| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GoogleSuche endet immer auf einer 95p.com SeiteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.01.2012, 21:33
| #1 |
 |  GoogleSuche endet immer auf einer 95p.com Seite Hallo, auch ich habe mir nun wahrscheinlich eine "Rootkit-Infektion" eingefangen. Bemerkt habe ich dies eher zufällig, da ich die Google-Suchergebnisse nicht mehr wie gewohnt aufrufen kann, sondern auf eine "hxxp://95p.com/?search=....." Seite weiter geleitet werde. Wie ich mir dies eingefangen habe, weiß ich nicht, denn eigentlich war ich nur auf meinen normalen Hauptseiten, die ich regelmäßig nutze. Zudem kommt bei einigen Seiten nun auch, dass Windows dies geblockt hat aus Sicherheitsgründen. AntiVir findet zudem nichts. CCleaner benutze ich auch regelmäßig. Auch von Kaspersky habe ich den TSDD-Killer schon benutzt, aber auch ohne Erfolg. Cookies ect. habe ich alles gelöscht und AntiVir ebenfalls, da es nicht mehr möglich war aus dem Internet Updates zu machen. (Nun habe ich jedoch AntiVir erneut heruntergeladen und es scheint nun wieder zu funktionieren,jedoch ohne negative Suchergebnisse.) Leider kenne ich mich sonst nicht mehr mit PC/Laptops aus und weiß nun leider nicht was ich den dagegen tun könnte. Die beschriebenen Schritte zum Überblick habe ich schon durchgeführt: 1.Schritt: war nicht möglich "[...] Defogger.exe ist keine zulässige Win32-Anwendung. 2.Schritt: war hier leider zu schnell und habe erst beim zweiten Scan die benutzerdefinierte Suche gestartet OTL logfile created on: 01.01.2012 17:47:36 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,26% Memory free 3,73 Gb Paging File | 3,22 Gb Available in Paging File | 86,48% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 104,67 Gb Total Space | 39,22 Gb Free Space | 37,47% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0915061\mscorlib.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_d1c06882\system.drawing.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4117bb91\system.xml.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_06dc7666\system.windows.forms.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_514d4566\system.dll () MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll () MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Programme\ICQ7.2\MDb.dll () MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll () MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll () MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll () MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll () MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll () MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_de_b77a5c561934e089\system.windows.forms.resources.dll () MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll () MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - \\?\globalroot\systemroot\system32\mswsock.dll () Extras.Txt steckt im Anhang 3.Schritt:Im Anhang Ich hoffe ihr könnt mir hier helfen . Vielen Dank schonmal Grüße j |
|
02.01.2012, 16:47
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GoogleSuche endet immer auf einer 95p.com Seite - Log ist unvollständig
__________________- bitte alles nach Möglichkeit hier in CODE-Tags posten! - Log vom TDSS-Killer fehlt (Die Angabe "ohne Erfolg" hilft hier keinem weiter) - in Zukunft keine Tools mehr ohne Anweisung ausführen!!
__________________ |
|
02.01.2012, 20:13
| #3 |
| | GoogleSuche endet immer auf einer 95p.com Seite Hallo, sorry. Danke aber für die Antwort =)
__________________Hier ist der hoffentlich vollständige Log. OTL.Txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.01.2012 17:47:36 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,26% Memory free 3,73 Gb Paging File | 3,22 Gb Available in Paging File | 86,48% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 104,67 Gb Total Space | 39,22 Gb Free Space | 37,47% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0915061\mscorlib.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_d1c06882\system.drawing.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4117bb91\system.xml.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_06dc7666\system.windows.forms.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_514d4566\system.dll () MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll () MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Programme\ICQ7.2\MDb.dll () MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll () MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll () MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll () MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll () MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll () MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_de_b77a5c561934e089\system.windows.forms.resources.dll () MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll () MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - \\?\globalroot\systemroot\system32\mswsock.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (WDSmartWareBackgroundService) -- File not found SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (HssTrayService) -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (HssDrv) -- C:\WINDOWS\system32\drivers\HssDrv.sys (AnchorFree Inc.) DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (huawei_enumerator) -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies) DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.) DRV - (DNSeFilter) -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS (Samsung Electronics,.LTD) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.05 19:36:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.11.23 20:26:33 | 000,000,000 | ---D | M] [2010.08.30 22:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Extensions [2011.11.07 17:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions [2010.10.30 09:29:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.07 17:35:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.05 19:38:58 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\searchplugins\icqplugin.xml [2011.10.22 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.04 09:39:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.08.25 20:14:19 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\JEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\C41204GV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.01.05 19:36:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2011.10.03 10:19:02 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.03 10:19:01 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2011.10.03 10:19:01 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.10.03 10:18:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.03 10:18:57 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.03 10:18:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) O4 - HKLM..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe () O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDDMStatus.lnk = C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDSmartWare.lnk = C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital) O4 - Startup: C:\Dokumente und Einstellungen\Jen\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63040C9C-CA16-45EC-8085-76C302D55716}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.08.30 19:51:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067) ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\WINDOWS\System32\ [2012.01.01 17:22:19 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Jen\Recent [2012.01.01 17:03:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0 [2011.12.31 16:10:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Sun [2011.12.31 13:56:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2011.12.30 22:06:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe [2011.12.30 22:00:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31 [2011.12.22 17:37:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\engel [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== File not found -- C:\WINDOWS\System32\ [2012.01.07 20:30:08 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\Microsoft Office Word 2003.lnk [2012.01.01 17:48:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.01.01 17:27:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.01.01 17:03:34 | 001,309,375 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0.zip [2011.12.31 16:10:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.12.27 23:33:28 | 000,096,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.22 18:10:59 | 000,030,017 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\.recently-used.xbel [2011.12.18 18:48:23 | 002,274,361 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\CIMG0955.JPG [2011.12.17 17:35:29 | 000,139,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.12.14 21:12:22 | 000,280,762 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\22096.01.xcf [2011.12.05 19:10:03 | 000,000,070 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\.gtk-bookmarks [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.01 17:03:31 | 001,309,375 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0.zip [2011.12.22 18:10:59 | 000,030,017 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\.recently-used.xbel [2011.12.18 19:23:12 | 000,397,371 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\mela +schatz.JPG [2011.12.18 18:50:02 | 002,274,361 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\CIMG0955.JPG [2011.12.14 21:12:22 | 000,280,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\22096.01.xcf [2011.12.14 20:25:10 | 005,192,260 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\SAM_9446.JPG [2011.12.14 20:18:08 | 005,002,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\SAM_9400.JPG [2011.12.05 19:10:03 | 000,000,070 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\.gtk-bookmarks [2010.10.13 16:24:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.09.01 13:29:56 | 000,096,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.01 12:15:31 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010.09.01 11:09:38 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010.08.30 22:10:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010.08.30 22:02:40 | 000,000,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat [2010.08.30 21:46:47 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.08.30 21:19:15 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2010.08.30 20:36:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010.08.30 20:34:41 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.08.30 19:57:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010.08.30 19:55:27 | 000,001,082 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2010.08.30 19:48:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006.02.13 15:29:26 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.08.04 13:00:00 | 000,459,844 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.04 13:00:00 | 000,441,906 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2004.08.04 13:00:00 | 000,247,296 | ---- | C] () -- C:\WINDOWS\System32\mswsock.dll [2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.08.04 13:00:00 | 000,085,170 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.04 13:00:00 | 000,071,842 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003.07.30 10:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2003.07.30 09:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2011.12.31 14:06:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService [2011.08.25 20:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hssff [2010.09.01 11:57:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.04.19 15:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony [2010.09.02 12:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WD_SmartWareCommon [2010.09.02 12:07:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Western Digital [2010.08.30 21:21:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLAN [2011.12.22 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\gtk-2.0 [2011.09.11 13:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\ICQ [2010.09.01 13:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\OpenOffice.org [2010.09.01 12:33:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\pdfforge [2011.10.22 10:37:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Search Settings [2011.04.19 15:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony [2011.04.19 14:50:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Setup [2010.09.02 12:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Western Digital ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.08.30 19:55:31 | 000,000,000 | ---D | M] -- C:\AddOn [2011.11.24 16:57:29 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2010.09.03 21:04:59 | 000,000,000 | ---D | M] -- C:\d22047a1b05e99b137e693 [2010.08.30 20:00:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2011.06.27 13:59:35 | 000,000,000 | -HSD | M] -- C:\found.000 [2011.08.25 20:15:40 | 000,000,000 | ---D | M] -- C:\Hotspot Shield [2010.09.01 11:04:35 | 000,000,000 | RH-D | M] -- C:\MSOCache [2010.12.24 13:49:38 | 000,000,000 | ---D | M] -- C:\output [2011.11.23 20:25:09 | 000,000,000 | R--D | M] -- C:\Programme [2010.08.30 20:01:18 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011.12.31 14:06:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.01.01 17:28:27 | 000,000,000 | ---D | M] -- C:\WINDOWS < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < MD5 for: AFD.SYS > [2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys [2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys [2008.04.13 23:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys [2008.04.13 23:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys [2011.02.16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys [2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys [2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys [2004.08.04 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys [2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys [2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys [2011.02.16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys [2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys [2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys [2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys < MD5 for: EXPLORER.EXE > [2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: IPSEC.SYS > [2008.04.13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys [2008.04.13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys [2004.08.04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys < MD5 for: REGEDIT.EXE > [2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe [2008.04.14 06:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe [2008.04.14 06:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe < MD5 for: USERINIT.EXE > [2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-17 14:41:23 ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\WINDOWS\$NtUninstallKB18828$] -> Error: Cannot create file handle -> Unknown point type < End of report > Der TDSS-Killer hat beim ersten Durchlauf keine Log geöffnet, bzw. ich weiß nicht wo dies abgespeichert wurde. Hab ihn nun erneut laufen gelassen und den Report hier kopiert. Code:
ATTFilter 20:02:35.0984 3884 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:02:36.0156 3884 ============================================================
20:02:36.0156 3884 Current date / time: 2012/01/02 20:02:36.0156
20:02:36.0156 3884 SystemInfo:
20:02:36.0156 3884
20:02:36.0156 3884 OS Version: 5.1.2600 ServicePack: 3.0
20:02:36.0156 3884 Product type: Workstation
20:02:36.0156 3884 ComputerName: LAPTOP
20:02:36.0156 3884 UserName: Jen
20:02:36.0156 3884 Windows directory: C:\WINDOWS
20:02:36.0156 3884 System windows directory: C:\WINDOWS
20:02:36.0156 3884 Processor architecture: Intel x86
20:02:36.0156 3884 Number of processors: 2
20:02:36.0156 3884 Page size: 0x1000
20:02:36.0156 3884 Boot type: Normal boot
20:02:36.0156 3884 ============================================================
20:02:38.0140 3884 Initialize success
20:02:44.0187 3272 ============================================================
20:02:44.0187 3272 Scan started
20:02:44.0187 3272 Mode: Manual;
20:02:44.0187 3272 ============================================================
20:02:44.0703 3272 Abiosdsk - ok
20:02:44.0750 3272 abp480n5 - ok
20:02:44.0843 3272 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:02:44.0843 3272 ACPI - ok
20:02:44.0890 3272 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:02:44.0890 3272 ACPIEC - ok
20:02:44.0906 3272 adpu160m - ok
20:02:44.0968 3272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:02:44.0968 3272 aec - ok
20:02:45.0031 3272 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:02:45.0031 3272 AFD - ok
20:02:45.0125 3272 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:02:45.0203 3272 AgereSoftModem - ok
20:02:45.0281 3272 Aha154x - ok
20:02:45.0328 3272 aic78u2 - ok
20:02:45.0375 3272 aic78xx - ok
20:02:45.0421 3272 AliIde - ok
20:02:45.0578 3272 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:02:45.0781 3272 Ambfilt - ok
20:02:45.0859 3272 amsint - ok
20:02:46.0000 3272 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
20:02:46.0015 3272 AR5211 - ok
20:02:46.0062 3272 asc - ok
20:02:46.0093 3272 asc3350p - ok
20:02:46.0140 3272 asc3550 - ok
20:02:46.0265 3272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:02:46.0281 3272 AsyncMac - ok
20:02:46.0343 3272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:02:46.0343 3272 atapi - ok
20:02:46.0359 3272 Atdisk - ok
20:02:46.0515 3272 ati2mtag (d371d3f40051a1f602c85cef5c787d76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:02:46.0531 3272 ati2mtag - ok
20:02:46.0578 3272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:02:46.0593 3272 Atmarpc - ok
20:02:46.0750 3272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:02:46.0750 3272 audstub - ok
20:02:46.0828 3272 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:02:46.0828 3272 avgntflt - ok
20:02:46.0890 3272 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:02:46.0890 3272 avipbb - ok
20:02:46.0953 3272 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:02:46.0953 3272 avkmgr - ok
20:02:46.0984 3272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:02:46.0984 3272 Beep - ok
20:02:47.0046 3272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:02:47.0062 3272 cbidf2k - ok
20:02:47.0140 3272 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:02:47.0140 3272 CCDECODE - ok
20:02:47.0218 3272 cd20xrnt - ok
20:02:47.0265 3272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:02:47.0265 3272 Cdaudio - ok
20:02:47.0375 3272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:02:47.0375 3272 Cdfs - ok
20:02:47.0390 3272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:02:47.0390 3272 Cdrom - ok
20:02:47.0406 3272 Changer - ok
20:02:47.0437 3272 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:02:47.0437 3272 CmBatt - ok
20:02:47.0453 3272 CmdIde - ok
20:02:47.0468 3272 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:02:47.0484 3272 Compbatt - ok
20:02:47.0500 3272 Cpqarray - ok
20:02:47.0515 3272 dac2w2k - ok
20:02:47.0531 3272 dac960nt - ok
20:02:47.0562 3272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:02:47.0562 3272 Disk - ok
20:02:47.0671 3272 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:02:47.0718 3272 dmboot - ok
20:02:47.0765 3272 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:02:47.0781 3272 dmio - ok
20:02:47.0812 3272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:02:47.0812 3272 dmload - ok
20:02:47.0875 3272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:02:47.0875 3272 DMusic - ok
20:02:47.0984 3272 DNSeFilter (459a946c0766aa3d342d0f0ded90cf8d) C:\WINDOWS\system32\drivers\SamsungEDS.sys
20:02:48.0000 3272 DNSeFilter - ok
20:02:48.0046 3272 dpti2o - ok
20:02:48.0093 3272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:02:48.0093 3272 drmkaud - ok
20:02:48.0203 3272 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
20:02:48.0203 3272 ewusbnet - ok
20:02:48.0265 3272 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
20:02:48.0265 3272 ew_hwusbdev - ok
20:02:48.0343 3272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:02:48.0359 3272 Fastfat - ok
20:02:48.0390 3272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:02:48.0390 3272 Fdc - ok
20:02:48.0421 3272 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:02:48.0421 3272 Fips - ok
20:02:48.0453 3272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:02:48.0453 3272 Flpydisk - ok
20:02:48.0484 3272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:02:48.0500 3272 FltMgr - ok
20:02:48.0515 3272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:02:48.0515 3272 Fs_Rec - ok
20:02:48.0562 3272 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:02:48.0578 3272 Ftdisk - ok
20:02:48.0625 3272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:02:48.0625 3272 Gpc - ok
20:02:48.0671 3272 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:02:48.0671 3272 HDAudBus - ok
20:02:48.0750 3272 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:02:48.0750 3272 HidUsb - ok
20:02:48.0796 3272 hpn - ok
20:02:48.0859 3272 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
20:02:48.0859 3272 HssDrv - ok
20:02:48.0953 3272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:02:48.0953 3272 HTTP - ok
20:02:49.0015 3272 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
20:02:49.0015 3272 huawei_enumerator - ok
20:02:49.0093 3272 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:02:49.0093 3272 hwdatacard - ok
20:02:49.0156 3272 i2omgmt - ok
20:02:49.0218 3272 i2omp - ok
20:02:49.0296 3272 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:02:49.0296 3272 i8042prt - ok
20:02:49.0312 3272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:02:49.0328 3272 Imapi - ok
20:02:49.0343 3272 ini910u - ok
20:02:49.0812 3272 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:02:49.0875 3272 IntcAzAudAddService - ok
20:02:49.0921 3272 IntelIde - ok
20:02:49.0953 3272 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:02:49.0953 3272 intelppm - ok
20:02:50.0000 3272 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:02:50.0000 3272 Ip6Fw - ok
20:02:50.0046 3272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:02:50.0046 3272 IpFilterDriver - ok
20:02:50.0062 3272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:02:50.0078 3272 IpInIp - ok
20:02:50.0109 3272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:02:50.0109 3272 IpNat - ok
20:02:50.0250 3272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:02:50.0250 3272 IPSec - ok
20:02:50.0281 3272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:02:50.0296 3272 IRENUM - ok
20:02:50.0328 3272 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:02:50.0343 3272 isapnp - ok
20:02:50.0359 3272 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:02:50.0359 3272 Kbdclass - ok
20:02:50.0437 3272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:02:50.0437 3272 kmixer - ok
20:02:50.0484 3272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:02:50.0484 3272 KSecDD - ok
20:02:50.0531 3272 lbrtfdc - ok
20:02:50.0593 3272 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:02:50.0609 3272 MBAMSwissArmy - ok
20:02:50.0671 3272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:02:50.0671 3272 mnmdd - ok
20:02:50.0828 3272 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:02:50.0828 3272 Modem - ok
20:02:50.0968 3272 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:02:51.0078 3272 Monfilt - ok
20:02:51.0125 3272 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:02:51.0125 3272 Mouclass - ok
20:02:51.0203 3272 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:02:51.0203 3272 mouhid - ok
20:02:51.0296 3272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:02:51.0296 3272 MountMgr - ok
20:02:51.0312 3272 mraid35x - ok
20:02:51.0328 3272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:02:51.0328 3272 MRxDAV - ok
20:02:51.0390 3272 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:02:51.0406 3272 MRxSmb - ok
20:02:51.0421 3272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:02:51.0421 3272 Msfs - ok
20:02:51.0500 3272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:02:51.0500 3272 MSKSSRV - ok
20:02:51.0515 3272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:02:51.0531 3272 MSPCLOCK - ok
20:02:51.0531 3272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:02:51.0546 3272 MSPQM - ok
20:02:51.0562 3272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:02:51.0562 3272 mssmbios - ok
20:02:51.0609 3272 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:02:51.0625 3272 MSTEE - ok
20:02:51.0671 3272 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:02:51.0671 3272 Mup - ok
20:02:51.0734 3272 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:02:51.0750 3272 NABTSFEC - ok
20:02:51.0875 3272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:02:51.0890 3272 NDIS - ok
20:02:51.0937 3272 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:02:51.0937 3272 NdisIP - ok
20:02:52.0000 3272 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:02:52.0000 3272 NdisTapi - ok
20:02:52.0015 3272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:02:52.0015 3272 Ndisuio - ok
20:02:52.0031 3272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:02:52.0031 3272 NdisWan - ok
20:02:52.0093 3272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:02:52.0093 3272 NDProxy - ok
20:02:52.0187 3272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:02:52.0187 3272 NetBIOS - ok
20:02:52.0250 3272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:02:52.0250 3272 NetBT - ok
20:02:52.0343 3272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:02:52.0343 3272 Npfs - ok
20:02:52.0406 3272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:02:52.0437 3272 Ntfs - ok
20:02:52.0468 3272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:02:52.0468 3272 Null - ok
20:02:52.0531 3272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:02:52.0531 3272 NwlnkFlt - ok
20:02:52.0625 3272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:02:52.0640 3272 NwlnkFwd - ok
20:02:52.0765 3272 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:02:52.0781 3272 Parport - ok
20:02:52.0828 3272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:02:52.0828 3272 PartMgr - ok
20:02:52.0906 3272 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:02:52.0921 3272 ParVdm - ok
20:02:53.0015 3272 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:02:53.0031 3272 PCI - ok
20:02:53.0046 3272 PCIDump - ok
20:02:53.0062 3272 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:02:53.0078 3272 PCIIde - ok
20:02:53.0109 3272 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:02:53.0125 3272 Pcmcia - ok
20:02:53.0125 3272 PDCOMP - ok
20:02:53.0140 3272 PDFRAME - ok
20:02:53.0156 3272 PDRELI - ok
20:02:53.0171 3272 PDRFRAME - ok
20:02:53.0187 3272 perc2 - ok
20:02:53.0203 3272 perc2hib - ok
20:02:53.0281 3272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:02:53.0281 3272 PptpMiniport - ok
20:02:53.0296 3272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:02:53.0296 3272 PSched - ok
20:02:53.0343 3272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:02:53.0343 3272 Ptilink - ok
20:02:53.0359 3272 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:02:53.0375 3272 PxHelp20 - ok
20:02:53.0390 3272 ql1080 - ok
20:02:53.0406 3272 Ql10wnt - ok
20:02:53.0406 3272 ql12160 - ok
20:02:53.0421 3272 ql1240 - ok
20:02:53.0437 3272 ql1280 - ok
20:02:53.0484 3272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:02:53.0484 3272 RasAcd - ok
20:02:53.0515 3272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:02:53.0515 3272 Rasl2tp - ok
20:02:53.0531 3272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:02:53.0531 3272 RasPppoe - ok
20:02:53.0546 3272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:02:53.0546 3272 Raspti - ok
20:02:53.0593 3272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:02:53.0593 3272 Rdbss - ok
20:02:53.0609 3272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:02:53.0609 3272 RDPCDD - ok
20:02:53.0656 3272 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:02:53.0656 3272 RDPWD - ok
20:02:53.0796 3272 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:02:53.0796 3272 redbook - ok
20:02:53.0843 3272 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
20:02:53.0843 3272 rimmptsk - ok
20:02:53.0890 3272 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
20:02:53.0890 3272 rimsptsk - ok
20:02:53.0937 3272 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
20:02:53.0937 3272 rismxdp - ok
20:02:54.0031 3272 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:02:54.0031 3272 rtl8139 - ok
20:02:54.0109 3272 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:02:54.0125 3272 sdbus - ok
20:02:54.0171 3272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:02:54.0171 3272 Secdrv - ok
20:02:54.0234 3272 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
20:02:54.0234 3272 Serial - ok
20:02:54.0312 3272 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
20:02:54.0312 3272 sffdisk - ok
20:02:54.0328 3272 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
20:02:54.0343 3272 sffp_sd - ok
20:02:54.0359 3272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:02:54.0359 3272 Sfloppy - ok
20:02:54.0390 3272 Simbad - ok
20:02:54.0453 3272 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:02:54.0453 3272 SLIP - ok
20:02:54.0468 3272 Sparrow - ok
20:02:54.0531 3272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:02:54.0531 3272 splitter - ok
20:02:54.0656 3272 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:02:54.0671 3272 sr - ok
20:02:54.0781 3272 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:02:54.0781 3272 Srv - ok
20:02:54.0859 3272 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:02:54.0859 3272 ssmdrv - ok
20:02:54.0906 3272 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:02:54.0921 3272 streamip - ok
20:02:55.0031 3272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:02:55.0031 3272 swenum - ok
20:02:55.0109 3272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:02:55.0109 3272 swmidi - ok
20:02:55.0125 3272 symc810 - ok
20:02:55.0140 3272 symc8xx - ok
20:02:55.0156 3272 sym_hi - ok
20:02:55.0171 3272 sym_u3 - ok
20:02:55.0250 3272 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:02:55.0250 3272 SynTP - ok
20:02:55.0328 3272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:02:55.0328 3272 sysaudio - ok
20:02:55.0390 3272 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
20:02:55.0390 3272 taphss - ok
20:02:55.0484 3272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:02:55.0484 3272 Tcpip - ok
20:02:55.0531 3272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:02:55.0531 3272 TDPIPE - ok
20:02:55.0562 3272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:02:55.0578 3272 TDTCP - ok
20:02:55.0640 3272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:02:55.0640 3272 TermDD - ok
20:02:55.0687 3272 TosIde - ok
20:02:55.0796 3272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:02:55.0812 3272 Udfs - ok
20:02:55.0812 3272 ultra - ok
20:02:55.0875 3272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:02:55.0875 3272 Update - ok
20:02:55.0921 3272 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
20:02:55.0937 3272 usbaudio - ok
20:02:56.0031 3272 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:02:56.0031 3272 usbccgp - ok
20:02:56.0062 3272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:02:56.0062 3272 usbehci - ok
20:02:56.0078 3272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:02:56.0078 3272 usbhub - ok
20:02:56.0109 3272 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:02:56.0109 3272 usbohci - ok
20:02:56.0156 3272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:02:56.0171 3272 usbscan - ok
20:02:56.0281 3272 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:02:56.0281 3272 USBSTOR - ok
20:02:56.0390 3272 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:02:56.0390 3272 usbvideo - ok
20:02:56.0453 3272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:02:56.0453 3272 VgaSave - ok
20:02:56.0468 3272 ViaIde - ok
20:02:56.0484 3272 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:02:56.0500 3272 VolSnap - ok
20:02:56.0578 3272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:02:56.0578 3272 Wanarp - ok
20:02:56.0609 3272 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
20:02:56.0625 3272 WDC_SAM - ok
20:02:56.0703 3272 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:02:56.0703 3272 Wdf01000 - ok
20:02:56.0718 3272 WDICA - ok
20:02:56.0781 3272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:02:56.0781 3272 wdmaud - ok
20:02:56.0906 3272 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
20:02:56.0906 3272 WpdUsb - ok
20:02:56.0984 3272 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:02:57.0000 3272 WSTCODEC - ok
20:02:57.0062 3272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:02:57.0078 3272 WudfPf - ok
20:02:57.0125 3272 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:02:57.0140 3272 WudfRd - ok
20:02:57.0187 3272 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:02:57.0359 3272 \Device\Harddisk0\DR0 - ok
20:02:57.0359 3272 Boot (0x1200) (5adf4f77d49c85b94c031ae8ac5894ac) \Device\Harddisk0\DR0\Partition0
20:02:57.0375 3272 \Device\Harddisk0\DR0\Partition0 - ok
20:02:57.0375 3272 ============================================================
20:02:57.0375 3272 Scan finished
20:02:57.0375 3272 ============================================================
20:02:57.0390 0576 Detected object count: 0
20:02:57.0390 0576 Actual detected object count: 0
Grüße |
|
02.01.2012, 21:33
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Die Logs vom TDSS-Killer liegen direkt auf C:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.01.2012, 21:49
| #5 |
| | GoogleSuche endet immer auf einer 95p.com Seite Okay. Log von gestern : Code:
ATTFilter 2012/01/01 17:03:54.0187 1656 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2012/01/01 17:04:00.0218 1656 ================================================================================
2012/01/01 17:04:00.0218 1656 SystemInfo:
2012/01/01 17:04:00.0218 1656
2012/01/01 17:04:00.0218 1656 OS Version: 5.1.2600 ServicePack: 3.0
2012/01/01 17:04:00.0218 1656 Product type: Workstation
2012/01/01 17:04:00.0218 1656 ComputerName: LAPTOP
2012/01/01 17:04:00.0218 1656 UserName: Jen
2012/01/01 17:04:00.0218 1656 Windows directory: C:\WINDOWS
2012/01/01 17:04:00.0218 1656 System windows directory: C:\WINDOWS
2012/01/01 17:04:00.0218 1656 Processor architecture: Intel x86
2012/01/01 17:04:00.0218 1656 Number of processors: 2
2012/01/01 17:04:00.0218 1656 Page size: 0x1000
2012/01/01 17:04:00.0218 1656 Boot type: Normal boot
2012/01/01 17:04:00.0218 1656 ================================================================================
2012/01/01 17:04:03.0734 1656 Initialize success
2012/01/01 17:04:07.0187 1044 ================================================================================
2012/01/01 17:04:07.0187 1044 Scan started
2012/01/01 17:04:07.0187 1044 Mode: Manual;
2012/01/01 17:04:07.0187 1044 ================================================================================
2012/01/01 17:04:12.0546 1044 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2012/01/01 17:04:12.0953 1044 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2012/01/01 17:04:13.0234 1044 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2012/01/01 17:04:13.0328 1044 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
2012/01/01 17:04:13.0468 1044 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2012/01/01 17:04:13.0796 1044 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2012/01/01 17:04:14.0078 1044 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2012/01/01 17:04:14.0281 1044 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2012/01/01 17:04:14.0312 1044 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2012/01/01 17:04:14.0484 1044 ati2mtag (d371d3f40051a1f602c85cef5c787d76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2012/01/01 17:04:14.0640 1044 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2012/01/01 17:04:14.0718 1044 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2012/01/01 17:04:14.0843 1044 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2012/01/01 17:04:14.0906 1044 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2012/01/01 17:04:14.0937 1044 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2012/01/01 17:04:14.0968 1044 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2012/01/01 17:04:15.0031 1044 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2012/01/01 17:04:15.0187 1044 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2012/01/01 17:04:15.0265 1044 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2012/01/01 17:04:15.0312 1044 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2012/01/01 17:04:15.0375 1044 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2012/01/01 17:04:15.0421 1044 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2012/01/01 17:04:15.0468 1044 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2012/01/01 17:04:15.0578 1044 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2012/01/01 17:04:15.0656 1044 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2012/01/01 17:04:15.0718 1044 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2012/01/01 17:04:15.0765 1044 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2012/01/01 17:04:15.0828 1044 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2012/01/01 17:04:15.0906 1044 DNSeFilter (459a946c0766aa3d342d0f0ded90cf8d) C:\WINDOWS\system32\drivers\SamsungEDS.sys
2012/01/01 17:04:16.0000 1044 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2012/01/01 17:04:16.0125 1044 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2012/01/01 17:04:16.0187 1044 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
2012/01/01 17:04:16.0265 1044 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2012/01/01 17:04:16.0328 1044 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2012/01/01 17:04:16.0343 1044 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2012/01/01 17:04:16.0375 1044 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2012/01/01 17:04:16.0421 1044 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2012/01/01 17:04:16.0453 1044 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2012/01/01 17:04:16.0500 1044 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2012/01/01 17:04:16.0531 1044 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2012/01/01 17:04:16.0562 1044 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2012/01/01 17:04:16.0640 1044 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2012/01/01 17:04:16.0781 1044 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
2012/01/01 17:04:16.0859 1044 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2012/01/01 17:04:16.0906 1044 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
2012/01/01 17:04:16.0953 1044 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2012/01/01 17:04:17.0046 1044 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2012/01/01 17:04:17.0109 1044 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2012/01/01 17:04:17.0578 1044 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2012/01/01 17:04:17.0703 1044 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2012/01/01 17:04:17.0750 1044 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2012/01/01 17:04:17.0843 1044 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2012/01/01 17:04:17.0906 1044 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2012/01/01 17:04:17.0968 1044 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2012/01/01 17:04:18.0000 1044 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2012/01/01 17:04:18.0046 1044 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2012/01/01 17:04:18.0109 1044 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2012/01/01 17:04:18.0140 1044 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2012/01/01 17:04:18.0218 1044 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2012/01/01 17:04:18.0343 1044 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2012/01/01 17:04:18.0468 1044 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2012/01/01 17:04:18.0515 1044 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2012/01/01 17:04:18.0687 1044 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2012/01/01 17:04:18.0875 1044 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2012/01/01 17:04:18.0968 1044 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2012/01/01 17:04:19.0000 1044 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2012/01/01 17:04:19.0046 1044 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2012/01/01 17:04:19.0109 1044 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2012/01/01 17:04:19.0171 1044 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2012/01/01 17:04:19.0250 1044 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012/01/01 17:04:19.0328 1044 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012/01/01 17:04:19.0359 1044 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2012/01/01 17:04:19.0406 1044 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2012/01/01 17:04:19.0484 1044 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2012/01/01 17:04:19.0546 1044 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2012/01/01 17:04:19.0593 1044 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2012/01/01 17:04:19.0625 1044 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2012/01/01 17:04:19.0656 1044 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2012/01/01 17:04:19.0718 1044 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2012/01/01 17:04:19.0796 1044 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2012/01/01 17:04:20.0640 1044 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2012/01/01 17:04:20.0875 1044 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2012/01/01 17:04:20.0921 1044 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2012/01/01 17:04:20.0984 1044 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2012/01/01 17:04:21.0078 1044 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2012/01/01 17:04:21.0125 1044 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2012/01/01 17:04:21.0218 1044 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2012/01/01 17:04:21.0250 1044 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2012/01/01 17:04:21.0296 1044 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2012/01/01 17:04:21.0328 1044 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
2012/01/01 17:04:21.0375 1044 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2012/01/01 17:04:21.0406 1044 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2012/01/01 17:04:21.0453 1044 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2012/01/01 17:04:21.0531 1044 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
2012/01/01 17:04:21.0546 1044 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2012/01/01 17:04:21.0718 1044 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2012/01/01 17:04:21.0750 1044 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2012/01/01 17:04:21.0812 1044 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2012/01/01 17:04:21.0906 1044 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2012/01/01 17:04:22.0031 1044 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2012/01/01 17:04:22.0062 1044 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2012/01/01 17:04:22.0078 1044 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2012/01/01 17:04:22.0125 1044 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2012/01/01 17:04:22.0171 1044 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2012/01/01 17:04:22.0203 1044 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2012/01/01 17:04:22.0343 1044 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2012/01/01 17:04:22.0453 1044 redbook (ae807e85c653c9a1167d8cd552de7a1e) C:\WINDOWS\system32\DRIVERS\redbook.sys
2012/01/01 17:04:22.0453 1044 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\redbook.sys. Real md5: ae807e85c653c9a1167d8cd552de7a1e, Fake md5: ed761d453856f795a7fe056e42c36365
2012/01/01 17:04:22.0468 1044 redbook - detected ForgedFile.Multi.Generic (1)
2012/01/01 17:04:22.0546 1044 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2012/01/01 17:04:22.0593 1044 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2012/01/01 17:04:22.0656 1044 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2012/01/01 17:04:22.0750 1044 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2012/01/01 17:04:22.0906 1044 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2012/01/01 17:04:23.0000 1044 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2012/01/01 17:04:23.0078 1044 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
2012/01/01 17:04:23.0171 1044 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2012/01/01 17:04:23.0234 1044 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2012/01/01 17:04:23.0328 1044 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2012/01/01 17:04:23.0484 1044 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2012/01/01 17:04:23.0640 1044 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2012/01/01 17:04:23.0750 1044 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2012/01/01 17:04:23.0906 1044 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2012/01/01 17:04:24.0015 1044 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2012/01/01 17:04:24.0109 1044 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2012/01/01 17:04:24.0234 1044 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2012/01/01 17:04:24.0578 1044 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2012/01/01 17:04:24.0859 1044 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2012/01/01 17:04:24.0906 1044 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2012/01/01 17:04:24.0953 1044 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
2012/01/01 17:04:25.0046 1044 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2012/01/01 17:04:25.0156 1044 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2012/01/01 17:04:25.0234 1044 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2012/01/01 17:04:25.0265 1044 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2012/01/01 17:04:25.0343 1044 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2012/01/01 17:04:25.0406 1044 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2012/01/01 17:04:25.0468 1044 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2012/01/01 17:04:25.0562 1044 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2012/01/01 17:04:25.0593 1044 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2012/01/01 17:04:25.0625 1044 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2012/01/01 17:04:25.0640 1044 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2012/01/01 17:04:25.0750 1044 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2012/01/01 17:04:25.0765 1044 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2012/01/01 17:04:25.0859 1044 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2012/01/01 17:04:25.0906 1044 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2012/01/01 17:04:26.0015 1044 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2012/01/01 17:04:26.0062 1044 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2012/01/01 17:04:26.0125 1044 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
2012/01/01 17:04:26.0203 1044 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2012/01/01 17:04:26.0296 1044 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2012/01/01 17:04:26.0421 1044 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2012/01/01 17:04:26.0500 1044 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2012/01/01 17:04:26.0546 1044 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2012/01/01 17:04:26.0578 1044 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2012/01/01 17:04:26.0640 1044 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
2012/01/01 17:04:26.0812 1044 ================================================================================
2012/01/01 17:04:26.0812 1044 Scan finished
2012/01/01 17:04:26.0812 1044 ================================================================================
2012/01/01 17:04:26.0843 2616 Detected object count: 1
2012/01/01 17:04:26.0843 2616 Actual detected object count: 1
2012/01/01 17:04:32.0453 2616 ForgedFile.Multi.Generic(redbook) - User select action: Skip
2012/01/01 17:04:40.0359 1532 ================================================================================
2012/01/01 17:04:40.0359 1532 Scan started
2012/01/01 17:04:40.0359 1532 Mode: Manual;
2012/01/01 17:04:40.0359 1532 ================================================================================
2012/01/01 17:04:42.0015 1532 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2012/01/01 17:04:42.0078 1532 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2012/01/01 17:04:42.0156 1532 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2012/01/01 17:04:42.0203 1532 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
2012/01/01 17:04:42.0312 1532 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2012/01/01 17:04:42.0515 1532 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2012/01/01 17:04:42.0640 1532 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2012/01/01 17:04:42.0906 1532 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2012/01/01 17:04:42.0968 1532 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2012/01/01 17:04:43.0156 1532 ati2mtag (d371d3f40051a1f602c85cef5c787d76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2012/01/01 17:04:43.0203 1532 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2012/01/01 17:04:43.0250 1532 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2012/01/01 17:04:43.0406 1532 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2012/01/01 17:04:43.0484 1532 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2012/01/01 17:04:43.0546 1532 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2012/01/01 17:04:43.0578 1532 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2012/01/01 17:04:43.0625 1532 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2012/01/01 17:04:43.0765 1532 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2012/01/01 17:04:43.0828 1532 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2012/01/01 17:04:43.0906 1532 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2012/01/01 17:04:43.0953 1532 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2012/01/01 17:04:44.0046 1532 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2012/01/01 17:04:44.0140 1532 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2012/01/01 17:04:44.0421 1532 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2012/01/01 17:04:44.0531 1532 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2012/01/01 17:04:44.0593 1532 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2012/01/01 17:04:44.0656 1532 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2012/01/01 17:04:44.0765 1532 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2012/01/01 17:04:44.0890 1532 DNSeFilter (459a946c0766aa3d342d0f0ded90cf8d) C:\WINDOWS\system32\drivers\SamsungEDS.sys
2012/01/01 17:04:44.0953 1532 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2012/01/01 17:04:45.0031 1532 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2012/01/01 17:04:45.0062 1532 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
2012/01/01 17:04:45.0140 1532 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2012/01/01 17:04:45.0187 1532 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2012/01/01 17:04:45.0203 1532 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2012/01/01 17:04:45.0250 1532 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2012/01/01 17:04:45.0312 1532 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2012/01/01 17:04:45.0421 1532 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2012/01/01 17:04:45.0437 1532 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2012/01/01 17:04:45.0468 1532 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2012/01/01 17:04:45.0500 1532 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2012/01/01 17:04:45.0578 1532 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2012/01/01 17:04:45.0656 1532 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
2012/01/01 17:04:45.0750 1532 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2012/01/01 17:04:45.0781 1532 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
2012/01/01 17:04:45.0843 1532 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2012/01/01 17:04:46.0046 1532 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2012/01/01 17:04:46.0078 1532 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2012/01/01 17:04:46.0562 1532 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2012/01/01 17:04:46.0656 1532 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2012/01/01 17:04:46.0687 1532 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2012/01/01 17:04:46.0734 1532 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2012/01/01 17:04:46.0765 1532 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2012/01/01 17:04:46.0828 1532 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2012/01/01 17:04:46.0843 1532 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2012/01/01 17:04:46.0890 1532 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2012/01/01 17:04:46.0937 1532 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2012/01/01 17:04:46.0968 1532 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2012/01/01 17:04:47.0046 1532 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2012/01/01 17:04:47.0109 1532 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2012/01/01 17:04:47.0328 1532 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2012/01/01 17:04:47.0390 1532 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2012/01/01 17:04:47.0531 1532 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2012/01/01 17:04:47.0562 1532 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2012/01/01 17:04:47.0640 1532 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2012/01/01 17:04:47.0671 1532 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2012/01/01 17:04:47.0718 1532 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2012/01/01 17:04:47.0781 1532 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2012/01/01 17:04:47.0812 1532 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2012/01/01 17:04:47.0890 1532 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012/01/01 17:04:47.0984 1532 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012/01/01 17:04:48.0015 1532 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2012/01/01 17:04:48.0093 1532 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2012/01/01 17:04:48.0156 1532 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2012/01/01 17:04:48.0203 1532 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2012/01/01 17:04:48.0265 1532 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2012/01/01 17:04:48.0343 1532 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2012/01/01 17:04:48.0375 1532 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2012/01/01 17:04:48.0437 1532 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2012/01/01 17:04:48.0468 1532 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2012/01/01 17:04:48.0515 1532 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2012/01/01 17:04:48.0578 1532 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2012/01/01 17:04:48.0625 1532 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2012/01/01 17:04:48.0656 1532 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2012/01/01 17:04:48.0703 1532 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2012/01/01 17:04:48.0781 1532 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2012/01/01 17:04:48.0828 1532 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2012/01/01 17:04:48.0875 1532 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2012/01/01 17:04:48.0921 1532 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2012/01/01 17:04:49.0015 1532 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
2012/01/01 17:04:49.0031 1532 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2012/01/01 17:04:49.0093 1532 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2012/01/01 17:04:49.0125 1532 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2012/01/01 17:04:49.0281 1532 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
2012/01/01 17:04:49.0328 1532 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2012/01/01 17:04:49.0578 1532 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2012/01/01 17:04:49.0593 1532 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2012/01/01 17:04:49.0625 1532 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2012/01/01 17:04:49.0703 1532 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2012/01/01 17:04:49.0937 1532 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2012/01/01 17:04:50.0015 1532 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2012/01/01 17:04:50.0078 1532 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2012/01/01 17:04:50.0125 1532 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2012/01/01 17:04:50.0218 1532 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2012/01/01 17:04:50.0281 1532 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2012/01/01 17:04:50.0359 1532 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2012/01/01 17:04:50.0390 1532 redbook (ae807e85c653c9a1167d8cd552de7a1e) C:\WINDOWS\system32\DRIVERS\redbook.sys
2012/01/01 17:04:50.0390 1532 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\redbook.sys. Real md5: ae807e85c653c9a1167d8cd552de7a1e, Fake md5: ed761d453856f795a7fe056e42c36365
2012/01/01 17:04:50.0390 1532 redbook - detected ForgedFile.Multi.Generic (1)
2012/01/01 17:04:50.0484 1532 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2012/01/01 17:04:50.0500 1532 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2012/01/01 17:04:50.0546 1532 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2012/01/01 17:04:50.0625 1532 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2012/01/01 17:04:50.0750 1532 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2012/01/01 17:04:50.0812 1532 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2012/01/01 17:04:50.0906 1532 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
2012/01/01 17:04:50.0968 1532 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2012/01/01 17:04:51.0000 1532 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2012/01/01 17:04:51.0015 1532 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2012/01/01 17:04:51.0140 1532 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2012/01/01 17:04:51.0250 1532 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2012/01/01 17:04:51.0343 1532 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2012/01/01 17:04:51.0437 1532 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2012/01/01 17:04:51.0468 1532 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2012/01/01 17:04:51.0562 1532 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2012/01/01 17:04:51.0687 1532 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2012/01/01 17:04:51.0750 1532 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2012/01/01 17:04:51.0953 1532 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2012/01/01 17:04:51.0984 1532 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2012/01/01 17:04:52.0031 1532 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
2012/01/01 17:04:52.0125 1532 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2012/01/01 17:04:52.0203 1532 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2012/01/01 17:04:52.0484 1532 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2012/01/01 17:04:52.0546 1532 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2012/01/01 17:04:52.0640 1532 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2012/01/01 17:04:52.0781 1532 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2012/01/01 17:04:52.0875 1532 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2012/01/01 17:04:52.0937 1532 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2012/01/01 17:04:53.0015 1532 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2012/01/01 17:04:53.0046 1532 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2012/01/01 17:04:53.0078 1532 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2012/01/01 17:04:53.0140 1532 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2012/01/01 17:04:53.0187 1532 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2012/01/01 17:04:53.0234 1532 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2012/01/01 17:04:53.0328 1532 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2012/01/01 17:04:53.0406 1532 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2012/01/01 17:04:53.0500 1532 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2012/01/01 17:04:53.0562 1532 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
2012/01/01 17:04:53.0687 1532 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2012/01/01 17:04:53.0796 1532 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2012/01/01 17:04:53.0921 1532 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2012/01/01 17:04:53.0984 1532 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2012/01/01 17:04:54.0062 1532 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2012/01/01 17:04:54.0109 1532 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2012/01/01 17:04:54.0156 1532 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
2012/01/01 17:04:54.0328 1532 ================================================================================
2012/01/01 17:04:54.0328 1532 Scan finished
2012/01/01 17:04:54.0328 1532 ================================================================================
2012/01/01 17:04:54.0343 2324 Detected object count: 1
2012/01/01 17:04:54.0343 2324 Actual detected object count: 1
2012/01/01 17:04:57.0484 2324 ForgedFile.Multi.Generic(redbook) - User select action: Skip
2012/01/01 17:06:26.0218 3204 Deinitialize success
Code:
ATTFilter 20:02:35.0984 3884 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:02:36.0156 3884 ============================================================
20:02:36.0156 3884 Current date / time: 2012/01/02 20:02:36.0156
20:02:36.0156 3884 SystemInfo:
20:02:36.0156 3884
20:02:36.0156 3884 OS Version: 5.1.2600 ServicePack: 3.0
20:02:36.0156 3884 Product type: Workstation
20:02:36.0156 3884 ComputerName: LAPTOP
20:02:36.0156 3884 UserName: Jen
20:02:36.0156 3884 Windows directory: C:\WINDOWS
20:02:36.0156 3884 System windows directory: C:\WINDOWS
20:02:36.0156 3884 Processor architecture: Intel x86
20:02:36.0156 3884 Number of processors: 2
20:02:36.0156 3884 Page size: 0x1000
20:02:36.0156 3884 Boot type: Normal boot
20:02:36.0156 3884 ============================================================
20:02:38.0140 3884 Initialize success
20:02:44.0187 3272 ============================================================
20:02:44.0187 3272 Scan started
20:02:44.0187 3272 Mode: Manual;
20:02:44.0187 3272 ============================================================
20:02:44.0703 3272 Abiosdsk - ok
20:02:44.0750 3272 abp480n5 - ok
20:02:44.0843 3272 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:02:44.0843 3272 ACPI - ok
20:02:44.0890 3272 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:02:44.0890 3272 ACPIEC - ok
20:02:44.0906 3272 adpu160m - ok
20:02:44.0968 3272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:02:44.0968 3272 aec - ok
20:02:45.0031 3272 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:02:45.0031 3272 AFD - ok
20:02:45.0125 3272 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:02:45.0203 3272 AgereSoftModem - ok
20:02:45.0281 3272 Aha154x - ok
20:02:45.0328 3272 aic78u2 - ok
20:02:45.0375 3272 aic78xx - ok
20:02:45.0421 3272 AliIde - ok
20:02:45.0578 3272 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:02:45.0781 3272 Ambfilt - ok
20:02:45.0859 3272 amsint - ok
20:02:46.0000 3272 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
20:02:46.0015 3272 AR5211 - ok
20:02:46.0062 3272 asc - ok
20:02:46.0093 3272 asc3350p - ok
20:02:46.0140 3272 asc3550 - ok
20:02:46.0265 3272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:02:46.0281 3272 AsyncMac - ok
20:02:46.0343 3272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:02:46.0343 3272 atapi - ok
20:02:46.0359 3272 Atdisk - ok
20:02:46.0515 3272 ati2mtag (d371d3f40051a1f602c85cef5c787d76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:02:46.0531 3272 ati2mtag - ok
20:02:46.0578 3272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:02:46.0593 3272 Atmarpc - ok
20:02:46.0750 3272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:02:46.0750 3272 audstub - ok
20:02:46.0828 3272 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:02:46.0828 3272 avgntflt - ok
20:02:46.0890 3272 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:02:46.0890 3272 avipbb - ok
20:02:46.0953 3272 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:02:46.0953 3272 avkmgr - ok
20:02:46.0984 3272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:02:46.0984 3272 Beep - ok
20:02:47.0046 3272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:02:47.0062 3272 cbidf2k - ok
20:02:47.0140 3272 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:02:47.0140 3272 CCDECODE - ok
20:02:47.0218 3272 cd20xrnt - ok
20:02:47.0265 3272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:02:47.0265 3272 Cdaudio - ok
20:02:47.0375 3272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:02:47.0375 3272 Cdfs - ok
20:02:47.0390 3272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:02:47.0390 3272 Cdrom - ok
20:02:47.0406 3272 Changer - ok
20:02:47.0437 3272 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:02:47.0437 3272 CmBatt - ok
20:02:47.0453 3272 CmdIde - ok
20:02:47.0468 3272 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:02:47.0484 3272 Compbatt - ok
20:02:47.0500 3272 Cpqarray - ok
20:02:47.0515 3272 dac2w2k - ok
20:02:47.0531 3272 dac960nt - ok
20:02:47.0562 3272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:02:47.0562 3272 Disk - ok
20:02:47.0671 3272 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:02:47.0718 3272 dmboot - ok
20:02:47.0765 3272 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:02:47.0781 3272 dmio - ok
20:02:47.0812 3272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:02:47.0812 3272 dmload - ok
20:02:47.0875 3272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:02:47.0875 3272 DMusic - ok
20:02:47.0984 3272 DNSeFilter (459a946c0766aa3d342d0f0ded90cf8d) C:\WINDOWS\system32\drivers\SamsungEDS.sys
20:02:48.0000 3272 DNSeFilter - ok
20:02:48.0046 3272 dpti2o - ok
20:02:48.0093 3272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:02:48.0093 3272 drmkaud - ok
20:02:48.0203 3272 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
20:02:48.0203 3272 ewusbnet - ok
20:02:48.0265 3272 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
20:02:48.0265 3272 ew_hwusbdev - ok
20:02:48.0343 3272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:02:48.0359 3272 Fastfat - ok
20:02:48.0390 3272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:02:48.0390 3272 Fdc - ok
20:02:48.0421 3272 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:02:48.0421 3272 Fips - ok
20:02:48.0453 3272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:02:48.0453 3272 Flpydisk - ok
20:02:48.0484 3272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:02:48.0500 3272 FltMgr - ok
20:02:48.0515 3272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:02:48.0515 3272 Fs_Rec - ok
20:02:48.0562 3272 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:02:48.0578 3272 Ftdisk - ok
20:02:48.0625 3272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:02:48.0625 3272 Gpc - ok
20:02:48.0671 3272 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:02:48.0671 3272 HDAudBus - ok
20:02:48.0750 3272 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:02:48.0750 3272 HidUsb - ok
20:02:48.0796 3272 hpn - ok
20:02:48.0859 3272 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
20:02:48.0859 3272 HssDrv - ok
20:02:48.0953 3272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:02:48.0953 3272 HTTP - ok
20:02:49.0015 3272 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
20:02:49.0015 3272 huawei_enumerator - ok
20:02:49.0093 3272 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:02:49.0093 3272 hwdatacard - ok
20:02:49.0156 3272 i2omgmt - ok
20:02:49.0218 3272 i2omp - ok
20:02:49.0296 3272 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:02:49.0296 3272 i8042prt - ok
20:02:49.0312 3272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:02:49.0328 3272 Imapi - ok
20:02:49.0343 3272 ini910u - ok
20:02:49.0812 3272 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:02:49.0875 3272 IntcAzAudAddService - ok
20:02:49.0921 3272 IntelIde - ok
20:02:49.0953 3272 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:02:49.0953 3272 intelppm - ok
20:02:50.0000 3272 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:02:50.0000 3272 Ip6Fw - ok
20:02:50.0046 3272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:02:50.0046 3272 IpFilterDriver - ok
20:02:50.0062 3272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:02:50.0078 3272 IpInIp - ok
20:02:50.0109 3272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:02:50.0109 3272 IpNat - ok
20:02:50.0250 3272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:02:50.0250 3272 IPSec - ok
20:02:50.0281 3272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:02:50.0296 3272 IRENUM - ok
20:02:50.0328 3272 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:02:50.0343 3272 isapnp - ok
20:02:50.0359 3272 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:02:50.0359 3272 Kbdclass - ok
20:02:50.0437 3272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:02:50.0437 3272 kmixer - ok
20:02:50.0484 3272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:02:50.0484 3272 KSecDD - ok
20:02:50.0531 3272 lbrtfdc - ok
20:02:50.0593 3272 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:02:50.0609 3272 MBAMSwissArmy - ok
20:02:50.0671 3272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:02:50.0671 3272 mnmdd - ok
20:02:50.0828 3272 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:02:50.0828 3272 Modem - ok
20:02:50.0968 3272 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:02:51.0078 3272 Monfilt - ok
20:02:51.0125 3272 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:02:51.0125 3272 Mouclass - ok
20:02:51.0203 3272 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:02:51.0203 3272 mouhid - ok
20:02:51.0296 3272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:02:51.0296 3272 MountMgr - ok
20:02:51.0312 3272 mraid35x - ok
20:02:51.0328 3272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:02:51.0328 3272 MRxDAV - ok
20:02:51.0390 3272 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:02:51.0406 3272 MRxSmb - ok
20:02:51.0421 3272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:02:51.0421 3272 Msfs - ok
20:02:51.0500 3272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:02:51.0500 3272 MSKSSRV - ok
20:02:51.0515 3272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:02:51.0531 3272 MSPCLOCK - ok
20:02:51.0531 3272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:02:51.0546 3272 MSPQM - ok
20:02:51.0562 3272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:02:51.0562 3272 mssmbios - ok
20:02:51.0609 3272 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:02:51.0625 3272 MSTEE - ok
20:02:51.0671 3272 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:02:51.0671 3272 Mup - ok
20:02:51.0734 3272 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:02:51.0750 3272 NABTSFEC - ok
20:02:51.0875 3272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:02:51.0890 3272 NDIS - ok
20:02:51.0937 3272 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:02:51.0937 3272 NdisIP - ok
20:02:52.0000 3272 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:02:52.0000 3272 NdisTapi - ok
20:02:52.0015 3272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:02:52.0015 3272 Ndisuio - ok
20:02:52.0031 3272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:02:52.0031 3272 NdisWan - ok
20:02:52.0093 3272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:02:52.0093 3272 NDProxy - ok
20:02:52.0187 3272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:02:52.0187 3272 NetBIOS - ok
20:02:52.0250 3272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:02:52.0250 3272 NetBT - ok
20:02:52.0343 3272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:02:52.0343 3272 Npfs - ok
20:02:52.0406 3272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:02:52.0437 3272 Ntfs - ok
20:02:52.0468 3272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:02:52.0468 3272 Null - ok
20:02:52.0531 3272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:02:52.0531 3272 NwlnkFlt - ok
20:02:52.0625 3272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:02:52.0640 3272 NwlnkFwd - ok
20:02:52.0765 3272 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:02:52.0781 3272 Parport - ok
20:02:52.0828 3272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:02:52.0828 3272 PartMgr - ok
20:02:52.0906 3272 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:02:52.0921 3272 ParVdm - ok
20:02:53.0015 3272 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:02:53.0031 3272 PCI - ok
20:02:53.0046 3272 PCIDump - ok
20:02:53.0062 3272 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:02:53.0078 3272 PCIIde - ok
20:02:53.0109 3272 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:02:53.0125 3272 Pcmcia - ok
20:02:53.0125 3272 PDCOMP - ok
20:02:53.0140 3272 PDFRAME - ok
20:02:53.0156 3272 PDRELI - ok
20:02:53.0171 3272 PDRFRAME - ok
20:02:53.0187 3272 perc2 - ok
20:02:53.0203 3272 perc2hib - ok
20:02:53.0281 3272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:02:53.0281 3272 PptpMiniport - ok
20:02:53.0296 3272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:02:53.0296 3272 PSched - ok
20:02:53.0343 3272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:02:53.0343 3272 Ptilink - ok
20:02:53.0359 3272 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:02:53.0375 3272 PxHelp20 - ok
20:02:53.0390 3272 ql1080 - ok
20:02:53.0406 3272 Ql10wnt - ok
20:02:53.0406 3272 ql12160 - ok
20:02:53.0421 3272 ql1240 - ok
20:02:53.0437 3272 ql1280 - ok
20:02:53.0484 3272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:02:53.0484 3272 RasAcd - ok
20:02:53.0515 3272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:02:53.0515 3272 Rasl2tp - ok
20:02:53.0531 3272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:02:53.0531 3272 RasPppoe - ok
20:02:53.0546 3272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:02:53.0546 3272 Raspti - ok
20:02:53.0593 3272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:02:53.0593 3272 Rdbss - ok
20:02:53.0609 3272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:02:53.0609 3272 RDPCDD - ok
20:02:53.0656 3272 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:02:53.0656 3272 RDPWD - ok
20:02:53.0796 3272 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:02:53.0796 3272 redbook - ok
20:02:53.0843 3272 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
20:02:53.0843 3272 rimmptsk - ok
20:02:53.0890 3272 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
20:02:53.0890 3272 rimsptsk - ok
20:02:53.0937 3272 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
20:02:53.0937 3272 rismxdp - ok
20:02:54.0031 3272 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:02:54.0031 3272 rtl8139 - ok
20:02:54.0109 3272 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:02:54.0125 3272 sdbus - ok
20:02:54.0171 3272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:02:54.0171 3272 Secdrv - ok
20:02:54.0234 3272 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
20:02:54.0234 3272 Serial - ok
20:02:54.0312 3272 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
20:02:54.0312 3272 sffdisk - ok
20:02:54.0328 3272 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
20:02:54.0343 3272 sffp_sd - ok
20:02:54.0359 3272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:02:54.0359 3272 Sfloppy - ok
20:02:54.0390 3272 Simbad - ok
20:02:54.0453 3272 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:02:54.0453 3272 SLIP - ok
20:02:54.0468 3272 Sparrow - ok
20:02:54.0531 3272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:02:54.0531 3272 splitter - ok
20:02:54.0656 3272 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:02:54.0671 3272 sr - ok
20:02:54.0781 3272 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:02:54.0781 3272 Srv - ok
20:02:54.0859 3272 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:02:54.0859 3272 ssmdrv - ok
20:02:54.0906 3272 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:02:54.0921 3272 streamip - ok
20:02:55.0031 3272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:02:55.0031 3272 swenum - ok
20:02:55.0109 3272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:02:55.0109 3272 swmidi - ok
20:02:55.0125 3272 symc810 - ok
20:02:55.0140 3272 symc8xx - ok
20:02:55.0156 3272 sym_hi - ok
20:02:55.0171 3272 sym_u3 - ok
20:02:55.0250 3272 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:02:55.0250 3272 SynTP - ok
20:02:55.0328 3272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:02:55.0328 3272 sysaudio - ok
20:02:55.0390 3272 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
20:02:55.0390 3272 taphss - ok
20:02:55.0484 3272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:02:55.0484 3272 Tcpip - ok
20:02:55.0531 3272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:02:55.0531 3272 TDPIPE - ok
20:02:55.0562 3272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:02:55.0578 3272 TDTCP - ok
20:02:55.0640 3272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:02:55.0640 3272 TermDD - ok
20:02:55.0687 3272 TosIde - ok
20:02:55.0796 3272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:02:55.0812 3272 Udfs - ok
20:02:55.0812 3272 ultra - ok
20:02:55.0875 3272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:02:55.0875 3272 Update - ok
20:02:55.0921 3272 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
20:02:55.0937 3272 usbaudio - ok
20:02:56.0031 3272 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:02:56.0031 3272 usbccgp - ok
20:02:56.0062 3272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:02:56.0062 3272 usbehci - ok
20:02:56.0078 3272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:02:56.0078 3272 usbhub - ok
20:02:56.0109 3272 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:02:56.0109 3272 usbohci - ok
20:02:56.0156 3272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:02:56.0171 3272 usbscan - ok
20:02:56.0281 3272 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:02:56.0281 3272 USBSTOR - ok
20:02:56.0390 3272 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:02:56.0390 3272 usbvideo - ok
20:02:56.0453 3272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:02:56.0453 3272 VgaSave - ok
20:02:56.0468 3272 ViaIde - ok
20:02:56.0484 3272 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:02:56.0500 3272 VolSnap - ok
20:02:56.0578 3272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:02:56.0578 3272 Wanarp - ok
20:02:56.0609 3272 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
20:02:56.0625 3272 WDC_SAM - ok
20:02:56.0703 3272 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:02:56.0703 3272 Wdf01000 - ok
20:02:56.0718 3272 WDICA - ok
20:02:56.0781 3272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:02:56.0781 3272 wdmaud - ok
20:02:56.0906 3272 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
20:02:56.0906 3272 WpdUsb - ok
20:02:56.0984 3272 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:02:57.0000 3272 WSTCODEC - ok
20:02:57.0062 3272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:02:57.0078 3272 WudfPf - ok
20:02:57.0125 3272 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:02:57.0140 3272 WudfRd - ok
20:02:57.0187 3272 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:02:57.0359 3272 \Device\Harddisk0\DR0 - ok
20:02:57.0359 3272 Boot (0x1200) (5adf4f77d49c85b94c031ae8ac5894ac) \Device\Harddisk0\DR0\Partition0
20:02:57.0375 3272 \Device\Harddisk0\DR0\Partition0 - ok
20:02:57.0375 3272 ============================================================
20:02:57.0375 3272 Scan finished
20:02:57.0375 3272 ============================================================
20:02:57.0390 0576 Detected object count: 0
20:02:57.0390 0576 Actual detected object count: 0
|
|
02.01.2012, 22:25
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ --> GoogleSuche endet immer auf einer 95p.com Seite |
|
03.01.2012, 00:42
| #7 |
| | GoogleSuche endet immer auf einer 95p.com Seite Hier schonmal der Log von Malewarebytes. Code:
ATTFilter Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.02.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jen :: LAPTOP [Administrator] 02.01.2012 22:51:39 mbam-log-2012-01-02 (22-51-39).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 250119 Laufzeit: 1 Stunde(n), 29 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31\X (Rootkit.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
03.01.2012, 12:05
| #8 |
| | GoogleSuche endet immer auf einer 95p.com Seite Eset: Code:
ATTFilter esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=063b207768f63445bb0eb311b11fbf9d
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-03 06:58:58
# local_time=2012-01-03 07:58:58 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777215 100 0 42251120 42251120 0 0
# compatibility_mode=8192 67108863 100 0 25676 25676 0 0
# scanned=86447
# found=10
# cleaned=0
# scan_time=4040
C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads\SoftonicDownloader12536.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Jen\Eigene Dateien\Downloads\SoftonicDownloader30100.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Application Updater\ probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
${Memory} a variant of Win32/Adware.Toolbar.Dealio application 00000000000000000000000000000000 I
|
|
03.01.2012, 19:53
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Irgendwie hab ich den Eindruck es ist ein Volkssport geworden sich sämtlichen Kram von Softonic zu laden. Lass die Finger von dieser Seite. Da ist immer irgendein Müll wie Toolbars oder der sinnlose Softonic Downloader drin. Warum lädst du die Software nicht von der Seite des Herstellers oder notfalls bei chip.de? Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2012, 21:41
| #10 |
| | GoogleSuche endet immer auf einer 95p.com Seite Ähmm ja gute Frage.... Mir fällt aber gerade noch ein ich habe noch eine Lizenz für Kaspersky Antivirensystem, diese aber nicht mehr genutzt, weil das mein Laptop so langsam macht. Wäre es sinnvoller das hinzunehemen, aber einen besser geschützten Laptop zuhaben?? OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.01.2012 21:08:36 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Jen\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 67,05% Memory free 3,73 Gb Paging File | 3,23 Gb Available in Paging File | 86,67% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 104,67 Gb Total Space | 40,56 Gb Free Space | 38,75% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Jen\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0915061\mscorlib.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_d1c06882\system.drawing.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4117bb91\system.xml.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_06dc7666\system.windows.forms.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_514d4566\system.dll () MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll () MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Programme\ICQ7.2\MDb.dll () MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll () MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll () MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll () MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll () MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll () MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_de_b77a5c561934e089\system.windows.forms.resources.dll () MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll () MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (WDSmartWareBackgroundService) -- File not found SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (HssTrayService) -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (HssDrv) -- C:\WINDOWS\system32\drivers\HssDrv.sys (AnchorFree Inc.) DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (huawei_enumerator) -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies) DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.) DRV - (DNSeFilter) -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS (Samsung Electronics,.LTD) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.05 19:36:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.11.23 20:26:33 | 000,000,000 | ---D | M] [2010.08.30 22:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Extensions [2011.11.07 17:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions [2010.10.30 09:29:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.07 17:35:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.05 19:38:58 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\searchplugins\icqplugin.xml [2011.10.22 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.04 09:39:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.08.25 20:14:19 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\JEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\C41204GV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.01.05 19:36:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2011.10.03 10:19:02 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.03 10:19:01 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2011.10.03 10:19:01 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.10.03 10:18:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.03 10:18:57 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.03 10:18:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation) O4 - HKLM..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe () O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDDMStatus.lnk = C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDSmartWare.lnk = C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital) O4 - Startup: C:\Dokumente und Einstellungen\Jen\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A92051AD-E01B-4327-BA0C-998C53923ABD}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.08.30 19:51:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067) ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\WINDOWS\System32\ [2012.01.03 06:48:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Jen\Recent [2012.01.03 00:43:44 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.01.03 00:42:40 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Jen\Desktop\esetsmartinstaller_enu.exe [2012.01.01 21:47:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Malwarebytes [2012.01.01 21:45:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.01.01 21:45:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.01.01 21:45:02 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.01.01 21:45:01 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.01.01 21:27:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip [2012.01.01 21:27:05 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2012.01.01 21:08:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Avira [2012.01.01 21:02:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2012.01.01 21:02:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.01.01 21:02:18 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.01.01 21:02:18 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.01.01 21:02:18 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.01.01 21:02:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2012.01.01 17:07:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jen\Desktop\OTL.exe [2012.01.01 17:03:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0 [2011.12.31 16:10:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Sun [2011.12.31 13:56:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2011.12.30 22:06:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe [2011.12.30 22:00:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31 [2011.12.22 17:37:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\engel [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== File not found -- C:\WINDOWS\System32\ [2012.01.07 20:30:08 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\Microsoft Office Word 2003.lnk [2012.01.03 00:42:40 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Jen\Desktop\esetsmartinstaller_enu.exe [2012.01.03 00:37:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.01.01 21:45:08 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.01 21:30:43 | 000,051,218 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\gmer.zip [2012.01.01 21:28:05 | 000,033,378 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\gmer.7z [2012.01.01 21:02:50 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.01.01 17:48:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.01.01 17:07:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jen\Desktop\OTL.exe [2012.01.01 17:03:34 | 001,309,375 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0.zip [2011.12.31 16:10:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.12.27 23:33:28 | 000,096,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.22 18:10:59 | 000,030,017 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\.recently-used.xbel [2011.12.18 18:48:23 | 002,274,361 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\CIMG0955.JPG [2011.12.17 17:35:29 | 000,139,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.12.15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011.12.15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2011.12.14 21:12:22 | 000,280,762 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\22096.01.xcf [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.12.05 19:10:03 | 000,000,070 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\.gtk-bookmarks [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.01 21:45:08 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.01 21:30:43 | 000,051,218 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Desktop\gmer.zip [2012.01.01 21:28:04 | 000,033,378 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Desktop\gmer.7z [2012.01.01 21:02:50 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.01.01 17:03:31 | 001,309,375 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Desktop\tdsskiller_2.5.5.0.zip [2011.12.22 18:10:59 | 000,030,017 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\.recently-used.xbel [2011.12.18 19:23:12 | 000,397,371 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\mela +schatz.JPG [2011.12.18 18:50:02 | 002,274,361 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\CIMG0955.JPG [2011.12.14 21:12:22 | 000,280,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\22096.01.xcf [2011.12.14 20:25:10 | 005,192,260 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\SAM_9446.JPG [2011.12.14 20:18:08 | 005,002,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Eigene Dateien\SAM_9400.JPG [2011.12.05 19:10:03 | 000,000,070 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\.gtk-bookmarks [2010.10.13 16:24:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.09.01 13:29:56 | 000,096,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.01 12:15:31 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010.09.01 11:09:38 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010.08.30 22:10:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010.08.30 22:02:40 | 000,000,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat [2010.08.30 21:46:47 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.08.30 21:19:15 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2010.08.30 20:36:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010.08.30 20:34:41 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.08.30 19:57:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010.08.30 19:55:27 | 000,001,082 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2010.08.30 19:48:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006.02.13 15:29:26 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.08.04 13:00:00 | 000,459,844 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.04 13:00:00 | 000,441,906 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.08.04 13:00:00 | 000,085,170 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.04 13:00:00 | 000,071,842 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003.07.30 10:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2003.07.30 09:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2011.12.31 14:06:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService [2011.08.25 20:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hssff [2010.09.01 11:57:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.04.19 15:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony [2010.09.02 12:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WD_SmartWareCommon [2010.09.02 12:07:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Western Digital [2010.08.30 21:21:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLAN [2011.12.22 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\gtk-2.0 [2011.09.11 13:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\ICQ [2010.09.01 13:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\OpenOffice.org [2010.09.01 12:33:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\pdfforge [2011.10.22 10:37:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Search Settings [2011.04.19 15:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony [2011.04.19 14:50:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Setup [2010.09.02 12:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Western Digital ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.11.23 20:27:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Adobe [2011.06.16 19:09:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Apple Computer [2010.08.30 21:46:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\ATI [2012.01.01 21:08:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Avira [2011.12.22 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\gtk-2.0 [2011.09.11 13:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\ICQ [2010.08.30 20:00:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Identities [2010.08.30 22:00:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\InstallShield [2010.08.30 23:18:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Macromedia [2012.01.01 21:47:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Malwarebytes [2011.11.23 20:27:10 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Microsoft [2010.08.30 22:10:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla [2010.09.01 13:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\OpenOffice.org [2010.09.01 12:33:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\pdfforge [2011.10.22 10:37:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Search Settings [2011.08.06 12:40:54 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\SecuROM [2011.11.07 20:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Skype [2011.04.19 15:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony [2011.04.19 15:52:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Corporation [2011.04.19 14:50:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Setup [2010.08.30 21:49:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sun [2010.11.07 17:13:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\vlc [2010.09.02 12:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Western Digital [2010.09.01 21:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Winamp [2010.09.01 13:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\WinRAR < %APPDATA%\*.exe /s > [2011.04.19 14:50:08 | 001,885,888 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Setup\46221573-1FC8-4EC3-B60C-85E1B8FBE4C6\langpack.exe [2011.04.19 14:51:54 | 034,452,784 | ---- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 06:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 06:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2004.09.26 14:24:54 | 000,477,952 | ---- | M] (Intel Corporation) MD5=DD19FDD8BB262F64A11C50CC23FC6F70 -- C:\WINDOWS\OEM\iaStor\iaStor.sys < MD5 for: NETLOGON.DLL > [2008.04.14 06:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 06:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: NVATABUS.SYS > [2004.09.02 08:24:38 | 000,082,816 | ---- | M] (NVIDIA Corporation) MD5=EEABD98AA887DD923546F20D400B2907 -- C:\WINDOWS\OEM\nvatabus\nvatabus.sys < MD5 for: SCECLI.DLL > [2008.04.14 06:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 06:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.04 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2004.08.04 13:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2008.04.14 06:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 06:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: VIAMRAID.SYS > [2004.05.18 14:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\OEM\viapdsk\viamraid.sys < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.08.30 21:33:47 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2010.08.30 21:33:47 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2010.08.30 21:33:47 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\WINDOWS\$NtUninstallKB18828$] -> Error: Cannot create file handle -> Unknown point type < End of report > |
|
03.01.2012, 22:02
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Nein, installier jetzt bitte nicht irgendwelche Programme. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p="
[2011.11.07 17:35:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.05 19:38:58 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\searchplugins\icqplugin.xml
[2011.08.25 20:14:19 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.30 19:51:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell - "" = AutoRun
O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun
O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell - "" = AutoRun
O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
:Files
C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31
C:\WINDOWS\$NtUninstallKB18828$
C:\Programme\Gemeinsame Dateien\Spigot
C:\Programme\pdfforge Toolbar
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2012, 22:17
| #12 |
| | GoogleSuche endet immer auf einer 95p.com Seite Okay. Kann man an den Daten auch ablesen wo und wann ich mir das eingefangen hab??? Code:
ATTFilter All processes killed
========== OTL ==========
No active process named SearchSettings.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "chr-greentree_ff&type=302398&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.google.de" removed from browser.startup.homepage
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: "hxxp://de.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p=" removed from keyword.URL
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\searchplugins\icqplugin.xml moved successfully.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\locale scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\defaults scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com scheduled to be moved on reboot.
C:\Programme\Mozilla Firefox\plugins\npwachk.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
C:\Programme\Hotspot Shield\HssIE\HssIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Programme\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2fad044-a0be-11e0-9e0e-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2fad044-a0be-11e0-9e0e-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2fad044-a0be-11e0-9e0e-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2fad044-a0be-11e0-9e0e-001377074099}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e953605e-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e953605e-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e953605e-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e953605e-982a-11e0-9e04-001377074099}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9536062-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9536062-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9536062-982a-11e0-9e04-001377074099}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9536062-982a-11e0-9e04-001377074099}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\AutoRun.exe not found.
========== FILES ==========
C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31\U folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Lokale Einstellungen\Anwendungsdaten\99422f31 folder moved successfully.
Folder move failed. C:\WINDOWS\$NtUninstallKB18828$ scheduled to be moved on reboot.
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components folder moved successfully.
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom folder moved successfully.
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res folder moved successfully.
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Lang folder moved successfully.
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings folder moved successfully.
C:\Programme\Gemeinsame Dateien\Spigot folder moved successfully.
C:\Programme\pdfforge Toolbar\Res\Lang folder moved successfully.
C:\Programme\pdfforge Toolbar\Res folder moved successfully.
C:\Programme\pdfforge Toolbar\IE\4.7 folder moved successfully.
C:\Programme\pdfforge Toolbar\IE folder moved successfully.
C:\Programme\pdfforge Toolbar\FF\chrome\skin folder moved successfully.
C:\Programme\pdfforge Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Programme\pdfforge Toolbar\FF\chrome\locale folder moved successfully.
C:\Programme\pdfforge Toolbar\FF\chrome\content folder moved successfully.
C:\Programme\pdfforge Toolbar\FF\chrome folder moved successfully.
C:\Programme\pdfforge Toolbar\FF folder moved successfully.
C:\Programme\pdfforge Toolbar folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Jen
->Temp folder emptied: 5108236 bytes
->Temporary Internet Files folder emptied: 33166 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 101406841 bytes
->Flash cache emptied: 517 bytes
User: LocalService
->Temp folder emptied: 3596 bytes
->Temporary Internet Files folder emptied: 98737378 bytes
->Java cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 3596 bytes
->Temporary Internet Files folder emptied: 35053092 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2195157 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3596 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 231,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 01032012_220927
Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Jen\Anwendungsdaten\Mozilla\Firefox\Profiles\c41204gv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\skin folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com folder moved successfully.
Folder move failed. C:\WINDOWS\$NtUninstallKB18828$ scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
04.01.2012, 17:23
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.01.2012, 22:22
| #14 |
| | GoogleSuche endet immer auf einer 95p.com Seite Ist das das gesuchte Log?? Es kam zusätzlich noch ein Fenster zwischendrin als ein Objekt gefunden wurde, mit continue hab ich den Scan weiterlaufen lassen, am der Einstellung des geoffneten Fensters habe ich jedoch nichts geändert hoffe dass ich somit nicht was versehentlich gelöscht hab .... TDSS Killer Code:
ATTFilter 22:15:37.0687 3152 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
22:15:37.0812 3152 ============================================================
22:15:37.0812 3152 Current date / time: 2012/01/04 22:15:37.0812
22:15:37.0812 3152 SystemInfo:
22:15:37.0812 3152
22:15:37.0812 3152 OS Version: 5.1.2600 ServicePack: 3.0
22:15:37.0812 3152 Product type: Workstation
22:15:37.0812 3152 ComputerName: LAPTOP
22:15:37.0812 3152 UserName: Jen
22:15:37.0812 3152 Windows directory: C:\WINDOWS
22:15:37.0812 3152 System windows directory: C:\WINDOWS
22:15:37.0812 3152 Processor architecture: Intel x86
22:15:37.0812 3152 Number of processors: 2
22:15:37.0812 3152 Page size: 0x1000
22:15:37.0812 3152 Boot type: Normal boot
22:15:37.0812 3152 ============================================================
22:15:39.0531 3152 Initialize success
22:16:33.0781 3576 ============================================================
22:16:33.0781 3576 Scan started
22:16:33.0781 3576 Mode: Manual; SigCheck; TDLFS;
22:16:33.0781 3576 ============================================================
22:16:34.0062 3576 Abiosdsk - ok
22:16:34.0093 3576 abp480n5 - ok
22:16:34.0203 3576 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:16:36.0015 3576 ACPI - ok
22:16:36.0140 3576 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:16:36.0312 3576 ACPIEC - ok
22:16:36.0328 3576 adpu160m - ok
22:16:36.0406 3576 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:16:36.0546 3576 aec - ok
22:16:36.0593 3576 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:16:36.0640 3576 AFD - ok
22:16:36.0750 3576 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
22:16:36.0921 3576 AgereSoftModem - ok
22:16:37.0015 3576 Aha154x - ok
22:16:37.0062 3576 aic78u2 - ok
22:16:37.0093 3576 aic78xx - ok
22:16:37.0140 3576 AliIde - ok
22:16:37.0312 3576 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:16:37.0921 3576 Ambfilt - ok
22:16:38.0015 3576 amsint - ok
22:16:38.0156 3576 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
22:16:38.0250 3576 AR5211 - ok
22:16:38.0312 3576 asc - ok
22:16:38.0359 3576 asc3350p - ok
22:16:38.0390 3576 asc3550 - ok
22:16:38.0515 3576 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:16:38.0640 3576 AsyncMac - ok
22:16:38.0734 3576 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:16:38.0859 3576 atapi - ok
22:16:38.0906 3576 Atdisk - ok
22:16:39.0093 3576 ati2mtag (d371d3f40051a1f602c85cef5c787d76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:16:39.0265 3576 ati2mtag - ok
22:16:39.0328 3576 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:16:39.0453 3576 Atmarpc - ok
22:16:39.0578 3576 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:16:39.0718 3576 audstub - ok
22:16:39.0828 3576 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:16:39.0843 3576 avgntflt - ok
22:16:39.0921 3576 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:16:39.0921 3576 avipbb - ok
22:16:39.0968 3576 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:16:39.0984 3576 avkmgr - ok
22:16:40.0046 3576 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:16:40.0187 3576 Beep - ok
22:16:40.0218 3576 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:16:40.0375 3576 cbidf2k - ok
22:16:40.0437 3576 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:16:40.0593 3576 CCDECODE - ok
22:16:40.0593 3576 cd20xrnt - ok
22:16:40.0625 3576 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:16:40.0765 3576 Cdaudio - ok
22:16:40.0828 3576 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:16:40.0968 3576 Cdfs - ok
22:16:40.0984 3576 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:16:41.0109 3576 Cdrom - ok
22:16:41.0171 3576 Changer - ok
22:16:41.0234 3576 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:16:41.0375 3576 CmBatt - ok
22:16:41.0453 3576 CmdIde - ok
22:16:41.0468 3576 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:16:41.0593 3576 Compbatt - ok
22:16:41.0609 3576 Cpqarray - ok
22:16:41.0625 3576 dac2w2k - ok
22:16:41.0640 3576 dac960nt - ok
22:16:41.0656 3576 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:16:41.0781 3576 Disk - ok
22:16:41.0843 3576 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
22:16:42.0062 3576 dmboot - ok
22:16:42.0078 3576 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
22:16:42.0218 3576 dmio - ok
22:16:42.0406 3576 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:16:42.0531 3576 dmload - ok
22:16:42.0656 3576 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:16:42.0781 3576 DMusic - ok
22:16:42.0875 3576 DNSeFilter (459a946c0766aa3d342d0f0ded90cf8d) C:\WINDOWS\system32\drivers\SamsungEDS.sys
22:16:42.0906 3576 DNSeFilter ( UnsignedFile.Multi.Generic ) - warning
22:16:42.0906 3576 DNSeFilter - detected UnsignedFile.Multi.Generic (1)
22:16:42.0968 3576 dpti2o - ok
22:16:43.0015 3576 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:16:43.0156 3576 drmkaud - ok
22:16:43.0250 3576 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
22:16:43.0328 3576 ewusbnet - ok
22:16:43.0406 3576 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:16:43.0468 3576 ew_hwusbdev - ok
22:16:43.0531 3576 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:16:43.0687 3576 Fastfat - ok
22:16:43.0734 3576 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:16:43.0859 3576 Fdc - ok
22:16:43.0890 3576 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
22:16:44.0015 3576 Fips - ok
22:16:44.0046 3576 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:16:44.0171 3576 Flpydisk - ok
22:16:44.0187 3576 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:16:44.0328 3576 FltMgr - ok
22:16:44.0421 3576 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:16:44.0562 3576 Fs_Rec - ok
22:16:44.0656 3576 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:16:44.0812 3576 Ftdisk - ok
22:16:44.0859 3576 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:16:44.0968 3576 Gpc - ok
22:16:45.0031 3576 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:16:45.0140 3576 HDAudBus - ok
22:16:45.0218 3576 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:16:45.0343 3576 HidUsb - ok
22:16:45.0359 3576 hpn - ok
22:16:45.0421 3576 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
22:16:45.0437 3576 HssDrv - ok
22:16:45.0531 3576 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:16:45.0609 3576 HTTP - ok
22:16:45.0734 3576 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
22:16:45.0843 3576 huawei_enumerator - ok
22:16:45.0906 3576 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
22:16:45.0968 3576 hwdatacard - ok
22:16:45.0984 3576 i2omgmt - ok
22:16:46.0000 3576 i2omp - ok
22:16:46.0062 3576 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:16:46.0203 3576 i8042prt - ok
22:16:46.0250 3576 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:16:46.0375 3576 Imapi - ok
22:16:46.0390 3576 ini910u - ok
22:16:46.0843 3576 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:16:47.0250 3576 IntcAzAudAddService - ok
22:16:47.0359 3576 IntelIde - ok
22:16:47.0437 3576 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:16:47.0546 3576 intelppm - ok
22:16:47.0609 3576 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:16:47.0750 3576 Ip6Fw - ok
22:16:47.0796 3576 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:16:47.0937 3576 IpFilterDriver - ok
22:16:47.0968 3576 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:16:48.0109 3576 IpInIp - ok
22:16:48.0140 3576 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:16:48.0281 3576 IpNat - ok
22:16:48.0328 3576 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:16:48.0453 3576 IPSec - ok
22:16:48.0484 3576 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:16:48.0609 3576 IRENUM - ok
22:16:48.0656 3576 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:16:48.0781 3576 isapnp - ok
22:16:48.0859 3576 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:16:49.0000 3576 Kbdclass - ok
22:16:49.0125 3576 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:16:49.0234 3576 kmixer - ok
22:16:49.0265 3576 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:16:49.0359 3576 KSecDD - ok
22:16:49.0375 3576 lbrtfdc - ok
22:16:49.0453 3576 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:16:49.0578 3576 mnmdd - ok
22:16:49.0640 3576 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
22:16:49.0765 3576 Modem - ok
22:16:49.0875 3576 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
22:16:50.0078 3576 Monfilt - ok
22:16:50.0171 3576 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:16:50.0312 3576 Mouclass - ok
22:16:50.0421 3576 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:16:50.0562 3576 mouhid - ok
22:16:50.0656 3576 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:16:50.0781 3576 MountMgr - ok
22:16:50.0781 3576 mraid35x - ok
22:16:50.0796 3576 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:16:50.0937 3576 MRxDAV - ok
22:16:51.0000 3576 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:16:51.0125 3576 MRxSmb - ok
22:16:51.0140 3576 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:16:51.0265 3576 Msfs - ok
22:16:51.0328 3576 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:16:51.0453 3576 MSKSSRV - ok
22:16:51.0500 3576 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:16:51.0640 3576 MSPCLOCK - ok
22:16:51.0671 3576 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:16:51.0796 3576 MSPQM - ok
22:16:51.0906 3576 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:16:52.0015 3576 mssmbios - ok
22:16:52.0062 3576 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:16:52.0203 3576 MSTEE - ok
22:16:52.0234 3576 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:16:52.0265 3576 Mup - ok
22:16:52.0390 3576 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:16:52.0531 3576 NABTSFEC - ok
22:16:52.0640 3576 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:16:52.0781 3576 NDIS - ok
22:16:52.0812 3576 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:16:52.0937 3576 NdisIP - ok
22:16:52.0968 3576 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:16:53.0000 3576 NdisTapi - ok
22:16:53.0062 3576 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:16:53.0187 3576 Ndisuio - ok
22:16:53.0203 3576 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:16:53.0328 3576 NdisWan - ok
22:16:53.0375 3576 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:16:53.0421 3576 NDProxy - ok
22:16:53.0437 3576 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:16:53.0562 3576 NetBIOS - ok
22:16:53.0625 3576 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:16:53.0750 3576 NetBT - ok
22:16:53.0843 3576 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:16:53.0968 3576 Npfs - ok
22:16:54.0109 3576 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:16:54.0312 3576 Ntfs - ok
22:16:54.0390 3576 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:16:54.0531 3576 Null - ok
22:16:54.0578 3576 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:16:54.0718 3576 NwlnkFlt - ok
22:16:54.0765 3576 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:16:54.0921 3576 NwlnkFwd - ok
22:16:54.0953 3576 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
22:16:55.0093 3576 Parport - ok
22:16:55.0125 3576 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:16:55.0250 3576 PartMgr - ok
22:16:55.0296 3576 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
22:16:55.0453 3576 ParVdm - ok
22:16:55.0531 3576 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
22:16:55.0656 3576 PCI - ok
22:16:55.0703 3576 PCIDump - ok
22:16:55.0765 3576 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:16:55.0921 3576 PCIIde - ok
22:16:55.0937 3576 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:16:56.0062 3576 Pcmcia - ok
22:16:56.0078 3576 PDCOMP - ok
22:16:56.0093 3576 PDFRAME - ok
22:16:56.0093 3576 PDRELI - ok
22:16:56.0109 3576 PDRFRAME - ok
22:16:56.0125 3576 perc2 - ok
22:16:56.0140 3576 perc2hib - ok
22:16:56.0187 3576 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:16:56.0296 3576 PptpMiniport - ok
22:16:56.0375 3576 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:56.0484 3576 PSched - ok
22:16:56.0531 3576 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:56.0671 3576 Ptilink - ok
22:16:56.0718 3576 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:16:56.0734 3576 PxHelp20 - ok
22:16:56.0750 3576 ql1080 - ok
22:16:56.0765 3576 Ql10wnt - ok
22:16:56.0781 3576 ql12160 - ok
22:16:56.0796 3576 ql1240 - ok
22:16:56.0796 3576 ql1280 - ok
22:16:56.0828 3576 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:16:56.0953 3576 RasAcd - ok
22:16:56.0968 3576 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:16:57.0078 3576 Rasl2tp - ok
22:16:57.0093 3576 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:16:57.0218 3576 RasPppoe - ok
22:16:57.0234 3576 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:16:57.0406 3576 Raspti - ok
22:16:57.0468 3576 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:16:57.0609 3576 Rdbss - ok
22:16:57.0656 3576 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:16:57.0796 3576 RDPCDD - ok
22:16:57.0875 3576 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:16:57.0921 3576 RDPWD - ok
22:16:58.0046 3576 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:16:58.0187 3576 redbook - ok
22:16:58.0265 3576 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:16:58.0296 3576 rimmptsk - ok
22:16:58.0343 3576 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:16:58.0390 3576 rimsptsk - ok
22:16:58.0437 3576 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:16:58.0484 3576 rismxdp - ok
22:16:58.0593 3576 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
22:16:58.0703 3576 rtl8139 - ok
22:16:58.0828 3576 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:16:58.0953 3576 sdbus - ok
22:16:59.0015 3576 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:16:59.0156 3576 Secdrv - ok
22:16:59.0218 3576 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
22:16:59.0343 3576 Serial - ok
22:16:59.0390 3576 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:16:59.0531 3576 sffdisk - ok
22:16:59.0562 3576 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:16:59.0687 3576 sffp_sd - ok
22:16:59.0734 3576 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:16:59.0859 3576 Sfloppy - ok
22:16:59.0906 3576 Simbad - ok
22:17:00.0000 3576 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:17:00.0109 3576 SLIP - ok
22:17:00.0140 3576 Sparrow - ok
22:17:00.0203 3576 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:17:00.0328 3576 splitter - ok
22:17:00.0390 3576 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
22:17:00.0515 3576 sr - ok
22:17:00.0625 3576 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:17:00.0718 3576 Srv - ok
22:17:00.0796 3576 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:17:00.0796 3576 ssmdrv - ok
22:17:00.0843 3576 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:17:00.0984 3576 streamip - ok
22:17:01.0015 3576 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:17:01.0140 3576 swenum - ok
22:17:01.0218 3576 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:17:01.0359 3576 swmidi - ok
22:17:01.0375 3576 symc810 - ok
22:17:01.0390 3576 symc8xx - ok
22:17:01.0406 3576 sym_hi - ok
22:17:01.0406 3576 sym_u3 - ok
22:17:01.0484 3576 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:17:01.0531 3576 SynTP - ok
22:17:01.0578 3576 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:17:01.0718 3576 sysaudio - ok
22:17:01.0750 3576 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
22:17:01.0750 3576 taphss - ok
22:17:01.0875 3576 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:17:01.0968 3576 Tcpip - ok
22:17:02.0031 3576 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:17:02.0171 3576 TDPIPE - ok
22:17:02.0203 3576 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:17:02.0328 3576 TDTCP - ok
22:17:02.0390 3576 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:17:02.0500 3576 TermDD - ok
22:17:02.0546 3576 TosIde - ok
22:17:02.0578 3576 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:17:02.0718 3576 Udfs - ok
22:17:02.0765 3576 ultra - ok
22:17:02.0843 3576 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:17:03.0031 3576 Update - ok
22:17:03.0109 3576 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:17:03.0265 3576 usbaudio - ok
22:17:03.0375 3576 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:17:03.0515 3576 usbccgp - ok
22:17:03.0671 3576 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:17:03.0796 3576 usbehci - ok
22:17:03.0859 3576 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:17:03.0968 3576 usbhub - ok
22:17:03.0984 3576 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:17:04.0109 3576 usbohci - ok
22:17:04.0171 3576 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:17:04.0312 3576 usbscan - ok
22:17:04.0359 3576 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:17:04.0484 3576 USBSTOR - ok
22:17:04.0562 3576 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:17:04.0718 3576 usbvideo - ok
22:17:04.0828 3576 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:17:04.0937 3576 VgaSave - ok
22:17:04.0968 3576 ViaIde - ok
22:17:04.0984 3576 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
22:17:05.0109 3576 VolSnap - ok
22:17:05.0140 3576 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:17:05.0265 3576 Wanarp - ok
22:17:05.0281 3576 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
22:17:05.0343 3576 WDC_SAM - ok
22:17:05.0421 3576 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:17:05.0437 3576 Wdf01000 - ok
22:17:05.0453 3576 WDICA - ok
22:17:05.0515 3576 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:17:05.0640 3576 wdmaud - ok
22:17:05.0750 3576 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
22:17:05.0812 3576 WpdUsb - ok
22:17:05.0937 3576 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:17:06.0078 3576 WSTCODEC - ok
22:17:06.0156 3576 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:17:06.0218 3576 WudfPf - ok
22:17:06.0250 3576 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:17:06.0296 3576 WudfRd - ok
22:17:06.0359 3576 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
22:17:06.0625 3576 \Device\Harddisk0\DR0 - ok
22:17:06.0625 3576 Boot (0x1200) (5adf4f77d49c85b94c031ae8ac5894ac) \Device\Harddisk0\DR0\Partition0
22:17:06.0625 3576 \Device\Harddisk0\DR0\Partition0 - ok
22:17:06.0625 3576 ============================================================
22:17:06.0625 3576 Scan finished
22:17:06.0625 3576 ============================================================
22:17:06.0750 1644 Detected object count: 1
22:17:06.0750 1644 Actual detected object count: 1
22:17:23.0046 1644 DNSeFilter ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:23.0046 1644 DNSeFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.01.2012, 22:23
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleSuche endet immer auf einer 95p.com Seite Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GoogleSuche endet immer auf einer 95p.com Seite |
| 95p.com, adobe, aufrufe, avg, avira, dateien, desktop, einstellungen, explorer, explorer.exe, firefox, format, gelöscht, home, icq, internet, kaspersky, logfile, microsoft, mozilla, nicht möglich, scan, seite, seiten, system32, updates, windows, zufällig |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
