:21:49.0180 4352 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:21:49.0180 4352 ACPI - ok 15:21:49.0196 4352 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:21:49.0212 4352 AcpiPmi - ok 15:21:49.0243 4352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:21:49.0258 4352 adp94xx - ok 15:21:49.0274 4352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:21:49.0290 4352 adpahci - ok 15:21:49.0305 4352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:21:49.0321 4352 adpu320 - ok 15:21:49.0352 4352 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 15:21:49.0368 4352 AFD - ok 15:21:49.0383 4352 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:21:49.0383 4352 agp440 - ok 15:21:49.0399 4352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:21:49.0414 4352 aliide - ok 15:21:49.0414 4352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:21:49.0430 4352 amdide - ok 15:21:49.0430 4352 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 15:21:49.0446 4352 amdiox64 - ok 15:21:49.0461 4352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:21:49.0477 4352 AmdK8 - ok 15:21:49.0633 4352 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys 15:21:49.0711 4352 amdkmdag - ok 15:21:49.0804 4352 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys 15:21:49.0836 4352 amdkmdap - ok 15:21:49.0851 4352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:21:49.0867 4352 AmdPPM - ok 15:21:49.0898 4352 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:21:49.0914 4352 amdsata - ok 15:21:49.0929 4352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:21:49.0945 4352 amdsbs - ok 15:21:49.0960 4352 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:21:49.0976 4352 amdxata - ok 15:21:50.0007 4352 amd_sata (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\DRIVERS\amd_sata.sys 15:21:50.0023 4352 amd_sata - ok 15:21:50.0038 4352 amd_xata (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\DRIVERS\amd_xata.sys 15:21:50.0054 4352 amd_xata - ok 15:21:50.0101 4352 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 15:21:50.0132 4352 AODDriver4.01 - ok 15:21:50.0163 4352 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:21:50.0194 4352 AppID - ok 15:21:50.0226 4352 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:21:50.0226 4352 arc - ok 15:21:50.0241 4352 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:21:50.0257 4352 arcsas - ok 15:21:50.0304 4352 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys 15:21:50.0319 4352 aswFsBlk - ok 15:21:50.0366 4352 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys 15:21:50.0397 4352 aswMonFlt - ok 15:21:50.0413 4352 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys 15:21:50.0428 4352 aswRdr - ok 15:21:50.0460 4352 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys 15:21:50.0506 4352 aswSnx - ok 15:21:50.0522 4352 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys 15:21:50.0538 4352 aswSP - ok 15:21:50.0553 4352 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys 15:21:50.0553 4352 aswTdi - ok 15:21:50.0569 4352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:21:50.0616 4352 AsyncMac - ok 15:21:50.0631 4352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:21:50.0662 4352 atapi - ok 15:21:50.0694 4352 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys 15:21:50.0709 4352 AtiHDAudioService - ok 15:21:50.0740 4352 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys 15:21:50.0756 4352 AtiPcie - ok 15:21:50.0787 4352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:21:50.0803 4352 b06bdrv - ok 15:21:50.0818 4352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:21:50.0834 4352 b57nd60a - ok 15:21:50.0865 4352 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:21:50.0896 4352 Beep - ok 15:21:50.0912 4352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:21:50.0912 4352 blbdrive - ok 15:21:50.0943 4352 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:21:50.0959 4352 bowser - ok 15:21:50.0959 4352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:21:50.0959 4352 BrFiltLo - ok 15:21:50.0974 4352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:21:50.0974 4352 BrFiltUp - ok 15:21:51.0006 4352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:21:51.0006 4352 Brserid - ok 15:21:51.0021 4352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:21:51.0021 4352 BrSerWdm - ok 15:21:51.0037 4352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:21:51.0037 4352 BrUsbMdm - ok 15:21:51.0052 4352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:21:51.0052 4352 BrUsbSer - ok 15:21:51.0068 4352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:21:51.0068 4352 BTHMODEM - ok 15:21:51.0084 4352 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:21:51.0115 4352 cdfs - ok 15:21:51.0146 4352 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 15:21:51.0162 4352 cdrom - ok 15:21:51.0177 4352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:21:51.0177 4352 circlass - ok 15:21:51.0208 4352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:21:51.0240 4352 CLFS - ok 15:21:51.0255 4352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:21:51.0271 4352 CmBatt - ok 15:21:51.0286 4352 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:21:51.0286 4352 cmdide - ok 15:21:51.0318 4352 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 15:21:51.0349 4352 CNG - ok 15:21:51.0364 4352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:21:51.0380 4352 Compbatt - ok 15:21:51.0411 4352 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:21:51.0427 4352 CompositeBus - ok 15:21:51.0442 4352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:21:51.0442 4352 crcdisk - ok 15:21:51.0474 4352 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 15:21:51.0489 4352 CSC - ok 15:21:51.0520 4352 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:21:51.0567 4352 DfsC - ok 15:21:51.0567 4352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:21:51.0598 4352 discache - ok 15:21:51.0614 4352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:21:51.0614 4352 Disk - ok 15:21:51.0645 4352 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:21:51.0661 4352 drmkaud - ok 15:21:51.0676 4352 dump_wmimmc - ok 15:21:51.0723 4352 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:21:51.0770 4352 DXGKrnl - ok 15:21:51.0770 4352 EagleX64 - ok 15:21:51.0848 4352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:21:51.0895 4352 ebdrv - ok 15:21:51.0910 4352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:21:51.0942 4352 elxstor - ok 15:21:51.0957 4352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:21:51.0957 4352 ErrDev - ok 15:21:51.0973 4352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:21:52.0004 4352 exfat - ok 15:21:52.0020 4352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:21:52.0035 4352 fastfat - ok 15:21:52.0066 4352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:21:52.0066 4352 fdc - ok 15:21:52.0082 4352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:21:52.0098 4352 FileInfo - ok 15:21:52.0113 4352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:21:52.0129 4352 Filetrace - ok 15:21:52.0144 4352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:21:52.0144 4352 flpydisk - ok 15:21:52.0191 4352 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:21:52.0191 4352 FltMgr - ok 15:21:52.0207 4352 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:21:52.0207 4352 FsDepends - ok 15:21:52.0222 4352 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:21:52.0238 4352 Fs_Rec - ok 15:21:52.0269 4352 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:21:52.0285 4352 fvevol - ok 15:21:52.0285 4352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:21:52.0300 4352 gagp30kx - ok 15:21:52.0316 4352 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:21:52.0332 4352 hamachi - ok 15:21:52.0332 4352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:21:52.0347 4352 hcw85cir - ok 15:21:52.0378 4352 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:21:52.0394 4352 HdAudAddService - ok 15:21:52.0410 4352 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:21:52.0425 4352 HDAudBus - ok 15:21:52.0425 4352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:21:52.0425 4352 HidBatt - ok 15:21:52.0441 4352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:21:52.0456 4352 HidBth - ok 15:21:52.0456 4352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:21:52.0472 4352 HidIr - ok 15:21:52.0503 4352 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:21:52.0519 4352 HidUsb - ok 15:21:52.0550 4352 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:21:52.0550 4352 HpSAMD - ok 15:21:52.0581 4352 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:21:52.0644 4352 HTTP - ok 15:21:52.0675 4352 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:21:52.0675 4352 hwpolicy - ok 15:21:52.0706 4352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:21:52.0706 4352 i8042prt - ok 15:21:52.0722 4352 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:21:52.0737 4352 iaStorV - ok 15:21:52.0753 4352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:21:52.0768 4352 iirsp - ok 15:21:52.0815 4352 IntcAzAudAddService (0b21b66574e5478fa10cca2d36694c2d) C:\Windows\system32\drivers\RTKVHD64.sys 15:21:52.0846 4352 IntcAzAudAddService - ok 15:21:52.0862 4352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:21:52.0862 4352 intelide - ok 15:21:52.0878 4352 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:21:52.0893 4352 intelppm - ok 15:21:52.0909 4352 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:21:52.0924 4352 IpFilterDriver - ok 15:21:52.0956 4352 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:21:52.0971 4352 IPMIDRV - ok 15:21:52.0971 4352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:21:53.0002 4352 IPNAT - ok 15:21:53.0018 4352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:21:53.0034 4352 IRENUM - ok 15:21:53.0049 4352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:21:53.0049 4352 isapnp - ok 15:21:53.0080 4352 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:21:53.0096 4352 iScsiPrt - ok 15:21:53.0112 4352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:21:53.0112 4352 kbdclass - ok 15:21:53.0143 4352 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:21:53.0143 4352 kbdhid - ok 15:21:53.0158 4352 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 15:21:53.0174 4352 KSecDD - ok 15:21:53.0205 4352 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 15:21:53.0205 4352 KSecPkg - ok 15:21:53.0221 4352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:21:53.0252 4352 ksthunk - ok 15:21:53.0268 4352 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:21:53.0283 4352 lltdio - ok 15:21:53.0314 4352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:21:53.0346 4352 LSI_FC - ok 15:21:53.0361 4352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:21:53.0361 4352 LSI_SAS - ok 15:21:53.0377 4352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:21:53.0392 4352 LSI_SAS2 - ok 15:21:53.0408 4352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:21:53.0424 4352 LSI_SCSI - ok 15:21:53.0439 4352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:21:53.0470 4352 luafv - ok 15:21:53.0486 4352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:21:53.0486 4352 megasas - ok 15:21:53.0502 4352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:21:53.0517 4352 MegaSR - ok 15:21:53.0533 4352 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:21:53.0548 4352 Modem - ok 15:21:53.0580 4352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:21:53.0580 4352 monitor - ok 15:21:53.0595 4352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:21:53.0611 4352 mouclass - ok 15:21:53.0611 4352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:21:53.0611 4352 mouhid - ok 15:21:53.0642 4352 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:21:53.0642 4352 mountmgr - ok 15:21:53.0658 4352 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:21:53.0673 4352 mpio - ok 15:21:53.0704 4352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:21:53.0751 4352 mpsdrv - ok 15:21:53.0782 4352 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:21:53.0829 4352 MRxDAV - ok 15:21:53.0860 4352 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:21:53.0892 4352 mrxsmb - ok 15:21:53.0907 4352 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:21:53.0923 4352 mrxsmb10 - ok 15:21:53.0938 4352 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:21:53.0954 4352 mrxsmb20 - ok 15:21:53.0970 4352 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:21:53.0970 4352 msahci - ok 15:21:53.0985 4352 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:21:54.0001 4352 msdsm - ok 15:21:54.0016 4352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:21:54.0048 4352 Msfs - ok 15:21:54.0048 4352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:21:54.0079 4352 mshidkmdf - ok 15:21:54.0110 4352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:21:54.0110 4352 msisadrv - ok 15:21:54.0126 4352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:21:54.0157 4352 MSKSSRV - ok 15:21:54.0157 4352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:21:54.0188 4352 MSPCLOCK - ok 15:21:54.0188 4352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:21:54.0204 4352 MSPQM - ok 15:21:54.0250 4352 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:21:54.0282 4352 MsRPC - ok 15:21:54.0297 4352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:21:54.0313 4352 mssmbios - ok 15:21:54.0328 4352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:21:54.0360 4352 MSTEE - ok 15:21:54.0360 4352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:21:54.0375 4352 MTConfig - ok 15:21:54.0391 4352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:21:54.0391 4352 Mup - ok 15:21:54.0406 4352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:21:54.0422 4352 NativeWifiP - ok 15:21:54.0453 4352 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:21:54.0469 4352 NDIS - ok 15:21:54.0484 4352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:21:54.0516 4352 NdisCap - ok 15:21:54.0531 4352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:21:54.0562 4352 NdisTapi - ok 15:21:54.0578 4352 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:21:54.0609 4352 Ndisuio - ok 15:21:54.0625 4352 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:21:54.0656 4352 NdisWan - ok 15:21:54.0687 4352 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:21:54.0703 4352 NDProxy - ok 15:21:54.0718 4352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:21:54.0734 4352 NetBIOS - ok 15:21:54.0750 4352 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:21:54.0781 4352 NetBT - ok 15:21:54.0796 4352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:21:54.0812 4352 nfrd960 - ok 15:21:54.0843 4352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:21:54.0859 4352 Npfs - ok 15:21:54.0874 4352 NPPTNT2 - ok 15:21:54.0890 4352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:21:54.0906 4352 nsiproxy - ok 15:21:54.0952 4352 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:21:54.0968 4352 Ntfs - ok 15:21:54.0984 4352 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:21:55.0015 4352 Null - ok 15:21:55.0030 4352 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:21:55.0046 4352 nusb3hub - ok 15:21:55.0077 4352 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:21:55.0077 4352 nusb3xhc - ok 15:21:55.0108 4352 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:21:55.0108 4352 nvraid - ok 15:21:55.0140 4352 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:21:55.0140 4352 nvstor - ok 15:21:55.0155 4352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:21:55.0171 4352 nv_agp - ok 15:21:55.0202 4352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:21:55.0202 4352 ohci1394 - ok 15:21:55.0233 4352 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:21:55.0249 4352 Parport - ok 15:21:55.0264 4352 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 15:21:55.0296 4352 partmgr - ok 15:21:55.0311 4352 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:21:55.0327 4352 pci - ok 15:21:55.0327 4352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:21:55.0342 4352 pciide - ok 15:21:55.0374 4352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:21:55.0389 4352 pcmcia - ok 15:21:55.0405 4352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:21:55.0420 4352 pcw - ok 15:21:55.0436 4352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:21:55.0483 4352 PEAUTH - ok 15:21:55.0514 4352 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:21:55.0545 4352 PptpMiniport - ok 15:21:55.0545 4352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:21:55.0561 4352 Processor - ok 15:21:55.0592 4352 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:21:55.0608 4352 Psched - ok 15:21:55.0639 4352 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 15:21:55.0639 4352 PSI - ok 15:21:55.0670 4352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:21:55.0686 4352 ql2300 - ok 15:21:55.0717 4352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:21:55.0717 4352 ql40xx - ok 15:21:55.0732 4352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:21:55.0748 4352 QWAVEdrv - ok 15:21:55.0764 4352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:21:55.0779 4352 RasAcd - ok 15:21:55.0810 4352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:21:55.0826 4352 RasAgileVpn - ok 15:21:55.0857 4352 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:21:55.0873 4352 Rasl2tp - ok 15:21:55.0888 4352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:21:55.0920 4352 RasPppoe - ok 15:21:55.0935 4352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:21:55.0951 4352 RasSstp - ok 15:21:55.0982 4352 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:21:55.0998 4352 rdbss - ok 15:21:56.0029 4352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:21:56.0029 4352 rdpbus - ok 15:21:56.0044 4352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:21:56.0060 4352 RDPCDD - ok 15:21:56.0091 4352 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 15:21:56.0107 4352 RDPDR - ok 15:21:56.0107 4352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:21:56.0122 4352 RDPENCDD - ok 15:21:56.0154 4352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:21:56.0169 4352 RDPREFMP - ok 15:21:56.0200 4352 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 15:21:56.0216 4352 RdpVideoMiniport - ok 15:21:56.0232 4352 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 15:21:56.0263 4352 RDPWD - ok 15:21:56.0294 4352 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:21:56.0294 4352 rdyboost - ok 15:21:56.0325 4352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:21:56.0341 4352 rspndr - ok 15:21:56.0372 4352 RTL8167 (fcaf9c2c9eadf8f397c3350760ef500f) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:21:56.0388 4352 RTL8167 - ok 15:21:56.0403 4352 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 15:21:56.0419 4352 s3cap - ok 15:21:56.0481 4352 SbieDrv (742112ce7abb11dc17a561b4291be9c6) e:\Program Files\Sandboxie\SbieDrv.sys 15:21:56.0528 4352 SbieDrv - ok 15:21:56.0559 4352 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:21:56.0590 4352 sbp2port - ok 15:21:56.0606 4352 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:21:56.0653 4352 scfilter - ok 15:21:56.0668 4352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:21:56.0684 4352 secdrv - ok 15:21:56.0700 4352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:21:56.0715 4352 Serenum - ok 15:21:56.0731 4352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:21:56.0731 4352 Serial - ok 15:21:56.0762 4352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:21:56.0778 4352 sermouse - ok 15:21:56.0824 4352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:21:56.0840 4352 sffdisk - ok 15:21:56.0840 4352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:21:56.0856 4352 sffp_mmc - ok 15:21:56.0856 4352 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:21:56.0871 4352 sffp_sd - ok 15:21:56.0887 4352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:21:56.0902 4352 sfloppy - ok 15:21:56.0918 4352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:21:56.0918 4352 SiSRaid2 - ok 15:21:56.0934 4352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:21:56.0949 4352 SiSRaid4 - ok 15:21:56.0965 4352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:21:56.0980 4352 Smb - ok 15:21:57.0012 4352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:21:57.0012 4352 spldr - ok 15:21:57.0058 4352 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:21:57.0058 4352 srv - ok 15:21:57.0074 4352 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:21:57.0090 4352 srv2 - ok 15:21:57.0105 4352 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:21:57.0105 4352 srvnet - ok 15:21:57.0136 4352 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys 15:21:57.0152 4352 sscdbus - ok 15:21:57.0168 4352 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys 15:21:57.0168 4352 sscdmdfl - ok 15:21:57.0199 4352 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys 15:21:57.0199 4352 sscdmdm - ok 15:21:57.0230 4352 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys 15:21:57.0261 4352 sscebus - ok 15:21:57.0292 4352 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys 15:21:57.0292 4352 sscemdfl - ok 15:21:57.0308 4352 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys 15:21:57.0324 4352 sscemdm - ok 15:21:57.0339 4352 ssceserd (db504ef6d73f6b8ab5cf8a18560c4e2a) C:\Windows\system32\DRIVERS\ssceserd.sys 15:21:57.0355 4352 ssceserd - ok 15:21:57.0370 4352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:21:57.0386 4352 stexstor - ok 15:21:57.0402 4352 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 15:21:57.0417 4352 storflt - ok 15:21:57.0433 4352 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 15:21:57.0448 4352 storvsc - ok 15:21:57.0464 4352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:21:57.0480 4352 swenum - ok 15:21:57.0480 4352 Synth3dVsc - ok 15:21:57.0542 4352 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 15:21:57.0573 4352 Tcpip - ok 15:21:57.0604 4352 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 15:21:57.0620 4352 TCPIP6 - ok 15:21:57.0651 4352 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:21:57.0714 4352 tcpipreg - ok 15:21:57.0729 4352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:21:57.0745 4352 TDPIPE - ok 15:21:57.0745 4352 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:21:57.0776 4352 TDTCP - ok 15:21:57.0807 4352 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:21:57.0823 4352 tdx - ok 15:21:57.0838 4352 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:21:57.0838 4352 TermDD - ok 15:21:57.0870 4352 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys 15:21:57.0885 4352 TFsExDisk - ok 15:21:57.0916 4352 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:21:57.0932 4352 tssecsrv - ok 15:21:57.0963 4352 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:21:57.0979 4352 TsUsbFlt - ok 15:21:57.0979 4352 tsusbhub - ok 15:21:58.0010 4352 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:21:58.0072 4352 tunnel - ok 15:21:58.0088 4352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:21:58.0088 4352 uagp35 - ok 15:21:58.0119 4352 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:21:58.0135 4352 udfs - ok 15:21:58.0166 4352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:21:58.0166 4352 uliagpkx - ok 15:21:58.0197 4352 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:21:58.0197 4352 umbus - ok 15:21:58.0228 4352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:21:58.0244 4352 UmPass - ok 15:21:58.0291 4352 UnlockerDriver5 (9dc07e73a4abb9acf692113b36a5009f) e:\Program Files\Unlocker\UnlockerDriver5.sys 15:21:58.0322 4352 UnlockerDriver5 - ok 15:21:58.0353 4352 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 15:21:58.0384 4352 usbccgp - ok 15:21:58.0400 4352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:21:58.0416 4352 usbcir - ok 15:21:58.0431 4352 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:21:58.0447 4352 usbehci - ok 15:21:58.0478 4352 usbfilter (917a716639c8ff1c396d4b13889552d8) C:\Windows\system32\DRIVERS\usbfilter.sys 15:21:58.0478 4352 usbfilter - ok 15:21:58.0494 4352 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:21:58.0509 4352 usbhub - ok 15:21:58.0525 4352 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 15:21:58.0540 4352 usbohci - ok 15:21:58.0556 4352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:21:58.0572 4352 usbprint - ok 15:21:58.0587 4352 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:21:58.0603 4352 usbscan - ok 15:21:58.0618 4352 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:21:58.0618 4352 USBSTOR - ok 15:21:58.0634 4352 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:21:58.0650 4352 usbuhci - ok 15:21:58.0665 4352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:21:58.0665 4352 vdrvroot - ok 15:21:58.0696 4352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:21:58.0696 4352 vga - ok 15:21:58.0712 4352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:21:58.0743 4352 VgaSave - ok 15:21:58.0743 4352 VGPU - ok 15:21:58.0774 4352 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:21:58.0806 4352 vhdmp - ok 15:21:58.0837 4352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:21:58.0837 4352 viaide - ok 15:21:58.0868 4352 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 15:21:58.0884 4352 vmbus - ok 15:21:58.0899 4352 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 15:21:58.0915 4352 VMBusHID - ok 15:21:58.0930 4352 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:21:58.0946 4352 volmgr - ok 15:21:58.0977 4352 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:21:58.0993 4352 volmgrx - ok 15:21:59.0008 4352 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:21:59.0024 4352 volsnap - ok 15:21:59.0040 4352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:21:59.0055 4352 vsmraid - ok 15:21:59.0086 4352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 15:21:59.0102 4352 vwifibus - ok 15:21:59.0118 4352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:21:59.0133 4352 WacomPen - ok 15:21:59.0149 4352 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:21:59.0180 4352 WANARP - ok 15:21:59.0180 4352 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:21:59.0196 4352 Wanarpv6 - ok 15:21:59.0211 4352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:21:59.0227 4352 Wd - ok 15:21:59.0258 4352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:21:59.0258 4352 Wdf01000 - ok 15:21:59.0289 4352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:21:59.0305 4352 WfpLwf - ok 15:21:59.0320 4352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:21:59.0320 4352 WIMMount - ok 15:21:59.0367 4352 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:21:59.0367 4352 WinUsb - ok 15:21:59.0383 4352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:21:59.0398 4352 WmiAcpi - ok 15:21:59.0430 4352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:21:59.0461 4352 ws2ifsl - ok 15:21:59.0492 4352 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:21:59.0508 4352 WudfPf - ok 15:21:59.0539 4352 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:21:59.0554 4352 WUDFRd - ok 15:21:59.0617 4352 X6va002 - ok 15:21:59.0632 4352 X6va005 - ok 15:21:59.0664 4352 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:21:59.0710 4352 \Device\Harddisk0\DR0 - ok 15:21:59.0710 4352 Boot (0x1200) (7f19f660614eeb2f5e1b2548f318bff0) \Device\Harddisk0\DR0\Partition0 15:21:59.0710 4352 \Device\Harddisk0\DR0\Partition0 - ok 15:21:59.0742 4352 Boot (0x1200) (557724867055e57b98b37ee736dbce4a) \Device\Harddisk0\DR0\Partition1 15:21:59.0742 4352 \Device\Harddisk0\DR0\Partition1 - ok 15:21:59.0742 4352 Boot (0x1200) (155a065b1dad48ef717f8726d210db79) \Device\Harddisk0\DR0\Partition2 15:21:59.0742 4352 \Device\Harddisk0\DR0\Partition2 - ok 15:21:59.0773 4352 Boot (0x1200) (733ebcd7c249cb8a3f8b717d514f1d2e) \Device\Harddisk0\DR0\Partition3 15:21:59.0773 4352 \Device\Harddisk0\DR0\Partition3 - ok 15:21:59.0773 4352 ============================================================ 15:21:59.0773 4352 Scan finished 15:21:59.0773 4352 ============================================================ 15:21:59.0773 4500 Detected object count: 0 15:21:59.0773 4500 Actual detected object count: 0 Geändert von minman (24.10.2011 um 14:39 Uhr) |
|
24.10.2011, 14:56
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatisch Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2011, 16:11
| #11 |
| | Firefox Tab öffnet sich automatisch oh grade gemerkt dass windows defender an war.. is das schlimm? nochnmal ohne durchführen? Combofix Logfile: Code:
ATTFilter ComboFix 11-10-24.02 - ***** 24.10.2011 16:57:28.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4093.2780 [GMT 2:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-24 bis 2011-10-24 ))))))))))))))))))))))))))))))
.
.
2011-10-24 15:00 . 2011-10-24 15:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-24 11:47 . 2011-10-24 11:47 -------- d-----w- C:\_OTL
2011-10-23 21:58 . 2011-10-23 21:58 410976 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-10-23 21:58 . 2011-10-23 21:58 -------- d-----w- c:\program files (x86)\Java
2011-10-23 20:16 . 2011-10-23 20:16 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2011-10-23 20:16 . 2011-10-23 20:16 -------- d-----w- c:\windows\system32\wbem\en-US
2011-10-23 12:49 . 2011-10-23 12:49 525544 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-22 18:36 . 2011-10-22 18:36 -------- d-----w- c:\program files (x86)\ESET
2011-10-22 13:58 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D3E8F56-3885-4552-A482-043A55040E66}\mpengine.dll
2011-10-20 13:26 . 2011-10-20 13:26 -------- d-----w- c:\programdata\ATI
2011-10-20 13:22 . 2011-10-20 13:22 -------- d-----w- c:\program files (x86)\AMD APP
2011-10-20 13:21 . 2011-10-20 13:21 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-10-20 13:21 . 2011-10-20 13:21 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-10-20 13:21 . 2011-10-20 13:21 -------- d-----w- c:\program files\ATI
2011-10-18 19:55 . 2011-10-18 19:55 -------- d-----w- c:\users\*****\AppData\Roaming\ts3overlay
2011-10-18 19:01 . 2011-10-18 19:01 -------- d-----w- c:\program files (x86)\vShare.tv plugin
2011-10-17 21:34 . 2011-10-17 21:34 -------- d-----w- c:\users\*****\AppData\Local\CrashRpt
2011-10-17 21:34 . 2011-10-17 21:34 -------- d-----w- c:\users\*****\AppData\Local\Arktos
2011-10-13 23:08 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 23:07 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 23:07 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 23:07 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 23:07 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 23:07 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 23:07 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 23:07 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-13 23:07 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 17:19 . 2011-10-16 23:05 -------- d-----w- c:\users\*****\AppData\Local\PMB Files
2011-10-13 17:19 . 2011-10-13 17:34 -------- d-----w- c:\programdata\PMB Files
2011-10-09 21:16 . 2011-10-09 21:16 -------- d-----r- C:\Sandbox
2011-10-09 19:50 . 2011-10-09 19:50 -------- d-----w- c:\windows\system32\Macromed
2011-10-09 19:18 . 2011-10-09 19:18 -------- d-----w- c:\users\*****\AppData\Local\Secunia PSI
2011-10-09 19:15 . 2011-10-09 19:20 -------- d-----w- c:\users\*****\AppData\Roaming\KeePass
2011-10-09 11:15 . 2011-10-09 11:15 -------- d-----w- c:\users\*****\AppData\Roaming\Malwarebytes
2011-10-09 11:15 . 2011-10-09 11:15 -------- d-----w- c:\programdata\Malwarebytes
2011-10-09 11:15 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-04 23:16 . 2011-10-04 23:16 -------- d-----w- c:\users\*****\.dvdcss
2011-10-02 01:18 . 2011-10-23 12:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-09-30 20:55 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-09 19:50 . 2011-05-27 17:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-14 09:47 . 2011-09-14 09:47 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:47 . 2011-09-14 09:47 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-14 09:47 . 2011-09-14 09:47 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-09-14 09:47 . 2011-09-14 09:47 16652288 ----a-w- c:\windows\system32\amdocl64.dll
2011-09-14 09:46 . 2011-09-14 09:46 13625856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-09-14 09:38 . 2011-09-14 09:38 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll
2011-09-08 18:27 . 2011-09-08 18:27 10203648 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-09-08 17:59 . 2011-09-08 17:59 24229376 ----a-w- c:\windows\system32\atio6axx.dll
2011-09-08 17:39 . 2011-09-08 17:39 18534912 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-09-08 17:34 . 2011-09-08 17:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-08 17:34 . 2011-09-08 17:34 732672 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-09-08 17:32 . 2011-09-08 17:32 862720 ----a-w- c:\windows\system32\aticfx64.dll
2011-09-08 17:30 . 2011-09-08 17:30 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-08 17:30 . 2011-09-08 17:30 486912 ----a-w- c:\windows\system32\atieclxx.exe
2011-09-08 17:29 . 2011-09-08 17:29 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-09-08 17:28 . 2011-09-08 17:28 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-09-08 17:28 . 2011-09-08 17:28 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-09-08 17:28 . 2011-09-08 17:28 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-09-08 17:28 . 2011-09-08 17:28 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-09-08 17:28 . 2011-09-08 17:28 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-09-08 17:28 . 2011-09-08 17:28 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-09-08 17:28 . 2011-09-08 17:28 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-09-08 17:24 . 2011-09-08 17:24 4204032 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-09-08 17:18 . 2011-09-08 17:18 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-09-08 17:18 . 2011-09-08 17:18 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-09-08 17:18 . 2011-09-08 17:18 3888640 ----a-w- c:\windows\system32\atiumd6a.dll
2011-09-08 17:16 . 2011-09-08 17:16 4944896 ----a-w- c:\windows\system32\atidxx64.dll
2011-09-08 17:09 . 2011-09-08 17:09 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-09-08 17:09 . 2011-09-08 17:09 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-09-08 17:09 . 2011-09-08 17:09 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-09-08 17:09 . 2011-09-08 17:09 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-09-08 17:09 . 2011-09-08 17:09 8723456 ----a-w- c:\windows\system32\aticaldd64.dll
2011-09-08 17:08 . 2011-09-08 17:08 4064768 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-09-08 17:05 . 2011-09-08 17:05 7331840 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-09-08 17:05 . 2011-09-08 17:05 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-09-08 17:00 . 2011-09-08 17:00 5428736 ----a-w- c:\windows\system32\atiumd64.dll
2011-09-08 16:59 . 2011-09-08 16:59 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-08 16:53 . 2011-09-08 16:53 381952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-08 16:53 . 2011-09-08 16:53 270336 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-09-08 16:52 . 2011-09-08 16:52 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-09-08 16:52 . 2011-09-08 16:52 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 310784 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-09-08 16:52 . 2011-09-08 16:52 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-09-08 16:51 . 2011-09-08 16:51 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-09-08 16:51 . 2011-09-08 16:51 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-09-08 16:51 . 2011-09-08 16:51 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-09-08 16:51 . 2011-09-08 16:51 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-09-08 16:51 . 2011-09-08 16:51 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-09-08 16:51 . 2011-09-08 16:51 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-09-08 16:50 . 2011-09-08 16:50 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-09-08 16:50 . 2011-09-08 16:50 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-09-06 20:45 . 2011-01-19 19:56 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-01-19 19:56 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-01-19 19:57 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-03-13 19:18 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-01-19 19:57 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-01-19 19:57 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-01-19 19:57 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-01-19 19:57 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-01-19 19:57 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-31 07:35 . 2011-07-31 07:35 71680 ----a-w- c:\windows\system32\frapsv64.dll
2011-07-31 07:35 . 2011-07-31 07:35 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
2011-09-22 16:58 177712 ----a-w- c:\program files (x86)\vShare.tv plugin\BarLcher.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-09-22 177712]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="e:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ICQ"="e:\program files (x86)\Icq\ICQ7.5\ICQ.exe" [2011-08-01 124480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2011-10-23 136600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - e:\program files (x86)\LOLReplay\LOLRecorder.exe [2011-10-17 408576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dump_wmimmc;dump_wmimmc;e:\games\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-01-13 129440]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [x]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [x]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [x]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 X6va002;X6va002;c:\users\*****\AppData\Local\Temp\002C7B3.tmp [x]
R3 X6va005;X6va005;c:\users\*****\AppData\Local\Temp\0059B88.tmp [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;e:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-08 361984]
S2 AODDriver4.01;AODDriver4.01;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;e:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;e:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;e:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- e:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mStart Page =
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\program files (x86)\Icq\ICQ7.5\ICQ.exe
TCP: Interfaces\{663A91A8-D95E-4C38-B8A9-F0D631BD3832}: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vkfo8lu6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
WebBrowser-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\*****\AppData\Local\Temp\002C7B3.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\*****\AppData\Local\Temp\0059B88.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-24 17:04:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-10-24 15:04
.
Vor Suchlauf: 9 Verzeichnis(se), 57.708.572.672 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 57.192.157.184 Bytes frei
.
- - End Of File - - 286A35AB6E8C54EFF9435164784B708A
|
|
24.10.2011, 18:05
| #12 |
| | Firefox Tab öffnet sich automatisch ok also dieser tab der sich öffnet hat wohl was mit google zu tun angeblich. da die da iwas testen wollen.... wird jedenfalls in diversen anderen foren besprochen!  |
|
24.10.2011, 18:36
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatisch Ja, der wird es sein, aber bei der Gelegenheit mal den Rechner abklopfen ist sinnvoll, schließlich kann ja Schadcode drauf sein Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2011, 19:53
| #14 |
| | Firefox Tab öffnet sich automatisch richtig is aufjedenfall gut dass das system mal gecheckt wird  also ich scan die ganze offline (kabel raus) hoff das ist auch richtig so. gefragt wegen virendefinition hat er nicht: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-10-24 20:47:29 ----------------------------- 20:47:29.125 OS Version: Windows x64 6.1.7601 Service Pack 1 20:47:29.125 Number of processors: 4 586 0x403 20:47:29.125 ComputerName: ****** UserName: ***** 20:47:29.484 Initialize success 20:47:29.686 AVAST engine defs: 11102401 20:47:48.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061 20:47:48.469 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 476935MB BusType: 11 20:47:50.497 Disk 0 MBR read successfully 20:47:50.497 Disk 0 MBR scan 20:47:50.497 Disk 0 Windows 7 default MBR code 20:47:50.512 Service scanning 20:47:51.948 Modules scanning 20:47:51.948 Disk 0 trace - called modules: 20:47:51.963 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 20:47:51.979 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049a4060] 20:47:51.979 3 CLASSPNP.SYS[fffff88000da643f] -> nt!IofCallDriver -> [0xfffffa80048c6ac0] 20:47:51.994 5 amd_xata.sys[fffff88001110900] -> nt!IofCallDriver -> \Device\00000061[0xfffffa80048c39c0] 20:47:52.182 AVAST engine scan C:\Windows 20:47:53.960 AVAST engine scan C:\Windows\system32 20:49:02.319 AVAST engine scan C:\Windows\system32\drivers 20:49:08.637 AVAST engine scan C:\Users\***** 20:50:23.829 AVAST engine scan C:\ProgramData 20:50:43.938 Scan finished successfully 20:50:52.362 Disk 0 MBR has been saved successfully to "C:\Users/*********\Desktop\MBR.dat" 20:50:52.362 The log file has been saved successfully to "C:\Users\*********\Desktop\aswMBR.txt" // aso sehe grad wegen defintion un verbindung und so ^^ ich mach das ganze mal online hier das ganze online: glaube das war kein großer unterschied. gefragt hat er wieder nix. aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-10-24 21:01:00 ----------------------------- 21:01:00.409 OS Version: Windows x64 6.1.7601 Service Pack 1 21:01:00.409 Number of processors: 4 586 0x403 21:01:00.409 ComputerName: ******* UserName: ***** 21:01:00.675 Initialize success 21:01:00.706 AVAST engine defs: 11102401 21:01:06.993 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061 21:01:07.008 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 476935MB BusType: 11 21:01:09.036 Disk 0 MBR read successfully 21:01:09.036 Disk 0 MBR scan 21:01:09.036 Disk 0 Windows 7 default MBR code 21:01:09.052 Service scanning 21:01:10.097 Modules scanning 21:01:10.097 Disk 0 trace - called modules: 21:01:10.113 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 21:01:10.128 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049a4060] 21:01:10.128 3 CLASSPNP.SYS[fffff88000da643f] -> nt!IofCallDriver -> [0xfffffa80048c6ac0] 21:01:10.128 5 amd_xata.sys[fffff88001110900] -> nt!IofCallDriver -> \Device\00000061[0xfffffa80048c39c0] 21:01:10.347 AVAST engine scan C:\Windows 21:01:12.172 AVAST engine scan C:\Windows\system32 21:02:07.272 AVAST engine scan C:\Windows\system32\drivers 21:02:12.919 AVAST engine scan C:\Users\janson 21:03:19.032 AVAST engine scan C:\ProgramData 21:03:35.756 Scan finished successfully 21:04:25.754 Disk 0 MBR has been saved successfully to "C:\Users\*****\Desktop/*****\MBR.dat" 21:04:25.754 The log file has been saved successfully to "C:\Users\******\Desktop\***\aswMBR.txt" Geändert von minman (24.10.2011 um 20:17 Uhr) |
|
25.10.2011, 08:41
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox Tab öffnet sich automatischZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Firefox Tab öffnet sich automatisch |
| adobe, antivirus, autorun, avast, bho, black, c:\windows\system32\rundll32.exe, device driver, druck, error, fehler, firefox, flash player, format, helper, hijack, hijackthis, install.exe, internet, langs, league of legends, logfile, mozilla thunderbird, netzwerk, object, pando media booster, plug-in, popup, realtek, registry, richtlinie, rundll, safer networking, scan, secunia psi, security, shortcut, sich automatisch, software, spielen, usb 3.0, webcheck, windows, öffnet sich automatisch |
Linear-Darstellung
