Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

darkrider78 · 28.12.2011, 03:26

Hallo,
da mein Rechner sehr langsam ist und Kaspersky eine Fehlermeldung ausspuckt, dass die schwarze Liste beschädigt ist, bin ich mir sicher, dass ich Viren auf den Rechner habe...

Bitte erneut um Hilfe!

Danke Voraus.

MFG darkrider78

cosinus · 28.12.2011, 05:42

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

darkrider78 · 30.12.2011, 01:09

Den Vollscan mit Malewarebytes habe ich gemacht.
Ich finde nur leider die Logs nicht.

Und die Logs von ESET auch nicht, bitte sagen Sie mir, wo die Programme die Logdateien speichern.

cosinus · 30.12.2011, 01:10

Zitat:

Ich finde nur leider die Logs nicht.

Malwarebytes starten => Reiter Logdateien

Zitat:

Und die Logs von ESET auch nicht,

Wurde in meiner Anleitung gepostet

darkrider78 · 30.12.2011, 04:37

Code:

ATTFilter

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 03:46:49
mbam-log-2011-12-28 (03-46-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 500409
Laufzeit: 1 Stunde(n), 46 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Nach Löschung der Funde:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 02:56:58
mbam-log-2011-12-28 (02-56-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 488011
Laufzeit: 45 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_cfg.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_u_r.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Irgendwas hat mir den ESET Log zerschossen, ich werde gleich währen ich schlafe einen erneuten Scan machen und den Log dann posten...

darkrider78 · 31.12.2011, 00:18

Hier der ESET Log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=24697847b8c78a4398d03265229f1ef9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-12-30 11:08:42
# local_time=2011-12-31 12:08:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 5894 76894212 0 0
# compatibility_mode=8192 67108863 100 0 222447 222447 0 0
# scanned=277617
# found=8
# cleaned=8
# scan_time=23501
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CheatEngine61(1).exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CrystalDiskInfo4_0_2a-en.exe	Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Documents\Sicherung vom USB-STICK\Downloads\CheatEngine60.exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CheatEngine61(1).exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CheatEngine61.exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CrystalDiskInfo4_0_2a-en.exe	Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\DivXInstaller813(1).exe	Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\DivXInstaller813.exe	Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C

cosinus · 31.12.2011, 00:25

Zitat:

(gelöscht - in Quarantäne kopiert)

Warum kann man die Anleitungen nichmal vollstädnig und aufmerksam lesen?
Bei ESET sollten die Funde noch NICHT entfernt werden!

darkrider78 · 31.12.2011, 00:36

Und jetzt?
EDIT: Sry, wegen der Anleitung, mir geht es in letzter Zeit vsehr schlecht und ich bin leicht verwirrt.

darkrider78 · 31.12.2011, 01:50

Guten Rutsch, melde mich 01.01.12 zwischen 18 und 23 Uhr wieder...

cosinus · 31.12.2011, 15:34

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

darkrider78 · 01.01.2012, 16:59

Code:

ATTFilter

OTL logfile created on: 1/1/2012 4:41:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\***\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 72.22% Memory free
6.00 Gb Paging File | 4.76 Gb Available in Paging File | 79.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 890.41 Gb Total Space | 779.72 Gb Free Space | 87.57% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 23.48 Gb Free Space | 58.70% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/01/01 16:36:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/12/29 18:40:26 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011/12/29 16:36:26 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/12/29 16:36:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/12/29 16:35:50 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/12/29 16:35:44 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/12/29 16:35:32 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/29 16:35:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/12/29 16:35:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/12/29 16:35:23 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/29 16:35:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/11/13 00:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/05/27 20:40:48 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/05/12 14:12:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe -- (AVP)
SRV - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011/11/23 14:17:08 | 000,131,856 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/08/19 09:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C525(UVC)
DRV - [2011/08/19 09:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 09:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/09/14 05:46:26 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010/09/14 05:46:22 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010/09/14 05:46:18 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010/09/14 05:46:14 | 000,577,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/27 17:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 10:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: lazarus@interclue.com:2.0.4
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.2.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.7.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..keyword.URL: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/12/27 16:42:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011/12/28 04:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/27 16:45:55 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2011/12/27 16:45:50 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\moveplayer@movenetworks.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] ("PennerBar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\pennerbar3@pennergame.de
[2011/12/27 16:58:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\AUTOPAGER@MOZILLA.ORG.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\COMPACTMENUCE@MERCI.CHAO.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\CTRL-TAB@DESIGN-NOIR.DE.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ie_banner_deny.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.161 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: DhcpNameServer = 83.169.185.161 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer = 83.169.185.161 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\kloehk.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - State: "bootini" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: BsScanner - Service
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: BsScanner - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/01 15:26:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/31 03:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011/12/31 03:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/12/31 02:07:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2011/12/31 02:05:16 | 000,000,000 | ---D | C] -- C:\AiO-Files
[2011/12/31 02:04:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\svcpack
[2011/12/31 00:13:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SoftGrid Client
[2011/12/31 00:13:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/31 00:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011/12/31 00:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/12/31 00:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2011/12/31 00:11:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TP
[2011/12/30 19:16:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\CyberLink
[2011/12/30 04:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
[2011/12/30 04:08:41 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Crossfire
[2011/12/30 01:24:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 01:02:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2011/12/30 01:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2011/12/30 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2011/12/30 01:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011/12/29 16:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/12/28 21:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/12/28 15:08:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Logitech® Webcam-Software
[2011/12/28 15:04:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/12/28 15:04:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/28 15:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011/12/28 15:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/12/28 15:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011/12/28 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011/12/28 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/12/28 15:01:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/12/28 14:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2011/12/28 14:20:20 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/12/28 04:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/28 02:55:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011/12/28 02:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/28 02:55:40 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/28 02:23:28 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\CFNA
[2011/12/28 02:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Suite CBE 11
[2011/12/28 02:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/12/28 02:04:11 | 000,488,536 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:50:52 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/12/28 00:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/12/27 18:59:05 | 000,000,000 | ---D | C] -- C:\CFLog
[2011/12/27 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/27 18:41:15 | 000,025,088 | ---- | C] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2011/12/27 18:38:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\WinRAR
[2011/12/27 18:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games
[2011/12/27 17:38:21 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Hörspiele
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Vuze Downloads
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Videomaskenprojekte
[2011/12/27 17:27:19 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Texturen Pakete
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Sicherung vom USB-STICK
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\PF
[2011/12/27 17:22:08 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\O&O
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Need for Speed World
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\My Cheat Tables
[2011/12/27 17:21:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Minecraft Mod's
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX_Music_Maker_17
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX Downloads
[2011/12/27 17:18:46 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie GTA SA
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie FS
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kalypso Media
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Image - SimCity3000 Deutschland
[2011/12/27 17:18:04 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\ICQ
[2011/12/27 17:18:03 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\HUiiii
[2011/12/27 17:17:55 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\FUSSBALL MANAGER 11 Demo
[2011/12/27 17:04:47 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Filme
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Eigene Dateien
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Cross Fire
[2011/12/27 17:02:05 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Play4Free
[2011/12/27 17:01:57 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Heroes
[2011/12/27 17:01:30 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Abbild CBS
[2011/12/27 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe
[2011/12/27 16:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/12/27 16:53:52 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/12/27 16:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/12/27 16:52:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/27 16:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:46:18 | 000,000,000 | ---D | C] -- C:\SG Interactive
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2011/12/27 16:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2011/12/27 16:42:18 | 000,000,000 | ---D | C] -- C:\Programme
[2011/12/27 16:31:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:19:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:18:12 | 000,117,760 | -H-- | C] (Skydaz) -- C:\Users\***\Desktop\Mod Tools v2.2.exe
[2011/12/27 16:18:10 | 000,925,696 | -H-- | C] (Georg Rottensteiner) -- C:\Users\***\Desktop\HitBlock.exe
[2011/12/27 16:18:10 | 000,388,608 | -H-- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis204.exe
[2011/12/27 16:18:09 | 000,684,032 | -H-- | C] (Wissen digital) -- C:\Users\***\Desktop\Führerschein.exe
[2011/12/27 16:18:06 | 003,095,040 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/27 16:18:02 | 002,904,064 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/27 16:17:42 | 001,236,480 | ---- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/27 16:17:40 | 001,953,792 | -H-- | C] ( g4bo) -- C:\Users\***\Desktop\CF_G4box.exe
[2011/12/27 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\***\CrossFire_1080
[2011/12/27 16:14:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ATI
[2011/12/27 16:14:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Power2Go
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\Searches
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/27 16:13:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:13:55 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts
[2011/12/27 16:13:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/27 16:13:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2011/12/27 16:13:42 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/27 16:13:42 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/12/27 16:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials 4
[2011/12/27 16:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2011/12/27 16:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2011/12/27 16:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2011/12/27 16:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/27 16:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/12/27 16:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/12/27 16:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/12/27 16:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/12/27 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/12/27 16:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/27 16:06:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/12/27 16:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/12/27 16:04:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/01 16:13:05 | 026,928,174 | ---- | M] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:06:25 | 002,992,284 | ---- | M] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2012/01/01 15:35:23 | 000,662,686 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/01 15:35:23 | 000,623,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/01 15:35:23 | 000,133,764 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/01 15:35:23 | 000,109,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/01 15:21:23 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/31 03:36:14 | 000,001,690 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011/12/31 01:54:11 | 000,058,360 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 17:01:58 | 000,000,869 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | M] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 16:32:21 | 000,278,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/28 15:03:37 | 000,001,586 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 02:56:22 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011/12/28 02:44:07 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:44:07 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 02:42:07 | 000,002,495 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | M] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:48:12 | 000,000,858 | ---- | M] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:03:11 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/12/27 16:53:03 | 000,001,545 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:48:05 | 000,000,849 | ---- | M] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:10:27 | 000,000,020 | ---- | M] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | M] () -- C:\Windows\DùR
[2011/12/27 15:22:37 | 016,257,873 | ---- | M] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/25 20:03:37 | 000,093,860 | ---- | M] () -- C:\Users\***\Documents\New.MMM
[2011/12/25 20:02:40 | 000,119,382 | ---- | M] () -- C:\Users\***\Documents\rock.MMM
[2011/12/25 11:37:48 | 000,000,371 | ---- | M] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/24 13:06:06 | 000,001,352 | ---- | M] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/23 15:22:44 | 001,236,480 | ---- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/23 14:47:28 | 002,904,064 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/23 14:46:52 | 003,095,040 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/19 15:14:42 | 000,036,864 | ---- | M] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/17 20:05:55 | 001,264,095 | ---- | M] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/16 15:09:51 | 000,000,053 | RH-- | M] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/14 16:41:30 | 536,435,153 | ---- | M] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 21:42:15 | 000,000,754 | -H-- | M] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/07 13:07:25 | 000,013,157 | -H-- | M] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/03 00:14:34 | 000,073,604 | -H-- | M] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/02 18:39:56 | 000,025,088 | ---- | M] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/01 16:08:54 | 026,928,174 | ---- | C] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:05:59 | 002,992,284 | ---- | C] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2011/12/31 02:04:14 | 000,000,371 | ---- | C] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/31 02:04:14 | 000,000,279 | ---- | C] () -- C:\Users\***\Desktop\AiO.ini
[2011/12/31 01:54:03 | 000,058,360 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 19:15:21 | 520,349,696 | ---- | C] () -- C:\Users\***\Desktop\ophcrack-vista-livecd-2.3.1.iso
[2011/12/30 17:01:58 | 000,000,869 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | C] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 23:58:09 | 000,036,864 | ---- | C] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/28 21:04:18 | 000,001,140 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011/12/28 15:03:37 | 000,001,586 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 14:20:57 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/12/28 14:20:05 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/12/28 14:20:00 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/12/28 02:56:22 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | C] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:05:08 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:05:07 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 00:49:44 | 000,000,858 | ---- | C] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:49:41 | 000,001,690 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/12/27 23:58:21 | 2415,321,088 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/27 17:30:38 | 000,231,252 | -H-- | C] () -- C:\Users\***\Documents\Unbenannt.png
[2011/12/27 17:30:38 | 000,119,382 | ---- | C] () -- C:\Users\***\Documents\rock.MMM
[2011/12/27 17:30:38 | 000,093,860 | ---- | C] () -- C:\Users\***\Documents\New.MMM
[2011/12/27 17:28:14 | 052,723,711 | -H-- | C] () -- C:\Users\***\Documents\IMAGE.iso
[2011/12/27 17:28:14 | 000,000,107 | -H-- | C] () -- C:\Users\***\Documents\gta sa 1.cht
[2011/12/27 17:28:13 | 016,257,873 | ---- | C] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/27 17:28:13 | 001,264,095 | ---- | C] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/27 17:27:53 | 000,036,134 | -H-- | C] () -- C:\Users\***\Documents\cc_20111101_194453.reg
[2011/12/27 17:27:52 | 011,481,072 | -H-- | C] () -- C:\Users\***\Documents\bfh.wmv
[2011/12/27 17:27:52 | 000,001,352 | ---- | C] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/27 17:27:48 | 140,388,356 | -H-- | C] () -- C:\Users\***\Documents\Absicherung vor Änderung der reg wegen Skype.reg
[2011/12/27 17:27:48 | 000,292,033 | -H-- | C] () -- C:\Users\***\Documents\20111103-5-ichbinschwerti.jpg
[2011/12/27 17:27:47 | 000,073,604 | -H-- | C] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/27 16:58:32 | 000,002,495 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/27 16:53:03 | 000,001,545 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:18:19 | 001,009,664 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.exe
[2011/12/27 16:18:19 | 000,001,669 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.ini
[2011/12/27 16:18:15 | 000,013,157 | -H-- | C] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,013,149 | -H-- | C] () -- C:\Users\***\Desktop\Spracherkennung starten - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,000,209 | -H-- | C] () -- C:\Users\***\Desktop\Team Fortress 2.url
[2011/12/27 16:18:15 | 000,000,072 | -H-- | C] () -- C:\Users\***\Desktop\taskmgr (2).cmd
[2011/12/27 16:18:14 | 003,171,328 | -H-- | C] () -- C:\Users\***\Desktop\RollerCoaster Tycoon.exe
[2011/12/27 16:18:12 | 000,001,785 | -H-- | C] () -- C:\Users\***\Desktop\Maus- und Tastatureinstellungen.lnk
[2011/12/27 16:18:12 | 000,000,720 | -H-- | C] () -- C:\Users\***\Desktop\MacroX.lnk
[2011/12/27 16:18:12 | 000,000,000 | -H-- | C] () -- C:\Users\***\Desktop\info.nfo
[2011/12/27 16:18:09 | 000,000,754 | -H-- | C] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/27 16:18:08 | 000,000,891 | -H-- | C] () -- C:\Users\***\Desktop\Eigene Musik.lnk
[2011/12/27 16:18:08 | 000,000,757 | -H-- | C] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk
[2011/12/27 16:17:43 | 536,435,153 | ---- | C] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/27 16:17:42 | 000,000,849 | ---- | C] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:17:42 | 000,000,053 | RH-- | C] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/27 16:17:40 | 000,001,035 | -H-- | C] () -- C:\Users\***\Desktop\Cheat Engine.lnk
[2011/12/27 16:14:05 | 000,001,417 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
[2011/08/19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 06:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/07/01 23:01:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/12 14:13:56 | 000,662,686 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/12 14:13:56 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/12 14:13:56 | 000,133,764 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/12 14:13:56 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/29 16:37:26 | 000,002,137 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/04/06 18:54:32 | 000,203,336 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,278,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,623,174 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,109,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== LOP Check ==========
 
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2009/07/14 05:53:46 | 000,011,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/12/27 16:31:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/30 01:24:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 19:17:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CyberLink
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:13:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:14:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010/06/30 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/28 02:55:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2009/07/14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Media Center Programs
[2011/12/31 00:13:27 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2012/01/01 16:37:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2011/12/27 18:41:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010/06/30 11:23:09 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/12/28 15:04:22 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011/09/23 13:04:06 | 001,341,376 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007/11/14 18:44:42 | 000,129,552 | ---- | M] (Promise Technology, Inc.) MD5=58CB1FA96B24DFE2196548E959B1996B -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2009/10/26 18:41:10 | 000,189,496 | ---- | M] (Advanced Micro Devices, Inc) MD5=6C27F0A964EA98F457CAAB9A47030538 -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\W7\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\drivers\iaStor.sys
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e8a55be84650e755\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys
[2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl2.sys
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys
[2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys
[2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2011/04/13 15:38:36 | 000,229,776 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\klogon.dll
[2009/07/14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
 
========== Files - Unicode (All) ==========
[2011/12/27 16:18:19 | 000,000,000 | -H-- | C] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt
[2011/09/13 23:06:17 | 000,000,000 | -H-- | M] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt

< End of report >

[/CODE]

cosinus · 02.01.2012, 12:33

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
FF - prefs.js..keyword.URL: "http://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

darkrider78 · 02.01.2012, 18:34

Hier das Log:

Code:

ATTFilter

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q=" removed from keyword.URL
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 8118 removed from network.proxy.http_port
Prefs.js: "127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: "127.0.0.1" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: "127.0.0.1" removed from network.proxy.ssl
Prefs.js: 8118 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File C:\Users\***\Desktop\patcher_cf.exe not found.
C:\Windows\põ‚ moved successfully.
C:\Windows\DùR moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: ***
->Temp folder emptied: 14312852 bytes
->Temporary Internet Files folder emptied: 23992236 bytes
->Java cache emptied: 8383236 bytes
->FireFox cache emptied: 40165227 bytes
->Flash cache emptied: 57317 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33436802 bytes
RecycleBin emptied: 37291606 bytes
 
Total Files Cleaned = 150.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01022012_182951

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus · 02.01.2012, 21:06

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

darkrider78 · 05.01.2012, 13:45

Hier der Log (mein Rechner ist noch langsamer geworden):

Code:

ATTFilter

13:37:11.0753 3228	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:37:11.0875 3228	============================================================
13:37:11.0875 3228	Current date / time: 2012/01/05 13:37:11.0875
13:37:11.0876 3228	SystemInfo:
13:37:11.0876 3228	
13:37:11.0876 3228	OS Version: 6.1.7601 ServicePack: 1.0
13:37:11.0876 3228	Product type: Workstation
13:37:11.0876 3228	ComputerName: TOBIAS-PC
13:37:11.0876 3228	UserName: Tobias
13:37:11.0876 3228	Windows directory: C:\Windows
13:37:11.0876 3228	System windows directory: C:\Windows
13:37:11.0877 3228	Processor architecture: Intel x86
13:37:11.0877 3228	Number of processors: 2
13:37:11.0877 3228	Page size: 0x1000
13:37:11.0877 3228	Boot type: Normal boot
13:37:11.0877 3228	============================================================
13:37:12.0440 3228	Initialize success
13:40:21.0334 4568	============================================================
13:40:21.0334 4568	Scan started
13:40:21.0334 4568	Mode: Manual; SigCheck; TDLFS; 
13:40:21.0334 4568	============================================================
13:40:23.0191 4568	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:40:23.0315 4568	1394ohci - ok
13:40:23.0347 4568	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:40:23.0362 4568	ACPI - ok
13:40:23.0378 4568	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:40:23.0471 4568	AcpiPmi - ok
13:40:23.0627 4568	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:23.0690 4568	adp94xx - ok
13:40:23.0721 4568	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:40:23.0737 4568	adpahci - ok
13:40:23.0768 4568	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:40:23.0783 4568	adpu320 - ok
13:40:23.0893 4568	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:40:23.0971 4568	AFD - ok
13:40:24.0017 4568	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:40:24.0033 4568	agp440 - ok
13:40:24.0127 4568	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:40:24.0158 4568	aic78xx - ok
13:40:24.0205 4568	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:40:24.0220 4568	aliide - ok
13:40:24.0251 4568	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:40:24.0267 4568	amdagp - ok
13:40:24.0361 4568	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:40:24.0376 4568	amdide - ok
13:40:24.0423 4568	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:40:24.0485 4568	AmdK8 - ok
13:40:24.0579 4568	amdkmdag        (51610b74a9a1d84dc86fce1019beaff4) C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:24.0735 4568	amdkmdag - ok
13:40:24.0829 4568	amdkmdap        (cd1d86ab81eece67d7bd6f7ef9786ccc) C:\Windows\system32\DRIVERS\atikmpag.sys
13:40:24.0891 4568	amdkmdap - ok
13:40:24.0922 4568	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:40:24.0953 4568	AmdPPM - ok
13:40:24.0985 4568	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:40:25.0031 4568	amdsata - ok
13:40:25.0094 4568	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:25.0125 4568	amdsbs - ok
13:40:25.0141 4568	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:40:25.0172 4568	amdxata - ok
13:40:25.0203 4568	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:40:25.0328 4568	AppID - ok
13:40:25.0375 4568	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:40:25.0390 4568	arc - ok
13:40:25.0531 4568	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:40:25.0577 4568	arcsas - ok
13:40:25.0624 4568	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:25.0718 4568	AsyncMac - ok
13:40:25.0874 4568	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:40:25.0905 4568	atapi - ok
13:40:25.0967 4568	AtiHdmiService  (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
13:40:25.0999 4568	AtiHdmiService - ok
13:40:26.0123 4568	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:40:26.0186 4568	b06bdrv - ok
13:40:26.0217 4568	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:40:26.0248 4568	b57nd60x - ok
13:40:26.0264 4568	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:40:26.0311 4568	Beep - ok
13:40:26.0435 4568	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:26.0482 4568	blbdrive - ok
13:40:26.0529 4568	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:40:26.0607 4568	bowser - ok
13:40:26.0638 4568	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:26.0685 4568	BrFiltLo - ok
13:40:26.0763 4568	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:26.0825 4568	BrFiltUp - ok
13:40:26.0857 4568	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:40:26.0888 4568	Brserid - ok
13:40:26.0919 4568	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:26.0966 4568	BrSerWdm - ok
13:40:27.0106 4568	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:27.0153 4568	BrUsbMdm - ok
13:40:27.0184 4568	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:27.0215 4568	BrUsbSer - ok
13:40:27.0231 4568	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:27.0262 4568	BTHMODEM - ok
13:40:27.0387 4568	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:40:27.0465 4568	cdfs - ok
13:40:27.0512 4568	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:40:27.0543 4568	cdrom - ok
13:40:27.0683 4568	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:40:27.0761 4568	circlass - ok
13:40:27.0777 4568	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:40:27.0824 4568	CLFS - ok
13:40:28.0027 4568	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:28.0105 4568	CmBatt - ok
13:40:28.0120 4568	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:40:28.0136 4568	cmdide - ok
13:40:28.0198 4568	CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:40:28.0245 4568	CNG - ok
13:40:28.0261 4568	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:40:28.0292 4568	Compbatt - ok
13:40:28.0354 4568	CompFilter      (bc6b87086ff0d99f87fe8af9a919a1e7) C:\Windows\system32\DRIVERS\lvbusflt.sys
13:40:28.0385 4568	CompFilter - ok
13:40:28.0526 4568	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:40:28.0604 4568	CompositeBus - ok
13:40:28.0635 4568	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:28.0651 4568	crcdisk - ok
13:40:28.0729 4568	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:40:28.0791 4568	DfsC - ok
13:40:28.0947 4568	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:40:28.0994 4568	discache - ok
13:40:29.0056 4568	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:40:29.0087 4568	Disk - ok
13:40:29.0150 4568	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:40:29.0181 4568	drmkaud - ok
13:40:29.0212 4568	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:40:29.0243 4568	DXGKrnl - ok
13:40:29.0321 4568	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:40:29.0399 4568	ebdrv - ok
13:40:29.0571 4568	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:40:29.0602 4568	elxstor - ok
13:40:29.0649 4568	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:40:29.0696 4568	ErrDev - ok
13:40:29.0743 4568	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:40:29.0774 4568	exfat - ok
13:40:29.0836 4568	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:40:29.0899 4568	fastfat - ok
13:40:29.0930 4568	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:40:29.0961 4568	fdc - ok
13:40:30.0023 4568	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:40:30.0039 4568	FileInfo - ok
13:40:30.0101 4568	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:40:30.0148 4568	Filetrace - ok
13:40:30.0179 4568	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:30.0211 4568	flpydisk - ok
13:40:30.0242 4568	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:40:30.0273 4568	FltMgr - ok
13:40:30.0304 4568	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:40:30.0320 4568	FsDepends - ok
13:40:30.0413 4568	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:40:30.0445 4568	Fs_Rec - ok
13:40:30.0476 4568	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:40:30.0523 4568	fvevol - ok
13:40:30.0569 4568	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:40:30.0585 4568	gagp30kx - ok
13:40:30.0616 4568	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:40:30.0647 4568	hcw85cir - ok
13:40:30.0725 4568	HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:40:30.0788 4568	HdAudAddService - ok
13:40:30.0835 4568	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:40:30.0897 4568	HDAudBus - ok
13:40:30.0928 4568	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:40:30.0975 4568	HidBatt - ok
13:40:31.0037 4568	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:40:31.0084 4568	HidBth - ok
13:40:31.0131 4568	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:40:31.0178 4568	HidIr - ok
13:40:31.0225 4568	HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
13:40:31.0271 4568	HidUsb - ok
13:40:31.0396 4568	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:40:31.0427 4568	HpSAMD - ok
13:40:31.0474 4568	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:40:31.0537 4568	HTTP - ok
13:40:31.0568 4568	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:40:31.0599 4568	hwpolicy - ok
13:40:31.0677 4568	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:40:31.0693 4568	i8042prt - ok
13:40:31.0724 4568	iaStor          (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:40:31.0755 4568	iaStor - ok
13:40:31.0786 4568	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:40:31.0802 4568	iaStorV - ok
13:40:32.0051 4568	igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:40:32.0161 4568	igfx - ok
13:40:32.0254 4568	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:40:32.0285 4568	iirsp - ok
13:40:32.0379 4568	IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
13:40:32.0441 4568	IntcAzAudAddService - ok
13:40:32.0488 4568	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:40:32.0535 4568	intelide - ok
13:40:32.0566 4568	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:40:32.0597 4568	intelppm - ok
13:40:32.0629 4568	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:32.0691 4568	IpFilterDriver - ok
13:40:32.0785 4568	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:40:32.0847 4568	IPMIDRV - ok
13:40:32.0878 4568	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:40:32.0956 4568	IPNAT - ok
13:40:33.0019 4568	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:40:33.0097 4568	IRENUM - ok
13:40:33.0143 4568	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:40:33.0175 4568	isapnp - ok
13:40:33.0190 4568	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:40:33.0221 4568	iScsiPrt - ok
13:40:33.0268 4568	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:40:33.0284 4568	kbdclass - ok
13:40:33.0315 4568	kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
13:40:33.0331 4568	kbdhid - ok
13:40:33.0424 4568	KL1             (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
13:40:33.0455 4568	KL1 - ok
13:40:33.0487 4568	kl2             (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
13:40:33.0487 4568	kl2 - ok
13:40:33.0533 4568	KLIF            (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
13:40:33.0549 4568	KLIF - ok
13:40:33.0596 4568	KLIM6           (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
13:40:33.0611 4568	KLIM6 - ok
13:40:33.0736 4568	klmouflt        (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
13:40:33.0752 4568	klmouflt - ok
13:40:33.0799 4568	KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:40:33.0830 4568	KSecDD - ok
13:40:33.0845 4568	KSecPkg         (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:40:33.0861 4568	KSecPkg - ok
13:40:33.0955 4568	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:40:34.0017 4568	lltdio - ok
13:40:34.0079 4568	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:40:34.0095 4568	LSI_FC - ok
13:40:34.0126 4568	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:40:34.0142 4568	LSI_SAS - ok
13:40:34.0204 4568	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:40:34.0235 4568	LSI_SAS2 - ok
13:40:34.0235 4568	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:40:34.0251 4568	LSI_SCSI - ok
13:40:34.0267 4568	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:40:34.0313 4568	luafv - ok
13:40:34.0438 4568	LVRS            (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
13:40:34.0485 4568	LVRS - ok
13:40:34.0625 4568	LVUVC           (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
13:40:34.0719 4568	LVUVC - ok
13:40:34.0969 4568	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:40:35.0015 4568	megasas - ok
13:40:35.0031 4568	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:40:35.0047 4568	MegaSR - ok
13:40:35.0078 4568	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:40:35.0109 4568	Modem - ok
13:40:35.0234 4568	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:40:35.0281 4568	monitor - ok
13:40:35.0327 4568	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:40:35.0359 4568	mouclass - ok
13:40:35.0390 4568	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:40:35.0421 4568	mouhid - ok
13:40:35.0515 4568	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:40:35.0546 4568	mountmgr - ok
13:40:35.0561 4568	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:40:35.0577 4568	mpio - ok
13:40:35.0624 4568	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:40:35.0686 4568	mpsdrv - ok
13:40:35.0733 4568	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:40:35.0780 4568	MRxDAV - ok
13:40:35.0889 4568	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:35.0936 4568	mrxsmb - ok
13:40:35.0967 4568	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:36.0014 4568	mrxsmb10 - ok
13:40:36.0029 4568	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:36.0061 4568	mrxsmb20 - ok
13:40:36.0201 4568	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:40:36.0232 4568	msahci - ok
13:40:36.0248 4568	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:40:36.0279 4568	msdsm - ok
13:40:36.0295 4568	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:40:36.0341 4568	Msfs - ok
13:40:36.0404 4568	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:40:36.0466 4568	mshidkmdf - ok
13:40:36.0497 4568	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:40:36.0513 4568	msisadrv - ok
13:40:36.0544 4568	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:40:36.0575 4568	MSKSSRV - ok
13:40:36.0653 4568	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:36.0731 4568	MSPCLOCK - ok
13:40:36.0747 4568	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:40:36.0778 4568	MSPQM - ok
13:40:36.0825 4568	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:40:36.0841 4568	MsRPC - ok
13:40:36.0919 4568	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:40:36.0950 4568	mssmbios - ok
13:40:36.0997 4568	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:40:37.0028 4568	MSTEE - ok
13:40:37.0059 4568	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:40:37.0121 4568	MTConfig - ok
13:40:37.0231 4568	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:40:37.0262 4568	Mup - ok
13:40:37.0309 4568	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:40:37.0355 4568	NativeWifiP - ok
13:40:37.0387 4568	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:40:37.0402 4568	NDIS - ok
13:40:37.0511 4568	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:40:37.0589 4568	NdisCap - ok
13:40:37.0636 4568	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:37.0699 4568	NdisTapi - ok
13:40:37.0792 4568	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:37.0855 4568	Ndisuio - ok
13:40:37.0917 4568	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:37.0995 4568	NdisWan - ok
13:40:38.0042 4568	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:40:38.0104 4568	NDProxy - ok
13:40:38.0182 4568	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:40:38.0245 4568	NetBIOS - ok
13:40:38.0276 4568	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:40:38.0323 4568	NetBT - ok
13:40:38.0385 4568	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:40:38.0401 4568	nfrd960 - ok
13:40:38.0479 4568	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:40:38.0525 4568	Npfs - ok
13:40:38.0557 4568	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:40:38.0588 4568	nsiproxy - ok
13:40:38.0650 4568	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:40:38.0697 4568	Ntfs - ok
13:40:38.0775 4568	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:40:38.0837 4568	Null - ok
13:40:38.0869 4568	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:40:38.0884 4568	nvraid - ok
13:40:38.0900 4568	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:40:38.0915 4568	nvstor - ok
13:40:38.0947 4568	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:40:38.0962 4568	nv_agp - ok
13:40:39.0040 4568	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:40:39.0103 4568	ohci1394 - ok
13:40:39.0134 4568	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:40:39.0181 4568	Parport - ok
13:40:39.0212 4568	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:40:39.0243 4568	partmgr - ok
13:40:39.0337 4568	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:40:39.0399 4568	Parvdm - ok
13:40:39.0430 4568	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:40:39.0446 4568	pci - ok
13:40:39.0461 4568	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:40:39.0477 4568	pciide - ok
13:40:39.0508 4568	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:40:39.0524 4568	pcmcia - ok
13:40:39.0539 4568	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:40:39.0555 4568	pcw - ok
13:40:39.0633 4568	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:40:39.0695 4568	PEAUTH - ok
13:40:39.0742 4568	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:40:39.0789 4568	PptpMiniport - ok
13:40:39.0836 4568	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:40:39.0867 4568	Processor - ok
13:40:39.0976 4568	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:40:40.0039 4568	Psched - ok
13:40:40.0101 4568	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:40:40.0148 4568	ql2300 - ok
13:40:40.0163 4568	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:40:40.0179 4568	ql40xx - ok
13:40:40.0273 4568	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:40:40.0335 4568	QWAVEdrv - ok
13:40:40.0351 4568	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:40:40.0397 4568	RasAcd - ok
13:40:40.0475 4568	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:40:40.0553 4568	RasAgileVpn - ok
13:40:40.0631 4568	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:40:40.0694 4568	Rasl2tp - ok
13:40:40.0725 4568	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:40:40.0772 4568	RasPppoe - ok
13:40:40.0787 4568	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:40:40.0850 4568	RasSstp - ok
13:40:41.0193 4568	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:40:41.0240 4568	rdbss - ok
13:40:41.0302 4568	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:40:41.0365 4568	rdpbus - ok
13:40:41.0443 4568	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:40:41.0521 4568	RDPCDD - ok
13:40:41.0599 4568	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:40:41.0645 4568	RDPENCDD - ok
13:40:41.0677 4568	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:40:41.0723 4568	RDPREFMP - ok
13:40:41.0786 4568	RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:40:41.0864 4568	RDPWD - ok
13:40:41.0895 4568	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:40:41.0911 4568	rdyboost - ok
13:40:41.0989 4568	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:40:42.0067 4568	rspndr - ok
13:40:42.0113 4568	RTL8167         (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:40:42.0160 4568	RTL8167 - ok
13:40:42.0207 4568	RTL8192su       (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys
13:40:42.0223 4568	RTL8192su - ok
13:40:42.0301 4568	SbieDrv         (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Programme\Sandboxie\SbieDrv.sys
13:40:42.0347 4568	SbieDrv - ok
13:40:42.0472 4568	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:40:42.0519 4568	sbp2port - ok
13:40:42.0550 4568	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:40:42.0613 4568	scfilter - ok
13:40:42.0722 4568	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:40:42.0769 4568	secdrv - ok
13:40:42.0800 4568	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:40:42.0831 4568	Serenum - ok
13:40:42.0878 4568	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:40:42.0925 4568	Serial - ok
13:40:43.0003 4568	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:40:43.0049 4568	sermouse - ok
13:40:43.0081 4568	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:40:43.0112 4568	sffdisk - ok
13:40:43.0127 4568	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:40:43.0159 4568	sffp_mmc - ok
13:40:43.0174 4568	sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
13:40:43.0221 4568	sffp_sd - ok
13:40:43.0486 4568	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:40:43.0549 4568	sfloppy - ok
13:40:43.0658 4568	Sftfs           (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:40:43.0689 4568	Sftfs - ok
13:40:43.0751 4568	Sftplay         (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:40:43.0798 4568	Sftplay - ok
13:40:43.0814 4568	Sftredir        (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:40:43.0829 4568	Sftredir - ok
13:40:43.0892 4568	Sftvol          (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:40:43.0923 4568	Sftvol - ok
13:40:43.0970 4568	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:40:44.0017 4568	sisagp - ok
13:40:44.0063 4568	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:40:44.0079 4568	SiSRaid2 - ok
13:40:44.0157 4568	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:40:44.0204 4568	SiSRaid4 - ok
13:40:44.0251 4568	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:40:44.0282 4568	Smb - ok
13:40:44.0329 4568	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:40:44.0344 4568	spldr - ok
13:40:44.0438 4568	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:40:44.0500 4568	srv - ok
13:40:44.0531 4568	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:40:44.0594 4568	srv2 - ok
13:40:44.0625 4568	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:40:44.0656 4568	srvnet - ok
13:40:44.0812 4568	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:40:44.0843 4568	stexstor - ok
13:40:44.0999 4568	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:40:45.0031 4568	swenum - ok
13:40:45.0187 4568	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:40:45.0233 4568	Tcpip - ok
13:40:45.0265 4568	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:40:45.0296 4568	TCPIP6 - ok
13:40:45.0311 4568	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:40:45.0343 4568	tcpipreg - ok
13:40:45.0389 4568	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:40:45.0467 4568	TDPIPE - ok
13:40:45.0530 4568	TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:40:45.0608 4568	TDTCP - ok
13:40:45.0655 4568	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:40:45.0701 4568	tdx - ok
13:40:45.0748 4568	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:40:45.0779 4568	TermDD - ok
13:40:45.0998 4568	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:40:46.0076 4568	tssecsrv - ok
13:40:46.0123 4568	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:40:46.0169 4568	TsUsbFlt - ok
13:40:46.0294 4568	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:40:46.0357 4568	tunnel - ok
13:40:46.0388 4568	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:40:46.0403 4568	uagp35 - ok
13:40:46.0435 4568	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:40:46.0513 4568	udfs - ok
13:40:46.0669 4568	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:40:46.0700 4568	uliagpkx - ok
13:40:46.0731 4568	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:40:46.0762 4568	umbus - ok
13:40:46.0778 4568	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:40:46.0809 4568	UmPass - ok
13:40:47.0012 4568	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:40:47.0105 4568	usbaudio - ok
13:40:47.0293 4568	usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:40:47.0355 4568	usbccgp - ok
13:40:47.0402 4568	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:40:47.0433 4568	usbcir - ok
13:40:47.0542 4568	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:40:47.0605 4568	usbehci - ok
13:40:47.0651 4568	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:40:47.0714 4568	usbhub - ok
13:40:47.0870 4568	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:40:47.0932 4568	usbohci - ok
13:40:47.0995 4568	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:40:48.0057 4568	usbprint - ok
13:40:48.0229 4568	USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:40:48.0291 4568	USBSTOR - ok
13:40:48.0338 4568	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:40:48.0385 4568	usbuhci - ok
13:40:48.0431 4568	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:40:48.0478 4568	usbvideo - ok
13:40:48.0509 4568	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:40:48.0525 4568	vdrvroot - ok
13:40:48.0572 4568	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:40:48.0634 4568	vga - ok
13:40:48.0665 4568	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:40:48.0697 4568	VgaSave - ok
13:40:48.0728 4568	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:40:48.0743 4568	vhdmp - ok
13:40:48.0790 4568	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:40:48.0837 4568	viaagp - ok
13:40:48.0884 4568	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:40:48.0915 4568	ViaC7 - ok
13:40:48.0962 4568	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:40:48.0977 4568	viaide - ok
13:40:48.0993 4568	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:40:49.0009 4568	volmgr - ok
13:40:49.0040 4568	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:40:49.0087 4568	volmgrx - ok
13:40:49.0149 4568	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:40:49.0180 4568	volsnap - ok
13:40:49.0211 4568	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:40:49.0227 4568	vsmraid - ok
13:40:49.0243 4568	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:40:49.0274 4568	vwifibus - ok
13:40:49.0305 4568	vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:40:49.0336 4568	vwififlt - ok
13:40:49.0523 4568	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:40:49.0586 4568	WacomPen - ok
13:40:49.0664 4568	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0726 4568	WANARP - ok
13:40:49.0726 4568	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0757 4568	Wanarpv6 - ok
13:40:49.0867 4568	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:40:49.0898 4568	Wd - ok
13:40:50.0023 4568	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:40:50.0054 4568	Wdf01000 - ok
13:40:50.0132 4568	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:40:50.0179 4568	WfpLwf - ok
13:40:50.0257 4568	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:40:50.0288 4568	WIMMount - ok
13:40:50.0335 4568	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:40:50.0366 4568	WmiAcpi - ok
13:40:50.0397 4568	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:40:50.0444 4568	ws2ifsl - ok
13:40:50.0491 4568	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:40:50.0522 4568	WudfPf - ok
13:40:50.0600 4568	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:40:50.0647 4568	WUDFRd - ok
13:40:50.0678 4568	XDva391 - ok
13:40:50.0709 4568	MBR (0x1B8)     (4624822e540ec83cd0819525c65846ba) \Device\Harddisk0\DR0
13:40:51.0395 4568	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:40:51.0395 4568	\Device\Harddisk0\DR0 - detected TDSS File System (1)
13:40:51.0411 4568	Boot (0x1200)   (e4598dd304b5c05e27e3c867efb0eb0c) \Device\Harddisk0\DR0\Partition0
13:40:51.0411 4568	\Device\Harddisk0\DR0\Partition0 - ok
13:40:51.0427 4568	Boot (0x1200)   (046bbd7303f14eb983a3f0c302651470) \Device\Harddisk0\DR0\Partition1
13:40:51.0442 4568	\Device\Harddisk0\DR0\Partition1 - ok
13:40:51.0473 4568	Boot (0x1200)   (376b50b18dd730f4a63e4b8227f4638c) \Device\Harddisk0\DR0\Partition2
13:40:51.0473 4568	\Device\Harddisk0\DR0\Partition2 - ok
13:40:51.0473 4568	============================================================
13:40:51.0473 4568	Scan finished
13:40:51.0473 4568	============================================================
13:40:51.0489 4236	Detected object count: 1
13:40:51.0489 4236	Actual detected object count: 1
13:41:45.0902 4236	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:41:45.0902 4236	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
13:41:52.0781 4360	============================================================
13:41:52.0781 4360	Scan started
13:41:52.0781 4360	Mode: Manual; SigCheck; TDLFS; 
13:41:52.0781 4360	============================================================
13:41:53.0156 4360	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:41:53.0203 4360	1394ohci - ok
13:41:53.0234 4360	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:41:53.0249 4360	ACPI - ok
13:41:53.0281 4360	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:41:53.0296 4360	AcpiPmi - ok
13:41:53.0390 4360	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:41:53.0437 4360	adp94xx - ok
13:41:53.0437 4360	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:41:53.0452 4360	adpahci - ok
13:41:53.0483 4360	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:41:53.0499 4360	adpu320 - ok
13:41:53.0530 4360	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:41:53.0546 4360	AFD - ok
13:41:53.0624 4360	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:41:53.0639 4360	agp440 - ok
13:41:53.0671 4360	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:41:53.0686 4360	aic78xx - ok
13:41:53.0717 4360	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:41:53.0733 4360	aliide - ok
13:41:53.0749 4360	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:41:53.0764 4360	amdagp - ok
13:41:53.0780 4360	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:41:53.0795 4360	amdide - ok
13:41:53.0811 4360	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:41:53.0811 4360	AmdK8 - ok
13:41:53.0936 4360	amdkmdag        (51610b74a9a1d84dc86fce1019beaff4) C:\Windows\system32\DRIVERS\atikmdag.sys
13:41:53.0998 4360	amdkmdag - ok
13:41:54.0061 4360	amdkmdap        (cd1d86ab81eece67d7bd6f7ef9786ccc) C:\Windows\system32\DRIVERS\atikmpag.sys
13:41:54.0076 4360	amdkmdap - ok
13:41:54.0107 4360	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:41:54.0123 4360	AmdPPM - ok
13:41:54.0154 4360	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:41:54.0170 4360	amdsata - ok
13:41:54.0185 4360	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:41:54.0201 4360	amdsbs - ok
13:41:54.0263 4360	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:41:54.0279 4360	amdxata - ok
13:41:54.0326 4360	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:41:54.0373 4360	AppID - ok
13:41:54.0388 4360	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:41:54.0404 4360	arc - ok
13:41:54.0419 4360	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:41:54.0435 4360	arcsas - ok
13:41:54.0451 4360	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:41:54.0482 4360	AsyncMac - ok
13:41:54.0497 4360	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:41:54.0513 4360	atapi - ok
13:41:54.0591 4360	AtiHdmiService  (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
13:41:54.0607 4360	AtiHdmiService - ok
13:41:54.0638 4360	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:41:54.0653 4360	b06bdrv - ok
13:41:54.0669 4360	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:41:54.0685 4360	b57nd60x - ok
13:41:54.0700 4360	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:41:54.0731 4360	Beep - ok
13:41:54.0763 4360	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:41:54.0778 4360	blbdrive - ok
13:41:54.0841 4360	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:41:54.0856 4360	bowser - ok
13:41:54.0872 4360	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:41:54.0887 4360	BrFiltLo - ok
13:41:54.0903 4360	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:41:54.0919 4360	BrFiltUp - ok
13:41:54.0950 4360	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:41:54.0965 4360	Brserid - ok
13:41:54.0981 4360	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:41:54.0997 4360	BrSerWdm - ok
13:41:55.0075 4360	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:41:55.0106 4360	BrUsbMdm - ok
13:41:55.0137 4360	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:41:55.0153 4360	BrUsbSer - ok
13:41:55.0168 4360	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:41:55.0184 4360	BTHMODEM - ok
13:41:55.0199 4360	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:41:55.0231 4360	cdfs - ok
13:41:55.0262 4360	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:41:55.0277 4360	cdrom - ok
13:41:55.0340 4360	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:41:55.0355 4360	circlass - ok
13:41:55.0387 4360	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:41:55.0402 4360	CLFS - ok
13:41:55.0433 4360	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:41:55.0449 4360	CmBatt - ok
13:41:55.0465 4360	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:41:55.0480 4360	cmdide - ok
13:41:55.0496 4360	CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:41:55.0511 4360	CNG - ok
13:41:55.0589 4360	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:41:55.0605 4360	Compbatt - ok
13:41:55.0636 4360	CompFilter      (bc6b87086ff0d99f87fe8af9a919a1e7) C:\Windows\system32\DRIVERS\lvbusflt.sys
13:41:55.0652 4360	CompFilter - ok
13:41:55.0683 4360	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:41:55.0699 4360	CompositeBus - ok
13:41:55.0730 4360	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:41:55.0745 4360	crcdisk - ok
13:41:55.0792 4360	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:41:55.0808 4360	DfsC - ok
13:41:55.0870 4360	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:41:55.0901 4360	discache - ok
13:41:55.0917 4360	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:41:55.0933 4360	Disk - ok
13:41:55.0964 4360	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:41:55.0979 4360	drmkaud - ok
13:41:56.0011 4360	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:41:56.0042 4360	DXGKrnl - ok
13:41:56.0104 4360	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:41:56.0151 4360	ebdrv - ok
13:41:56.0213 4360	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:41:56.0229 4360	elxstor - ok
13:41:56.0260 4360	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:41:56.0276 4360	ErrDev - ok
13:41:56.0307 4360	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:41:56.0323 4360	exfat - ok
13:41:56.0338 4360	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:41:56.0354 4360	fastfat - ok
13:41:56.0385 4360	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:41:56.0401 4360	fdc - ok
13:41:56.0479 4360	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:41:56.0494 4360	FileInfo - ok
13:41:56.0510 4360	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:41:56.0525 4360	Filetrace - ok
13:41:56.0557 4360	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:41:56.0572 4360	flpydisk - ok
13:41:56.0588 4360	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:41:56.0603 4360	FltMgr - ok
13:41:56.0619 4360	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:41:56.0635 4360	FsDepends - ok
13:41:56.0650 4360	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:41:56.0666 4360	Fs_Rec - ok
13:41:56.0697 4360	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:41:56.0713 4360	fvevol - ok
13:41:56.0791 4360	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:41:56.0822 4360	gagp30kx - ok
13:41:56.0837 4360	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:41:56.0853 4360	hcw85cir - ok
13:41:56.0869 4360	HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:41:56.0900 4360	HdAudAddService - ok
13:41:56.0931 4360	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:41:56.0947 4360	HDAudBus - ok
13:41:57.0025 4360	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:41:57.0056 4360	HidBatt - ok
13:41:57.0071 4360	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:41:57.0087 4360	HidBth - ok
13:41:57.0103 4360	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:41:57.0118 4360	HidIr - ok
13:41:57.0134 4360	HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
13:41:57.0149 4360	HidUsb - ok
13:41:57.0181 4360	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:41:57.0196 4360	HpSAMD - ok
13:41:57.0227 4360	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:41:57.0259 4360	HTTP - ok
13:41:57.0337 4360	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:41:57.0368 4360	hwpolicy - ok
13:41:57.0383 4360	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:41:57.0399 4360	i8042prt - ok
13:41:57.0430 4360	iaStor          (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:41:57.0446 4360	iaStor - ok
13:41:57.0477 4360	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:41:57.0493 4360	iaStorV - ok
13:41:57.0586 4360	igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:41:57.0649 4360	igfx - ok
13:41:57.0711 4360	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:41:57.0742 4360	iirsp - ok
13:41:57.0820 4360	IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
13:41:57.0851 4360	IntcAzAudAddService - ok
13:41:57.0883 4360	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:41:57.0898 4360	intelide - ok
13:41:57.0914 4360	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:41:57.0929 4360	intelppm - ok
13:41:57.0992 4360	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:58.0039 4360	IpFilterDriver - ok
13:41:58.0070 4360	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:41:58.0085 4360	IPMIDRV - ok
13:41:58.0101 4360	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:41:58.0132 4360	IPNAT - ok
13:41:58.0148 4360	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:41:58.0163 4360	IRENUM - ok
13:41:58.0179 4360	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:41:58.0195 4360	isapnp - ok
13:41:58.0210 4360	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:41:58.0226 4360	iScsiPrt - ok
13:41:58.0288 4360	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:41:58.0319 4360	kbdclass - ok
13:41:58.0351 4360	kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
13:41:58.0366 4360	kbdhid - ok
13:41:58.0397 4360	KL1             (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
13:41:58.0413 4360	KL1 - ok
13:41:58.0429 4360	kl2             (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
13:41:58.0444 4360	kl2 - ok
13:41:58.0522 4360	KLIF            (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
13:41:58.0553 4360	KLIF - ok
13:41:58.0569 4360	KLIM6           (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
13:41:58.0585 4360	KLIM6 - ok
13:41:58.0600 4360	klmouflt        (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
13:41:58.0600 4360	klmouflt - ok
13:41:58.0631 4360	KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:41:58.0647 4360	KSecDD - ok
13:41:58.0678 4360	KSecPkg         (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:41:58.0678 4360	KSecPkg - ok
13:41:58.0756 4360	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:41:58.0819 4360	lltdio - ok
13:41:58.0834 4360	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:41:58.0850 4360	LSI_FC - ok
13:41:58.0881 4360	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:41:58.0897 4360	LSI_SAS - ok
13:41:58.0928 4360	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:41:58.0943 4360	LSI_SAS2 - ok
13:41:58.0959 4360	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:41:58.0975 4360	LSI_SCSI - ok
13:41:59.0021 4360	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:41:59.0068 4360	luafv - ok
13:41:59.0099 4360	LVRS            (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
13:41:59.0115 4360	LVRS - ok
13:41:59.0193 4360	LVUVC           (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
13:41:59.0255 4360	LVUVC - ok
13:41:59.0287 4360	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:41:59.0302 4360	megasas - ok
13:41:59.0365 4360	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:41:59.0396 4360	MegaSR - ok
13:41:59.0458 4360	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:41:59.0489 4360	Modem - ok
13:41:59.0536 4360	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:41:59.0567 4360	monitor - ok
13:41:59.0599 4360	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:41:59.0614 4360	mouclass - ok
13:41:59.0630 4360	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:41:59.0661 4360	mouhid - ok
13:41:59.0692 4360	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:41:59.0708 4360	mountmgr - ok
13:41:59.0755 4360	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:41:59.0786 4360	mpio - ok
13:41:59.0817 4360	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:41:59.0864 4360	mpsdrv - ok
13:41:59.0895 4360	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:41:59.0911 4360	MRxDAV - ok
13:41:59.0942 4360	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:59.0957 4360	mrxsmb - ok
13:42:00.0004 4360	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:00.0020 4360	mrxsmb10 - ok
13:42:00.0035 4360	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:00.0051 4360	mrxsmb20 - ok
13:42:00.0098 4360	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:42:00.0113 4360	msahci - ok
13:42:00.0129 4360	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:42:00.0145 4360	msdsm - ok
13:42:00.0176 4360	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:42:00.0191 4360	Msfs - ok
13:42:00.0238 4360	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:42:00.0269 4360	mshidkmdf - ok
13:42:00.0285 4360	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:42:00.0301 4360	msisadrv - ok
13:42:00.0316 4360	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:42:00.0347 4360	MSKSSRV - ok
13:42:00.0363 4360	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:00.0394 4360	MSPCLOCK - ok
13:42:00.0394 4360	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:42:00.0425 4360	MSPQM - ok
13:42:00.0441 4360	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:42:00.0457 4360	MsRPC - ok
13:42:00.0472 4360	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:42:00.0488 4360	mssmbios - ok
13:42:00.0535 4360	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:42:00.0566 4360	MSTEE - ok
13:42:00.0597 4360	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:42:00.0597 4360	MTConfig - ok
13:42:00.0628 4360	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:42:00.0644 4360	Mup - ok
13:42:00.0659 4360	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:42:00.0675 4360	NativeWifiP - ok
13:42:00.0722 4360	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:42:00.0737 4360	NDIS - ok
13:42:00.0815 4360	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:00.0878 4360	NdisCap - ok
13:42:00.0893 4360	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:00.0909 4360	NdisTapi - ok
13:42:00.0940 4360	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:00.0971 4360	Ndisuio - ok
13:42:00.0987 4360	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:01.0018 4360	NdisWan - ok
13:42:01.0081 4360	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:42:01.0127 4360	NDProxy - ok
13:42:01.0143 4360	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:42:01.0190 4360	NetBIOS - ok
13:42:01.0221 4360	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:42:01.0237 4360	NetBT - ok
13:42:01.0283 4360	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:42:01.0299 4360	nfrd960 - ok
13:42:01.0315 4360	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:42:01.0346 4360	Npfs - ok
13:42:01.0361 4360	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:42:01.0377 4360	nsiproxy - ok
13:42:01.0486 4360	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:42:01.0517 4360	Ntfs - ok
13:42:01.0549 4360	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:42:01.0580 4360	Null - ok
13:42:01.0595 4360	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:42:01.0611 4360	nvraid - ok
13:42:01.0642 4360	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:42:01.0642 4360	nvstor - ok
13:42:01.0658 4360	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:42:01.0673 4360	nv_agp - ok
13:42:01.0751 4360	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:42:01.0783 4360	ohci1394 - ok
13:42:01.0814 4360	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:42:01.0829 4360	Parport - ok
13:42:01.0861 4360	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:42:01.0876 4360	partmgr - ok
13:42:01.0892 4360	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:42:01.0907 4360	Parvdm - ok
13:42:01.0939 4360	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:42:01.0954 4360	pci - ok
13:42:02.0001 4360	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:42:02.0032 4360	pciide - ok
13:42:02.0063 4360	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:42:02.0079 4360	pcmcia - ok
13:42:02.0095 4360	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:42:02.0110 4360	pcw - ok
13:42:02.0141 4360	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:42:02.0173 4360	PEAUTH - ok
13:42:02.0219 4360	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:42:02.0235 4360	PptpMiniport - ok
13:42:02.0251 4360	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:42:02.0266 4360	Processor - ok
13:42:02.0344 4360	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:42:02.0391 4360	Psched - ok
13:42:02.0422 4360	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:42:02.0453 4360	ql2300 - ok
13:42:02.0485 4360	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:42:02.0500 4360	ql40xx - ok
13:42:02.0547 4360	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:42:02.0563 4360	QWAVEdrv - ok
13:42:02.0578 4360	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:42:02.0609 4360	RasAcd - ok
13:42:02.0672 4360	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:02.0719 4360	RasAgileVpn - ok
13:42:02.0734 4360	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:02.0765 4360	Rasl2tp - ok
13:42:02.0781 4360	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:02.0812 4360	RasPppoe - ok
13:42:02.0828 4360	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:42:02.0859 4360	RasSstp - ok
13:42:02.0875 4360	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:42:02.0906 4360	rdbss - ok
13:42:02.0968 4360	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:42:02.0999 4360	rdpbus - ok
13:42:03.0031 4360	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:03.0062 4360	RDPCDD - ok
13:42:03.0093 4360	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:42:03.0124 4360	RDPENCDD - ok
13:42:03.0140 4360	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:42:03.0155 4360	RDPREFMP - ok
13:42:03.0202 4360	RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:42:03.0218 4360	RDPWD - ok
13:42:03.0296 4360	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:42:03.0311 4360	rdyboost - ok
13:42:03.0358 4360	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:42:03.0374 4360	rspndr - ok
13:42:03.0405 4360	RTL8167         (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:42:03.0421 4360	RTL8167 - ok
13:42:03.0452 4360	RTL8192su       (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys
13:42:03.0467 4360	RTL8192su - ok
13:42:03.0530 4360	SbieDrv         (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Programme\Sandboxie\SbieDrv.sys
13:42:03.0561 4360	SbieDrv - ok
13:42:03.0655 4360	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:42:03.0670 4360	sbp2port - ok
13:42:03.0701 4360	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:42:03.0733 4360	scfilter - ok
13:42:03.0779 4360	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:42:03.0795 4360	secdrv - ok
13:42:03.0826 4360	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:42:03.0842 4360	Serenum - ok
13:42:03.0857 4360	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:42:03.0873 4360	Serial - ok
13:42:03.0951 4360	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:42:03.0951 4360	sermouse - ok
13:42:03.0982 4360	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:42:03.0998 4360	sffdisk - ok
13:42:04.0013 4360	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:42:04.0029 4360	sffp_mmc - ok
13:42:04.0060 4360	sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
13:42:04.0060 4360	sffp_sd - ok
13:42:04.0091 4360	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:42:04.0107 4360	sfloppy - ok
13:42:04.0201 4360	Sftfs           (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:42:04.0232 4360	Sftfs - ok
13:42:04.0279 4360	Sftplay         (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:42:04.0310 4360	Sftplay - ok
13:42:04.0326 4360	Sftredir        (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:42:04.0341 4360	Sftredir - ok
13:42:04.0357 4360	Sftvol          (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:42:04.0357 4360	Sftvol - ok
13:42:04.0404 4360	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:42:04.0419 4360	sisagp - ok
13:42:04.0497 4360	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:42:04.0513 4360	SiSRaid2 - ok
13:42:04.0544 4360	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:42:04.0575 4360	SiSRaid4 - ok
13:42:04.0591 4360	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:42:04.0622 4360	Smb - ok
13:42:04.0653 4360	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:42:04.0669 4360	spldr - ok
13:42:04.0700 4360	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:42:04.0716 4360	srv - ok
13:42:04.0778 4360	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:42:04.0809 4360	srv2 - ok
13:42:04.0825 4360	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:42:04.0840 4360	srvnet - ok
13:42:04.0872 4360	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:42:04.0887 4360	stexstor - ok
13:42:04.0934 4360	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:42:04.0950 4360	swenum - ok
13:42:05.0059 4360	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:42:05.0090 4360	Tcpip - ok
13:42:05.0121 4360	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:42:05.0137 4360	TCPIP6 - ok
13:42:05.0168 4360	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:42:05.0199 4360	tcpipreg - ok
13:42:05.0230 4360	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:42:05.0262 4360	TDPIPE - ok
13:42:05.0262 4360	TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:42:05.0293 4360	TDTCP - ok
13:42:05.0324 4360	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:42:05.0355 4360	tdx - ok
13:42:05.0433 4360	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:42:05.0449 4360	TermDD - ok
13:42:05.0496 4360	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:42:05.0527 4360	tssecsrv - ok
13:42:05.0558 4360	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:42:05.0574 4360	TsUsbFlt - ok
13:42:05.0589 4360	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:42:05.0620 4360	tunnel - ok
13:42:05.0683 4360	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:42:05.0714 4360	uagp35 - ok
13:42:05.0745 4360	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:42:05.0776 4360	udfs - ok
13:42:05.0823 4360	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:42:05.0823 4360	uliagpkx - ok
13:42:05.0854 4360	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:42:05.0854 4360	umbus - ok
13:42:05.0886 4360	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:42:05.0901 4360	UmPass - ok
13:42:05.0917 4360	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:42:05.0932 4360	usbaudio - ok
13:42:06.0010 4360	usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:42:06.0026 4360	usbccgp - ok
13:42:06.0057 4360	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:42:06.0073 4360	usbcir - ok
13:42:06.0088 4360	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:42:06.0104 4360	usbehci - ok
13:42:06.0120 4360	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:42:06.0135 4360	usbhub - ok
13:42:06.0151 4360	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:42:06.0166 4360	usbohci - ok
13:42:06.0198 4360	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:42:06.0213 4360	usbprint - ok
13:42:06.0291 4360	USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:42:06.0338 4360	USBSTOR - ok
13:42:06.0354 4360	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:42:06.0369 4360	usbuhci - ok
13:42:06.0385 4360	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:42:06.0400 4360	usbvideo - ok
13:42:06.0416 4360	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:42:06.0432 4360	vdrvroot - ok
13:42:06.0447 4360	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:42:06.0463 4360	vga - ok
13:42:06.0525 4360	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:42:06.0572 4360	VgaSave - ok
13:42:06.0603 4360	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:42:06.0619 4360	vhdmp - ok
13:42:06.0634 4360	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:42:06.0650 4360	viaagp - ok
13:42:06.0681 4360	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:42:06.0697 4360	ViaC7 - ok
13:42:06.0759 4360	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:42:06.0790 4360	viaide - ok
13:42:06.0806 4360	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:42:06.0822 4360	volmgr - ok
13:42:06.0853 4360	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:42:06.0868 4360	volmgrx - ok
13:42:06.0900 4360	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:42:06.0931 4360	volsnap - ok
13:42:06.0993 4360	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:42:07.0009 4360	vsmraid - ok
13:42:07.0024 4360	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:42:07.0040 4360	vwifibus - ok
13:42:07.0056 4360	vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:42:07.0087 4360	vwififlt - ok
13:42:07.0118 4360	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:42:07.0118 4360	WacomPen - ok
13:42:07.0149 4360	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:07.0165 4360	WANARP - ok
13:42:07.0180 4360	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:07.0196 4360	Wanarpv6 - ok
13:42:07.0274 4360	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:42:07.0305 4360	Wd - ok
13:42:07.0321 4360	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:42:07.0352 4360	Wdf01000 - ok
13:42:07.0383 4360	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:42:07.0414 4360	WfpLwf - ok
13:42:07.0430 4360	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:42:07.0446 4360	WIMMount - ok
13:42:07.0477 4360	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:42:07.0492 4360	WmiAcpi - ok
13:42:07.0570 4360	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:42:07.0602 4360	ws2ifsl - ok
13:42:07.0648 4360	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:42:07.0664 4360	WudfPf - ok
13:42:07.0680 4360	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:42:07.0711 4360	WUDFRd - ok
13:42:07.0742 4360	XDva391 - ok
13:42:07.0773 4360	MBR (0x1B8)     (4624822e540ec83cd0819525c65846ba) \Device\Harddisk0\DR0
13:42:08.0397 4360	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:42:08.0397 4360	\Device\Harddisk0\DR0 - detected TDSS File System (1)
13:42:08.0444 4360	Boot (0x1200)   (e4598dd304b5c05e27e3c867efb0eb0c) \Device\Harddisk0\DR0\Partition0
13:42:08.0444 4360	\Device\Harddisk0\DR0\Partition0 - ok
13:42:08.0460 4360	Boot (0x1200)   (046bbd7303f14eb983a3f0c302651470) \Device\Harddisk0\DR0\Partition1
13:42:08.0460 4360	\Device\Harddisk0\DR0\Partition1 - ok
13:42:08.0506 4360	Boot (0x1200)   (376b50b18dd730f4a63e4b8227f4638c) \Device\Harddisk0\DR0\Partition2
13:42:08.0506 4360	\Device\Harddisk0\DR0\Partition2 - ok
13:42:08.0506 4360	============================================================
13:42:08.0506 4360	Scan finished
13:42:08.0506 4360	============================================================
13:42:08.0506 3404	Detected object count: 1
13:42:08.0506 3404	Actual detected object count: 1
13:42:11.0580 3404	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:42:11.0580 3404	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Plagegeister aller Art und deren Bekämpfung: Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos