Trojaner-Board - Entfernen von PDF Creator Toolbar und vill anderen schädlingen

So hier der OTL Log:

Code:

OTL logfile created on: 08.01.2012 21:09:13 - Run 9

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\***\Desktop\dies und das

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 67,29% Memory free

8,21 Gb Paging File | 6,53 Gb Available in Paging File | 79,54% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,76 Gb Total Space | 328,54 Gb Free Space | 70,54% Space Free | Partition Type: NTFS

 

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.01.04 14:56:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\dies und das\OTL.exe

PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.12.19 16:32:26 | 000,394,672 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

PRC - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.08.22 15:13:02 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

PRC - [2011.08.22 15:12:52 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe

PRC - [2009.07.30 15:05:58 | 000,497,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe

PRC - [2008.09.08 15:48:16 | 000,539,160 | R--- | M] (Symantec) -- C:\Program Files (x86)\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe

PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.10.13 19:19:07 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ab1a41d184118635218d38da3f4bcae8\System.Management.ni.dll

MOD - [2011.10.13 19:17:52 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dabeb21f09f88576c2cce838280c7f44\System.Runtime.Remoting.ni.dll

MOD - [2011.10.13 19:17:45 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2b0b477db8f5a19d6365b93106b26651\System.Xaml.ni.dll

MOD - [2011.10.13 18:24:30 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll

MOD - [2011.10.13 18:24:18 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll

MOD - [2011.10.13 18:24:17 | 011,470,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll

MOD - [2011.10.13 18:24:12 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll

MOD - [2011.10.13 18:24:11 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af091a68303117ca2166aa13bcbfbbd0\PresentationFramework.Aero.ni.dll

MOD - [2011.10.13 18:24:08 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll

MOD - [2011.10.13 18:24:08 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll

MOD - [2011.10.13 18:24:08 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll

MOD - [2011.10.13 18:24:04 | 009,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll

MOD - [2011.10.13 18:23:59 | 014,409,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll

MOD - [2011.09.16 19:09:27 | 000,115,137 | ---- | M] () -- C:\Users\***\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll

MOD - [2011.08.22 15:13:02 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2009.12.11 21:44:52 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.12.19 16:32:26 | 000,394,672 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)

SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.08.02 10:47:14 | 000,159,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe -- (CDMA Device Service)

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.09.08 15:48:16 | 000,539,160 | R--- | M] (Symantec) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe -- (SymantecAntiBotWatcher)

SRV - [2008.09.08 15:48:12 | 004,910,104 | R--- | M] (Symantec) [Auto | Stopped] -- C:\Program Files (x86)\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe -- (SymantecAntiBotAgent)

SRV - [2008.01.21 03:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2008.01.21 03:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.12.08 16:37:25 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.10.11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.10.11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.09.09 21:35:28 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)

DRV:64bit: - [2011.07.18 05:24:46 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)

DRV:64bit: - [2011.07.18 05:24:46 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)

DRV:64bit: - [2011.07.18 05:24:46 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)

DRV:64bit: - [2011.03.24 09:57:54 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)

DRV:64bit: - [2011.03.24 09:57:54 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)

DRV:64bit: - [2010.07.30 06:51:52 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)

DRV:64bit: - [2010.06.24 14:00:14 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TFsExDisk.sys -- (TFsExDisk)

DRV:64bit: - [2009.12.11 22:04:44 | 006,228,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2009.12.11 20:51:08 | 000,160,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2009.11.19 00:31:24 | 000,120,848 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)

DRV:64bit: - [2008.02.14 07:56:14 | 000,160,768 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)

DRV:64bit: - [2007.10.12 02:40:14 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\amdide64.sys -- (amdide64)

DRV:64bit: - [2006.11.07 16:30:56 | 000,016,656 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)

DRV - [2011.07.26 16:26:44 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)

DRV - [2011.03.24 09:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)

DRV - [2011.03.24 09:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2010.06.24 14:00:14 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

DRV - [2008.09.08 15:48:42 | 000,204,824 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotDriver.sys -- (SymantecAntiBotDriver)

DRV - [2008.09.08 15:48:40 | 000,035,352 | R--- | M] (Symantec Corporation. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotFilter.sys -- (SymantecAntiBotFilter)

DRV - [2008.04.04 18:34:26 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\disksec.sys -- (DiskSec)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="

FF - prefs.js..network.proxy.type: 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.10 17:22:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.10 17:22:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.12 16:39:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.19 14:04:46 | 000,000,000 | ---D | M]

 

[2010.01.27 16:21:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions

[2012.01.08 21:08:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ow6v6ohh.default\extensions

[2012.01.08 21:08:31 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ow6v6ohh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2011.12.31 21:35:13 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ow6v6ohh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.03.29 17:52:24 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ow6v6ohh.default\extensions\engine@conduit.com

[2010.08.12 20:48:02 | 000,000,873 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ow6v6ohh.default\searchplugins\conduit.xml

[2012.01.02 20:48:03 | 000,000,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ow6v6ohh.default\searchplugins\icqplugin.xml

[2011.11.12 16:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.10.26 09:28:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OW6V6OHH.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OW6V6OHH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OW6V6OHH.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI

[2011.11.12 16:39:29 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.10.04 20:46:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.10.04 20:46:38 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.10.04 20:46:38 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.04 20:46:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.04 20:46:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.10.04 20:46:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: ICQ Search ()

CHR - default_search_provider: search_url = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd

CHR - default_search_provider: suggest_url = 

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\10.0.648.127\pdf.dll

CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\10.0.648.127\gears.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\10.0.648.127\gcswf32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: DivX HiQ = C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\

CHR - Extension: DivX HiQ = C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

 

O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2:64bit: - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll File not found

O3:64bit: - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006104657\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll File not found

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O4:64bit: - HKLM..\Run: [EKAIO2StatusMonitor] C:\Windows\SysNative\spool\DRIVERS\x64\3\EKAiO2MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Conime] C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)

O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D11968C0-B2AB-4940-84F0-98EA487833E2}: DhcpNameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{24c5c7a2-e090-11e0-94a2-0024210dde28}\Shell - "" = AutoRun

O33 - MountPoints2\{24c5c7a2-e090-11e0-94a2-0024210dde28}\Shell\AutoRun\command - "" = F:\SamsungKiesInstaller.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

MsConfig:64bit - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StarOffice 8.lnk - C:\PROGRA~2\Sun\STAROF~1\program\QUICKS~1.EXE - ()

MsConfig:64bit - StartUpReg: DivX Download Manager - hkey= - key= - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MsConfig:64bit - StartUpReg: NortonAntiBot - hkey= - key= - C:\Program Files (x86)\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe (Symantec)

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: WudfPf - Driver

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()

Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()

Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)

Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.01.08 15:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.01.07 13:46:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\dies und das

[2012.01.06 17:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2012.01.06 17:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip

[2012.01.04 12:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2012.01.04 12:20:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2012.01.01 13:50:00 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Blue Stahli

[2011.12.31 21:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

[2011.12.31 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DVDVideoSoft

[2011.12.31 21:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft

[2011.12.31 21:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft

[2011.12.31 12:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.31 12:02:11 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\bilder detlef

[2011.12.30 16:18:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\kodak

[2011.12.30 16:18:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Eastman_Kodak_Company

[2011.12.30 16:16:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Eastman Kodak Company

[2011.12.30 16:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

[2011.12.30 16:15:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\kodak

[2011.12.30 16:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kodak

[2011.12.30 16:10:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Temp

[2011.12.30 16:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak

[2011.12.23 22:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames

[2011.12.23 22:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames

[2011.12.15 18:06:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater

[2011.12.15 18:06:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot

[2011.12.15 18:05:58 | 000,000,000 | ---D | C] -- C:\Users\Christoph\AppData\Roaming\pdfforge

[2011.12.10 10:26:04 | 001,058,304 | ---- | C] (Eastman Kodak Company) -- C:\Windows\SysNative\EKAiO2MON.dll

[2011.12.10 10:26:02 | 000,177,664 | ---- | C] (Eastman Kodak Company) -- C:\Windows\SysNative\EKAiO2COI07.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.01.08 21:11:59 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.01.08 20:12:27 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.01.08 20:12:27 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.01.08 20:12:27 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.01.08 20:12:27 | 000,126,248 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.01.08 20:12:27 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.01.08 20:06:22 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.01.08 20:06:22 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.01.08 20:06:20 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.01.08 20:06:20 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job

[2012.01.08 20:06:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.01.07 13:42:38 | 000,002,787 | ---- | M] () -- C:\Users\***\Desktop\Schreibprogramm.lnk

[2012.01.04 14:01:31 | 000,000,202 | ---- | M] () -- C:\Users\***\defogger_reenable

[2011.12.31 13:11:46 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2011.12.31 13:01:24 | 000,000,202 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_130121.reg

[2011.12.31 13:01:06 | 000,163,692 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_130059.reg

[2011.12.31 13:00:43 | 000,674,752 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_130008.reg

[2011.12.30 16:32:05 | 000,026,112 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.12.30 16:18:12 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.12.15 18:11:23 | 000,033,010 | ---- | M] () -- C:\Users\***\Documents\text 5.pdf

[2011.12.15 08:50:31 | 000,334,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011.12.10 10:26:04 | 001,058,304 | ---- | M] (Eastman Kodak Company) -- C:\Windows\SysNative\EKAiO2MON.dll

[2011.12.10 10:26:02 | 000,177,664 | ---- | M] (Eastman Kodak Company) -- C:\Windows\SysNative\EKAiO2COI07.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.01.04 14:01:30 | 000,000,202 | ---- | C] () -- C:\Users\***\defogger_reenable

[2011.12.31 13:11:46 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2011.12.31 13:01:23 | 000,000,202 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_130121.reg

[2011.12.31 13:01:01 | 000,163,692 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_130059.reg

[2011.12.31 13:00:13 | 000,674,752 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_130008.reg

[2011.12.30 16:18:12 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.12.15 18:11:22 | 000,033,010 | ---- | C] () -- C:\Users\***\Documents\text 5.pdf

[2011.12.15 18:05:55 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll

[2011.07.26 16:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2011.06.08 17:42:17 | 002,340,992 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe

[2011.06.08 17:42:17 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe

[2011.06.08 17:42:17 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll

[2011.06.08 17:42:17 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys

[2011.06.08 17:42:17 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys

[2011.02.15 21:30:03 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat

[2011.01.25 21:14:35 | 001,474,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.05.27 16:50:28 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll

[2010.01.28 18:16:48 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2010.01.28 18:16:13 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin

[2010.01.28 18:15:40 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2010.01.28 02:09:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2010.01.27 21:23:49 | 000,271,264 | ---- | C] () -- C:\Windows\SysWow64\VBRUN100.DLL

[2010.01.27 20:18:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010.01.27 19:50:05 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini

[2010.01.27 19:48:46 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

[2010.01.27 18:08:44 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin

[2010.01.27 17:34:51 | 000,000,552 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat

[2010.01.27 16:18:04 | 000,000,732 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps64.dat

[2009.10.26 20:06:06 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2009.05.30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2009.05.30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2008.07.01 20:34:19 | 000,026,112 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

[2007.09.04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

[2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

 
 ========== LOP Check ==========

 

[2011.12.31 21:35:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft

[2011.09.17 15:34:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.10.20 10:35:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular

[2011.09.15 14:11:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FFSJ

[2012.01.04 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ

[2010.01.27 19:50:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX

[2011.12.15 18:05:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge

[2011.12.31 11:58:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan

[2011.09.16 19:05:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung

[2012.01.08 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StarOffice8

[2011.12.30 16:10:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Temp

[2010.02.06 13:48:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VistaCodecs

[2012.01.08 20:06:20 | 000,000,494 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job

[2012.01.08 19:31:55 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.10.20 10:56:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe

[2010.01.27 20:19:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI

[2011.10.24 15:59:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira

[2010.07.04 19:12:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DivX

[2011.12.31 21:35:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft

[2011.09.17 15:34:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.10.20 10:35:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular

[2011.09.15 14:11:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FFSJ

[2010.02.17 15:29:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Google

[2012.01.04 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ

[2010.01.27 16:18:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities

[2010.01.27 16:40:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield

[2010.01.27 17:05:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia

[2010.01.27 19:50:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX

[2011.11.03 18:59:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes

[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs

[2011.12.15 17:58:03 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft

[2010.01.27 16:21:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla

[2011.12.15 18:05:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge

[2011.12.31 11:58:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan

[2011.09.16 19:05:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung

[2010.05.27 16:26:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Corporation

[2012.01.08 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StarOffice8

[2011.06.06 18:40:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Symantec

[2011.12.30 16:10:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Temp

[2011.12.31 13:05:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ventrilo

[2010.02.06 13:48:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VistaCodecs

 
 < %APPDATA%\*.exe /s >

[2012.01.04 12:20:39 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

[2011.03.19 11:50:09 | 000,010,134 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{4E47844E-4A18-454B-A977-EC2CCF3F1472}\ARPPRODUCTICON.exe

[2010.01.27 16:36:25 | 000,009,158 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}\ARPPRODUCTICON.exe

[2010.01.27 20:14:50 | 000,010,134 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{F022B56C-2B90-B9E1-332E-5C1277A47E7B}\ARPPRODUCTICON.exe

[2011.06.28 06:32:22 | 081,122,288 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe

[2011.09.27 19:22:55 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe

[2011.08.22 15:13:06 | 000,362,384 | ---- | M] (ml) -- C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe

[2011.09.21 09:43:28 | 000,364,432 | ---- | M] (ml) -- C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys

[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys

[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys

[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys

[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll

[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll

[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll

[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll

[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys

[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll

[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll

[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll

[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.01.21 03:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll

[2008.01.21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll

[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll

[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll

[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe

[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe

[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe

[2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[2008.01.21 03:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe

[2008.01.21 03:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe

[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe

[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 03:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2008.01.21 03:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >
 

< End of report >

Hier das Log:

Code:

17:35:56.0367 4232        TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26

17:35:56.0758 4232        ============================================================

17:35:56.0758 4232        Current date / time: 2012/01/10 17:35:56.0758

17:35:56.0758 4232        SystemInfo:

17:35:56.0758 4232        

17:35:56.0758 4232        OS Version: 6.0.6002 ServicePack: 2.0

17:35:56.0758 4232        Product type: Workstation

17:35:56.0758 4232        ComputerName: ***-PC

17:35:56.0758 4232        UserName: ***

17:35:56.0758 4232        Windows directory: C:\Windows

17:35:56.0758 4232        System windows directory: C:\Windows

17:35:56.0758 4232        Running under WOW64

17:35:56.0758 4232        Processor architecture: Intel x64

17:35:56.0758 4232        Number of processors: 4

17:35:56.0758 4232        Page size: 0x1000

17:35:56.0758 4232        Boot type: Normal boot

17:35:56.0758 4232        ============================================================

17:35:58.0180 4232        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040

17:35:58.0227 4232        Initialize success

17:36:59.0633 4900        ============================================================

17:36:59.0633 4900        Scan started

17:36:59.0633 4900        Mode: Manual; SigCheck; TDLFS; 

17:36:59.0633 4900        ============================================================

17:37:00.0414 4900        ACPI            (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

17:37:00.0539 4900        ACPI - ok

17:37:00.0664 4900        adp94xx         (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

17:37:00.0727 4900        adp94xx - ok

17:37:00.0820 4900        adpahci         (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

17:37:00.0836 4900        adpahci - ok

17:37:00.0867 4900        adpu160m        (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

17:37:00.0867 4900        adpu160m - ok

17:37:00.0883 4900        adpu320         (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

17:37:00.0898 4900        adpu320 - ok

17:37:00.0945 4900        AFD             (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys

17:37:01.0039 4900        AFD - ok

17:37:01.0086 4900        agp440          (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

17:37:01.0102 4900        agp440 - ok

17:37:01.0164 4900        aic78xx         (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

17:37:01.0180 4900        aic78xx - ok

17:37:01.0195 4900        aliide          (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys

17:37:01.0195 4900        aliide - ok

17:37:01.0227 4900        amdide          (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

17:37:01.0227 4900        amdide - ok

17:37:01.0273 4900        amdide64        (d52a2e98c5eeff88ced28793b6b04d84) C:\Windows\system32\DRIVERS\amdide64.sys

17:37:01.0273 4900        amdide64 - ok

17:37:01.0336 4900        AmdK8           (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

17:37:01.0445 4900        AmdK8 - ok

17:37:01.0602 4900        amdkmdag        (a497ff5ae4d0c93da2cfb98e6a355c1f) C:\Windows\system32\DRIVERS\atipmdag.sys

17:37:01.0836 4900        amdkmdag - ok

17:37:01.0883 4900        amdkmdap        (91b89be832d436af257b91666bc32c30) C:\Windows\system32\DRIVERS\atikmpag.sys

17:37:01.0914 4900        amdkmdap - ok

17:37:01.0977 4900        arc             (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

17:37:01.0992 4900        arc - ok

17:37:02.0008 4900        arcsas          (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

17:37:02.0023 4900        arcsas - ok

17:37:02.0039 4900        AsyncMac        (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

17:37:02.0102 4900        AsyncMac - ok

17:37:02.0148 4900        atapi           (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

17:37:02.0148 4900        atapi - ok

17:37:02.0211 4900        AtiHdmiService  (3ac10a57313af6793ff1bac6146fcff7) C:\Windows\system32\drivers\AtiHdmi.sys

17:37:02.0258 4900        AtiHdmiService - ok

17:37:02.0289 4900        AtiPcie         (69eebb256503cded9bd0e9e43128c626) C:\Windows\system32\DRIVERS\AtiPcie.sys

17:37:02.0289 4900        AtiPcie - ok

17:37:02.0320 4900        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys

17:37:02.0320 4900        avgntflt - ok

17:37:02.0336 4900        avipbb          (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys

17:37:02.0352 4900        avipbb - ok

17:37:02.0352 4900        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys

17:37:02.0367 4900        avkmgr - ok

17:37:02.0398 4900        blbdrive        (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

17:37:02.0430 4900        blbdrive - ok

17:37:02.0445 4900        bowser          (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

17:37:02.0508 4900        bowser - ok

17:37:02.0539 4900        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

17:37:02.0617 4900        BrFiltLo - ok

17:37:02.0633 4900        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

17:37:02.0664 4900        BrFiltUp - ok

17:37:02.0680 4900        Brserid         (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

17:37:02.0836 4900        Brserid - ok

17:37:02.0852 4900        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

17:37:02.0914 4900        BrSerWdm - ok

17:37:02.0914 4900        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

17:37:02.0992 4900        BrUsbMdm - ok

17:37:03.0008 4900        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

17:37:03.0070 4900        BrUsbSer - ok

17:37:03.0102 4900        BTHMODEM        (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

17:37:03.0164 4900        BTHMODEM - ok

17:37:03.0195 4900        cdfs            (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

17:37:03.0227 4900        cdfs - ok

17:37:03.0273 4900        cdrom           (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

17:37:03.0320 4900        cdrom - ok

17:37:03.0352 4900        circlass        (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys

17:37:03.0398 4900        circlass - ok

17:37:03.0430 4900        CLFS            (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

17:37:03.0477 4900        CLFS - ok

17:37:03.0523 4900        cmdide          (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

17:37:03.0539 4900        cmdide - ok

17:37:03.0570 4900        Compbatt        (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys

17:37:03.0586 4900        Compbatt - ok

17:37:03.0602 4900        crcdisk         (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

17:37:03.0602 4900        crcdisk - ok

17:37:03.0633 4900        DfsC            (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

17:37:03.0680 4900        DfsC - ok

17:37:03.0727 4900        dgderdrv        (def365f0f6e017888c4b869d3ba4b8e0) C:\Windows\system32\drivers\dgderdrv.sys

17:37:03.0727 4900        dgderdrv - ok

17:37:03.0758 4900        dg_ssudbus      (7156833e6dfe0a804ea5cf7b8876ab7c) C:\Windows\system32\DRIVERS\ssudbus.sys

17:37:03.0758 4900        dg_ssudbus - ok

17:37:03.0789 4900        disk            (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

17:37:03.0805 4900        disk - ok

17:37:03.0883 4900        DiskSec - ok

17:37:03.0945 4900        drmkaud         (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

17:37:03.0961 4900        drmkaud - ok

17:37:04.0008 4900        DXGKrnl         (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

17:37:04.0055 4900        DXGKrnl - ok

17:37:04.0086 4900        E1G60           (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

17:37:04.0148 4900        E1G60 - ok

17:37:04.0195 4900        Ecache          (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

17:37:04.0211 4900        Ecache - ok

17:37:04.0227 4900        ehgbutdg - ok

17:37:04.0273 4900        elxstor         (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

17:37:04.0305 4900        elxstor - ok

17:37:04.0352 4900        epmntdrv        (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys

17:37:04.0383 4900        epmntdrv ( UnsignedFile.Multi.Generic ) - warning

17:37:04.0383 4900        epmntdrv - detected UnsignedFile.Multi.Generic (1)

17:37:04.0398 4900        ErrDev          (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys

17:37:04.0445 4900        ErrDev - ok

17:37:04.0461 4900        EuGdiDrv        (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys

17:37:04.0477 4900        EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning

17:37:04.0477 4900        EuGdiDrv - detected UnsignedFile.Multi.Generic (1)

17:37:04.0492 4900        exfat           (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

17:37:04.0539 4900        exfat - ok

17:37:04.0555 4900        fastfat         (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

17:37:04.0617 4900        fastfat - ok

17:37:04.0633 4900        fdc             (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

17:37:04.0648 4900        fdc - ok

17:37:04.0680 4900        FileInfo        (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

17:37:04.0695 4900        FileInfo - ok

17:37:04.0727 4900        Filetrace       (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

17:37:04.0789 4900        Filetrace - ok

17:37:04.0805 4900        flpydisk        (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:37:04.0836 4900        flpydisk - ok

17:37:04.0883 4900        FltMgr          (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

17:37:04.0883 4900        FltMgr - ok

17:37:04.0945 4900        Fs_Rec          (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys

17:37:05.0008 4900        Fs_Rec - ok

17:37:05.0023 4900        gagp30kx        (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

17:37:05.0039 4900        gagp30kx - ok

17:37:05.0039 4900        GMSIPCI - ok

17:37:05.0102 4900        HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys

17:37:05.0180 4900        HdAudAddService - ok

17:37:05.0242 4900        HDAudBus        (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:37:05.0320 4900        HDAudBus - ok

17:37:05.0367 4900        HidBth          (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

17:37:05.0430 4900        HidBth - ok

17:37:05.0430 4900        HidIr           (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

17:37:05.0508 4900        HidIr - ok

17:37:05.0539 4900        HidUsb          (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

17:37:05.0570 4900        HidUsb - ok

17:37:05.0633 4900        HpCISSs         (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

17:37:05.0633 4900        HpCISSs - ok

17:37:05.0680 4900        HTTP            (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

17:37:05.0742 4900        HTTP - ok

17:37:05.0773 4900        i2omp           (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

17:37:05.0773 4900        i2omp - ok

17:37:05.0805 4900        i8042prt        (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

17:37:05.0820 4900        i8042prt - ok

17:37:05.0836 4900        iaStorV         (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

17:37:05.0852 4900        iaStorV - ok

17:37:05.0883 4900        iirsp           (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

17:37:05.0883 4900        iirsp - ok

17:37:05.0945 4900        IntcAzAudAddService (f93149ce3e6a866c5f42878bcff34b6a) C:\Windows\system32\drivers\RTKVHD64.sys

17:37:06.0023 4900        IntcAzAudAddService - ok

17:37:06.0039 4900        intelide        (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys

17:37:06.0055 4900        intelide - ok

17:37:06.0070 4900        intelppm        (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

17:37:06.0102 4900        intelppm - ok

17:37:06.0148 4900        IpFilterDriver  (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:37:06.0180 4900        IpFilterDriver - ok

17:37:06.0180 4900        IpInIp - ok

17:37:06.0211 4900        IPMIDRV         (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

17:37:06.0242 4900        IPMIDRV - ok

17:37:06.0258 4900        IPNAT           (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

17:37:06.0305 4900        IPNAT - ok

17:37:06.0320 4900        IRENUM          (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

17:37:06.0367 4900        IRENUM - ok

17:37:06.0398 4900        isapnp          (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

17:37:06.0414 4900        isapnp - ok

17:37:06.0461 4900        iScsiPrt        (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

17:37:06.0461 4900        iScsiPrt - ok

17:37:06.0492 4900        iteatapi        (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

17:37:06.0492 4900        iteatapi - ok

17:37:06.0539 4900        iteraid         (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

17:37:06.0539 4900        iteraid - ok

17:37:06.0586 4900        kbdclass        (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

17:37:06.0586 4900        kbdclass - ok

17:37:06.0617 4900        kbdhid          (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys

17:37:06.0648 4900        kbdhid - ok

17:37:06.0758 4900        KSecDD          (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys

17:37:06.0820 4900        KSecDD - ok

17:37:06.0820 4900        ksthunk         (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

17:37:06.0867 4900        ksthunk - ok

17:37:06.0883 4900        lltdio          (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

17:37:06.0961 4900        lltdio - ok

17:37:07.0008 4900        LSI_FC          (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

17:37:07.0008 4900        LSI_FC - ok

17:37:07.0039 4900        LSI_SAS         (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

17:37:07.0055 4900        LSI_SAS - ok

17:37:07.0070 4900        LSI_SCSI        (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

17:37:07.0086 4900        LSI_SCSI - ok

17:37:07.0117 4900        luafv           (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

17:37:07.0148 4900        luafv - ok

17:37:07.0180 4900        MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

17:37:07.0195 4900        MBAMProtector - ok

17:37:07.0227 4900        megasas         (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

17:37:07.0227 4900        megasas - ok

17:37:07.0258 4900        MegaSR          (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

17:37:07.0289 4900        MegaSR - ok

17:37:07.0305 4900        Modem           (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

17:37:07.0352 4900        Modem - ok

17:37:07.0367 4900        monitor         (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

17:37:07.0414 4900        monitor - ok

17:37:07.0430 4900        mouclass        (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

17:37:07.0445 4900        mouclass - ok

17:37:07.0461 4900        mouhid          (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

17:37:07.0492 4900        mouhid - ok

17:37:07.0508 4900        MountMgr        (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

17:37:07.0523 4900        MountMgr - ok

17:37:07.0555 4900        mpio            (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

17:37:07.0570 4900        mpio - ok

17:37:07.0586 4900        mpsdrv          (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

17:37:07.0617 4900        mpsdrv - ok

17:37:07.0633 4900        Mraid35x        (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

17:37:07.0633 4900        Mraid35x - ok

17:37:07.0664 4900        MRxDAV          (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

17:37:07.0695 4900        MRxDAV - ok

17:37:07.0773 4900        mrxsmb          (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:37:07.0789 4900        mrxsmb - ok

17:37:07.0883 4900        mrxsmb10        (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:37:07.0945 4900        mrxsmb10 - ok

17:37:08.0039 4900        mrxsmb20        (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:37:08.0055 4900        mrxsmb20 - ok

17:37:08.0148 4900        msahci          (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys

17:37:08.0180 4900        msahci - ok

17:37:08.0211 4900        msdsm           (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

17:37:08.0227 4900        msdsm - ok

17:37:08.0352 4900        Msfs            (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

17:37:08.0398 4900        Msfs - ok

17:37:08.0492 4900        msisadrv        (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

17:37:08.0508 4900        msisadrv - ok

17:37:08.0602 4900        MSKSSRV         (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

17:37:08.0648 4900        MSKSSRV - ok

17:37:08.0711 4900        MSPCLOCK        (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

17:37:08.0773 4900        MSPCLOCK - ok

17:37:08.0789 4900        MSPQM           (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

17:37:08.0820 4900        MSPQM - ok

17:37:08.0867 4900        MsRPC           (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

17:37:08.0867 4900        MsRPC - ok

17:37:08.0898 4900        mssmbios        (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

17:37:08.0898 4900        mssmbios - ok

17:37:08.0914 4900        MSTEE           (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

17:37:08.0945 4900        MSTEE - ok

17:37:09.0023 4900        Mup             (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

17:37:09.0023 4900        Mup - ok

17:37:09.0055 4900        NativeWifiP     (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

17:37:09.0086 4900        NativeWifiP - ok

17:37:09.0133 4900        NDIS            (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

17:37:09.0164 4900        NDIS - ok

17:37:09.0195 4900        NdisTapi        (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

17:37:09.0227 4900        NdisTapi - ok

17:37:09.0242 4900        Ndisuio         (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

17:37:09.0289 4900        Ndisuio - ok

17:37:09.0336 4900        NdisWan         (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

17:37:09.0383 4900        NdisWan - ok

17:37:09.0398 4900        NDProxy         (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

17:37:09.0430 4900        NDProxy - ok

17:37:09.0445 4900        NetBIOS         (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

17:37:09.0477 4900        NetBIOS - ok

17:37:09.0508 4900        netbt           (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

17:37:09.0555 4900        netbt - ok

17:37:09.0586 4900        nfrd960         (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

17:37:09.0586 4900        nfrd960 - ok

17:37:09.0617 4900        Npfs            (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

17:37:09.0633 4900        Npfs - ok

17:37:09.0664 4900        nsiproxy        (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

17:37:09.0695 4900        nsiproxy - ok

17:37:09.0758 4900        Ntfs            (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

17:37:09.0852 4900        Ntfs - ok

17:37:09.0945 4900        Null            (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

17:37:09.0992 4900        Null - ok

17:37:10.0008 4900        nvraid          (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

17:37:10.0023 4900        nvraid - ok

17:37:10.0023 4900        nvstor          (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

17:37:10.0039 4900        nvstor - ok

17:37:10.0055 4900        nv_agp          (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

17:37:10.0070 4900        nv_agp - ok

17:37:10.0070 4900        NwlnkFlt - ok

17:37:10.0070 4900        NwlnkFwd - ok

17:37:10.0086 4900        obsqnfbk - ok

17:37:10.0102 4900        ohci1394        (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys

17:37:10.0148 4900        ohci1394 - ok

17:37:10.0180 4900        Parport         (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

17:37:10.0242 4900        Parport - ok

17:37:10.0289 4900        partmgr         (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

17:37:10.0305 4900        partmgr - ok

17:37:10.0320 4900        pci             (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

17:37:10.0336 4900        pci - ok

17:37:10.0383 4900        pciide          (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys

17:37:10.0398 4900        pciide - ok

17:37:10.0430 4900        pcmcia          (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

17:37:10.0477 4900        pcmcia - ok

17:37:10.0508 4900        PEAUTH          (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

17:37:10.0617 4900        PEAUTH - ok

17:37:10.0680 4900        PptpMiniport    (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

17:37:10.0727 4900        PptpMiniport - ok

17:37:10.0742 4900        Processor       (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys

17:37:10.0773 4900        Processor - ok

17:37:10.0820 4900        PSched          (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

17:37:10.0836 4900        PSched - ok

17:37:10.0867 4900        ql2300          (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

17:37:10.0930 4900        ql2300 - ok

17:37:10.0945 4900        ql40xx          (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

17:37:10.0961 4900        ql40xx - ok

17:37:10.0977 4900        QWAVEdrv        (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

17:37:10.0992 4900        QWAVEdrv - ok

17:37:11.0023 4900        RasAcd          (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

17:37:11.0055 4900        RasAcd - ok

17:37:11.0102 4900        Rasl2tp         (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:37:11.0148 4900        Rasl2tp - ok

17:37:11.0195 4900        RasPppoe        (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

17:37:11.0227 4900        RasPppoe - ok

17:37:11.0242 4900        RasSstp         (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

17:37:11.0258 4900        RasSstp - ok

17:37:11.0305 4900        rdbss           (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

17:37:11.0336 4900        rdbss - ok

17:37:11.0352 4900        RDPCDD          (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:37:11.0383 4900        RDPCDD - ok

17:37:11.0539 4900        rdpdr           (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

17:37:11.0617 4900        rdpdr - ok

17:37:11.0617 4900        RDPENCDD        (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

17:37:11.0664 4900        RDPENCDD - ok

17:37:11.0695 4900        RDPWD           (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys

17:37:11.0773 4900        RDPWD - ok

17:37:11.0820 4900        rspndr          (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

17:37:11.0836 4900        rspndr - ok

17:37:11.0867 4900        RTL8169         (82b66abf055611024e5dbb9fa556c11d) C:\Windows\system32\DRIVERS\Rtlh64.sys

17:37:11.0914 4900        RTL8169 - ok

17:37:11.0945 4900        sbp2port        (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

17:37:11.0945 4900        sbp2port - ok

17:37:11.0977 4900        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

17:37:12.0023 4900        secdrv - ok

17:37:12.0086 4900        Serenum         (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys

17:37:12.0117 4900        Serenum - ok

17:37:12.0148 4900        Serial          (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys

17:37:12.0195 4900        Serial - ok

17:37:12.0211 4900        sermouse        (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

17:37:12.0242 4900        sermouse - ok

17:37:12.0273 4900        sffdisk         (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

17:37:12.0320 4900        sffdisk - ok

17:37:12.0336 4900        sffp_mmc        (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

17:37:12.0383 4900        sffp_mmc - ok

17:37:12.0398 4900        sffp_sd         (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

17:37:12.0430 4900        sffp_sd - ok

17:37:12.0461 4900        sfloppy         (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

17:37:12.0492 4900        sfloppy - ok

17:37:12.0523 4900        SiSRaid2        (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

17:37:12.0539 4900        SiSRaid2 - ok

17:37:12.0555 4900        SiSRaid4        (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

17:37:12.0555 4900        SiSRaid4 - ok

17:37:12.0586 4900        Smb             (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

17:37:12.0633 4900        Smb - ok

17:37:12.0727 4900        spldr           (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

17:37:12.0727 4900        spldr - ok

17:37:12.0836 4900        sptd            (4c33f139236fd9bd14a920f60c1cb072) C:\Windows\System32\Drivers\sptd.sys

17:37:12.0914 4900        sptd - ok

17:37:12.0945 4900        srv             (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

17:37:13.0008 4900        srv - ok

17:37:13.0039 4900        srv2            (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

17:37:13.0070 4900        srv2 - ok

17:37:13.0117 4900        srvnet          (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

17:37:13.0148 4900        srvnet - ok

17:37:13.0180 4900        ssudmdm         (9e1bfa37fcf943c3b48f71f08019ea95) C:\Windows\system32\DRIVERS\ssudmdm.sys

17:37:13.0195 4900        ssudmdm - ok

17:37:13.0211 4900        ssudserd        (4d76ed0b1aede3b3500b7700a141eb78) C:\Windows\system32\DRIVERS\ssudserd.sys

17:37:13.0227 4900        ssudserd - ok

17:37:13.0258 4900        swenum          (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

17:37:13.0273 4900        swenum - ok

17:37:13.0336 4900        SymantecAntiBotDriver (c46fdb4983834e9fb95899d8d532c12a) C:\Program Files (x86)\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotDriver.sys

17:37:13.0336 4900        SymantecAntiBotDriver - ok

17:37:13.0352 4900        SymantecAntiBotFilter (e119c4efa56b241f4e1a1fc33ba1e0bf) C:\Program Files (x86)\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotFilter.sys

17:37:13.0367 4900        SymantecAntiBotFilter - ok

17:37:13.0383 4900        Symc8xx         (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

17:37:13.0398 4900        Symc8xx - ok

17:37:13.0430 4900        Sym_hi          (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

17:37:13.0445 4900        Sym_hi - ok

17:37:13.0461 4900        Sym_u3          (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

17:37:13.0477 4900        Sym_u3 - ok

17:37:13.0523 4900        Tcpip           (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys

17:37:13.0570 4900        Tcpip - ok

17:37:13.0602 4900        Tcpip6          (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys

17:37:13.0648 4900        Tcpip6 - ok

17:37:13.0664 4900        tcpipreg        (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys

17:37:13.0711 4900        tcpipreg - ok

17:37:13.0727 4900        TDPIPE          (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

17:37:13.0773 4900        TDPIPE - ok

17:37:13.0789 4900        TDTCP           (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

17:37:13.0820 4900        TDTCP - ok

17:37:13.0867 4900        tdx             (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

17:37:13.0914 4900        tdx - ok

17:37:13.0945 4900        TermDD          (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

17:37:13.0945 4900        TermDD - ok

17:37:13.0977 4900        TFsExDisk       (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys

17:37:13.0992 4900        TFsExDisk - ok

17:37:14.0008 4900        tssecsrv        (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:37:14.0039 4900        tssecsrv - ok

17:37:14.0055 4900        tunmp           (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

17:37:14.0070 4900        tunmp - ok

17:37:14.0148 4900        tunnel          (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

17:37:14.0180 4900        tunnel - ok

17:37:14.0195 4900        tvhnekkh - ok

17:37:14.0227 4900        uagp35          (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

17:37:14.0227 4900        uagp35 - ok

17:37:14.0273 4900        udfs            (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

17:37:14.0305 4900        udfs - ok

17:37:14.0336 4900        uliagpkx        (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

17:37:14.0352 4900        uliagpkx - ok

17:37:14.0414 4900        uliahci         (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

17:37:14.0430 4900        uliahci - ok

17:37:14.0461 4900        UlSata          (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

17:37:14.0461 4900        UlSata - ok

17:37:14.0492 4900        ulsata2         (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

17:37:14.0508 4900        ulsata2 - ok

17:37:14.0539 4900        umbus           (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

17:37:14.0570 4900        umbus - ok

17:37:14.0602 4900        usbccgp         (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

17:37:14.0633 4900        usbccgp - ok

17:37:14.0664 4900        usbcir          (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

17:37:14.0711 4900        usbcir - ok

17:37:14.0758 4900        usbehci         (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

17:37:14.0773 4900        usbehci - ok

17:37:14.0789 4900        usbhub          (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

17:37:14.0820 4900        usbhub - ok

17:37:14.0836 4900        usbohci         (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys

17:37:14.0867 4900        usbohci - ok

17:37:14.0898 4900        usbprint        (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

17:37:14.0914 4900        usbprint - ok

17:37:14.0945 4900        usbscan         (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys

17:37:14.0977 4900        usbscan - ok

17:37:15.0023 4900        USBSTOR         (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:37:15.0055 4900        USBSTOR - ok

17:37:15.0086 4900        usbuhci         (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

17:37:15.0117 4900        usbuhci - ok

17:37:15.0148 4900        vga             (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

17:37:15.0164 4900        vga - ok

17:37:15.0180 4900        VgaSave         (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

17:37:15.0227 4900        VgaSave - ok

17:37:15.0258 4900        viaide          (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

17:37:15.0258 4900        viaide - ok

17:37:15.0273 4900        volmgr          (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

17:37:15.0289 4900        volmgr - ok

17:37:15.0383 4900        volmgrx         (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

17:37:15.0414 4900        volmgrx - ok

17:37:15.0445 4900        volsnap         (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

17:37:15.0461 4900        volsnap - ok

17:37:15.0477 4900        vsmraid         (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

17:37:15.0492 4900        vsmraid - ok

17:37:15.0523 4900        WacomPen        (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

17:37:15.0555 4900        WacomPen - ok

17:37:15.0602 4900        Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:37:15.0633 4900        Wanarp - ok

17:37:15.0633 4900        Wanarpv6        (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:37:15.0648 4900        Wanarpv6 - ok

17:37:15.0664 4900        Wd              (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

17:37:15.0680 4900        Wd - ok

17:37:15.0695 4900        Wdf01000        (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys

17:37:15.0742 4900        Wdf01000 - ok

17:37:15.0805 4900        winusb          (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\winusb.sys

17:37:15.0852 4900        winusb - ok

17:37:15.0867 4900        WmiAcpi         (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys

17:37:15.0914 4900        WmiAcpi - ok

17:37:15.0945 4900        WpdUsb          (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

17:37:15.0977 4900        WpdUsb - ok

17:37:15.0992 4900        ws2ifsl         (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

17:37:16.0039 4900        ws2ifsl - ok

17:37:16.0055 4900        WUDFRd          (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:37:16.0102 4900        WUDFRd - ok

17:37:16.0133 4900        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

17:37:16.0289 4900        \Device\Harddisk0\DR0 - ok

17:37:16.0320 4900        Boot (0x1200)   (e382fcc8e1259390d84ffad63e5ad81a) \Device\Harddisk0\DR0\Partition0

17:37:16.0352 4900        \Device\Harddisk0\DR0\Partition0 - ok

17:37:16.0352 4900        ============================================================

17:37:16.0352 4900        Scan finished

17:37:16.0352 4900        ============================================================

17:37:16.0352 1188        Detected object count: 2

17:37:16.0352 1188        Actual detected object count: 2

17:37:37.0555 1188        epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:37:37.0555 1188        epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:37:37.0555 1188        EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:37:37.0555 1188        EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip