Trojaner-Board - Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter (https://www.trojaner-board.de/104127-icons-desktop-entfernt-desktophintergrund-schwarz-pc-faehrt-einiger-zeit-herunter.html)

Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter

Hallo,

seit gerade eben sind alle Icons verschwunden und der Desktophintergrund ist schwarz. Kurz davor meldete AntiVir ein Virus (?), welches ich entfernen lies. Es kommt auch die Nachricht, dass meine Festplatte bschädigt wäre. Erst waren noch einige Icons zu sehen, nach einen Neustart jedoch keine mehr. Nun wollte ich die Anweisungen befolgen und die entsprechenden Programme downloaden und deren Logs posten. Allerdings kommt nach ein paar Minuten ca. 20x die Meldung, dass meine Festplatte beschädigt ist, Firefox wird geschlossen und der PC fährt automatisch herunter. Ist es auch irgendwie möglich, ohne diese Logs eine Lösung zu finden? (Schreibe das gerade von einem anderen Computer)

Gruß,
Rudolph

Zitat:

Kurz davor meldete AntiVir ein Virus (?), welches ich entfernen lies.

Logs von AntiVir bitte alle nachreichen wenn möglich

Hoffe, es ist das Richtige (?):

Code:

Die Datei 'C:\Users\***\AppData\Local\Temp\plugtmp-31\plugin-dvgnkldlyziugu.pdf'

enthielt einen Virus oder unerwünschtes Programm 'EXP/Pidief.hdi' [exploit].

Durchgeführte Aktion(en):

Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003.

Die Datei konnte nicht gelöscht werden!

Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.

Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5274d02b.qua' verschoben!

Versuch mal bitte MBAM+ESET:

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Malwarebytes:

Code:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org
 

Datenbank Version: 7959
 

Windows 6.0.6001 Service Pack 1 (Safe Mode)

Internet Explorer 7.0.6001.18000
 

16.10.2011 18:43:39

mbam-log-2011-10-16 (18-43-39).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|)

Durchsuchte Objekte: 298307

Laufzeit: 44 Minute(n), 40 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 1

Infizierte Dateiobjekte der Registrierung: 2

Infizierte Verzeichnisse: 0

Infizierte Dateien: 1
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\POhWwySvraH.exe (Trojan.FakeAlert) -> Value: POhWwySvraH.exe -> Quarantined and deleted successfully.
 

Infizierte Dateiobjekte der Registrierung:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

c:\programdata\pohwwysvrah.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

ESET Online Scanner:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=fd993390a536834bbdf6076b89901e74

# end=stopped

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-10-16 05:07:44

# local_time=2011-10-16 07:07:44 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6001 NT Service Pack 1

# compatibility_mode=1797 16775166 100 94 1141712 55321707 1206063 0

# compatibility_mode=5892 16776638 100 100 36730631 156317579 0 0

# compatibility_mode=8192 67108863 100 0 295 295 0 0

# scanned=340

# found=0

# cleaned=0

# scan_time=14

ESETSmartInstaller@High as downloader log:

all ok

esets_scanner_update returned -1 esets_gle=53251

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=fd993390a536834bbdf6076b89901e74

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-10-16 05:15:52

# local_time=2011-10-16 07:15:52 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6001 NT Service Pack 1

# compatibility_mode=1797 16775166 100 94 1141847 55321842 1206198 0

# compatibility_mode=5892 16776638 100 100 36730766 156317714 0 0

# compatibility_mode=8192 67108863 100 0 430 430 0 0

# scanned=340

# found=0

# cleaned=0

# scan_time=367

ESETSmartInstaller@High as downloader log:

Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.esets_scanner_update returned -1 esets_gle=53251

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=fd993390a536834bbdf6076b89901e74

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-10-16 08:05:27

# local_time=2011-10-16 10:05:27 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6001 NT Service Pack 1

# compatibility_mode=1797 16775166 100 94 1142582 55322577 1206933 0

# compatibility_mode=5892 16776638 100 100 36731501 156318449 0 0

# compatibility_mode=8192 67108863 100 0 1165 1165 0 0

# scanned=139961

# found=3

# cleaned=0

# scan_time=9806

C:\$Recycle.Bin\S-1-5-21-3919767661-183490883-1508167686-1003\$RVKQ1NS.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I

C:\Users\***\AppData\Local\Temp\plugtmp-31\plugin-dvgnkldlyziugu.pdf        JS/Exploit.Pdfka.OYH trojan (unable to clean)        00000000000000000000000000000000        I

C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43993770-39c24085        a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean)        00000000000000000000000000000000        I

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

OTL:

Code:

OTL logfile created on: 17.10.2011 17:49:31 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\***\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,96 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 79,93% Memory free

2,13 Gb Paging File | 1,91 Gb Available in Paging File | 89,48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 221,65 Gb Total Space | 187,98 Gb Free Space | 84,81% Space Free | Partition Type: NTFS

Drive E: | 2,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive Q: | 9,77 Gb Total Space | 3,01 Gb Free Space | 30,79% Space Free | Partition Type: NTFS

Drive S: | 1,46 Gb Total Space | 0,65 Gb Free Space | 44,47% Space Free | Partition Type: NTFS

 

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.10.17 17:46:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe

PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2007.06.18 17:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] --  -- (SessionLauncher)

SRV - [2011.10.13 12:39:17 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011.08.29 21:10:19 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.04.27 23:18:55 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.04.18 14:11:40 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)

SRV - [2008.08.26 13:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)

SRV - [2008.08.08 12:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)

SRV - [2008.08.07 13:23:18 | 000,238,880 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)

SRV - [2008.08.07 13:23:16 | 000,116,000 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)

SRV - [2008.05.24 17:17:54 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)

SRV - [2008.05.24 16:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)

SRV - [2008.04.30 20:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008.04.30 20:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008.04.25 09:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)

SRV - [2008.04.25 09:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)

SRV - [2008.04.25 09:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)

SRV - [2008.04.25 09:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)

SRV - [2008.04.25 09:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)

SRV - [2008.03.14 03:08:38 | 000,054,560 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)

SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)

SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

SRV - [2006.05.24 14:33:32 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.08.29 21:10:24 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.08.29 21:10:24 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008.11.20 20:38:34 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)

DRV - [2008.08.20 16:55:34 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)

DRV - [2008.08.07 11:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)

DRV - [2008.06.30 20:26:46 | 000,974,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)

DRV - [2008.06.29 23:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)

DRV - [2008.05.24 16:28:22 | 000,048,192 | ---- | M] (Lenovo) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)

DRV - [2008.05.21 17:35:24 | 000,220,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)

DRV - [2008.05.12 11:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)

DRV - [2008.04.28 07:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)

DRV - [2008.04.18 17:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2008.03.14 15:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)

DRV - [2008.02.22 16:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)

DRV - [2008.01.21 04:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)

DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)

DRV - [2007.10.18 09:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2007.06.18 17:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)

DRV - [2007.06.18 17:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)

DRV - [2007.06.18 17:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)

DRV - [2007.06.18 17:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)

DRV - [2007.06.18 17:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)

DRV - [2007.06.18 17:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)

DRV - [2007.06.18 17:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)

DRV - [2007.06.18 17:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)

DRV - [2007.02.08 21:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)

DRV - [2007.02.08 21:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/3000notebook [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/3000notebook [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.05 09:27:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 19:15:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.25 12:50:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2011.04.03 13:40:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions

[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.09.28 21:29:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1ean2xci.default\extensions

[2011.04.17 22:54:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.09.16 20:53:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2011.04.17 22:54:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1EAN2XCI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1EAN2XCI.DEFAULT\EXTENSIONS\MOZREPL@HYPERSTRUCT.NET.XPI

[2010.08.11 09:42:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011.10.05 09:27:32 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.10.05 09:27:29 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.10.05 09:27:29 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011.10.05 09:27:29 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.05 09:27:29 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.05 09:27:29 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.10.05 09:27:29 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)

O4 - HKLM..\Run: [ACWlIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CameraApplicationLauncher] C:\Programme\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe ()

O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)

O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)

O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)

O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\steam.exe (Valve Corporation)

O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10n_Plugin.exe (Adobe Systems, Inc.)

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{006347A8-4F48-4EF4-8F2C-9309841E3BC9}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\SWTOOLS\Wallpaper\1600x1200-Canyon.jpg

O24 - Desktop BackupWallPaper: C:\SWTOOLS\Wallpaper\1600x1200-Canyon.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010.08.16 14:57:50 | 000,000,154 | R--- | M] () - E:\autorun.cfg -- [ UDF ]

O32 - AutoRun File - [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive) - E:\autorun.exe -- [ UDF ]

O32 - AutoRun File - [2006.09.11 15:26:42 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]

O32 - AutoRun File - [2008.06.03 00:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]

O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell - "" = AutoRun

O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.30 00:37:58 | 000,180,224 | -HS- | M] ()

O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 18:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Error creating restore point.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.10.17 17:46:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe

[2011.10.16 23:24:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2011.10.16 19:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011.10.16 17:51:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes

[2011.10.16 17:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.10.16 17:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.10.16 17:51:19 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011.10.16 17:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011.10.10 14:26:22 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Sozi

[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2008.11.20 20:09:44 | 000,131,072 | ---- | C] ( ) -- C:\Windows\vm331Rmv.exe

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.10.17 17:46:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe

[2011.10.17 17:45:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.10.17 17:45:02 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys

[2011.10.16 23:24:04 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat

[2011.10.16 18:46:51 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\nsnmqxq.sys

[2011.10.16 17:51:26 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.10.14 01:25:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2011.10.14 01:25:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.10.14 01:25:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.10.10 02:22:26 | 000,000,000 | -H-- | M] () -- C:\Users\Public\Documents\AcSvc.dmp

[2011.10.09 14:23:06 | 000,000,129 | -H-- | M] () -- C:\Users\***\jagex_runescape_preferences2.dat

[2011.10.09 14:23:06 | 000,000,035 | -H-- | M] () -- C:\Users\***\jagex_runescape_preferences.dat

[2011.10.06 23:15:40 | 000,626,588 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.10.06 23:15:40 | 000,594,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.10.06 23:15:40 | 000,125,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.10.06 23:15:40 | 000,103,084 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.10.06 22:52:40 | 000,011,264 | -H-- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== Files Created - No Company Name ==========

 

[2011.10.16 23:24:04 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat

[2011.10.16 18:46:51 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\nsnmqxq.sys

[2011.10.16 17:51:26 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.10.16 16:32:16 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys

[2011.02.14 16:28:37 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2010.09.25 15:48:02 | 000,011,264 | -H-- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin

[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin

[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin

[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll

[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll

[2008.11.21 04:41:52 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2008.11.21 04:41:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.11.21 04:38:19 | 000,016,896 | ---- | C] () -- C:\Windows\Eventclr.exe

[2008.11.20 20:32:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll

[2008.11.20 20:32:36 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll

[2008.11.20 20:32:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll

[2008.11.20 20:32:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll

[2008.11.20 20:32:36 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll

[2008.11.20 20:32:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll

[2008.11.20 20:30:08 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL

[2008.11.20 20:30:08 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini

[2008.11.20 20:19:21 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll

[2008.11.20 20:19:20 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll

[2008.11.20 20:19:19 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin

[2008.11.20 20:09:44 | 000,001,291 | ---- | C] () -- C:\Windows\vm331Rmv.ini

[2008.11.20 20:03:44 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

[2008.08.26 13:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll

[2008.04.16 15:44:40 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2008.04.16 15:44:38 | 000,626,588 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2008.04.16 15:44:38 | 000,125,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2008.04.16 15:44:38 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2007.04.16 04:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin

[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 14:47:37 | 000,413,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:33:01 | 000,594,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 12:33:01 | 000,103,084 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

 
 ========== LOP Check ==========

 

[2011.02.13 13:46:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\.minecraft

[2011.06.16 15:35:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Bitcoin

[2011.07.13 19:34:36 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\BosMon

[2010.09.27 17:14:39 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Replay Media Catcher 4

[2011.08.26 17:28:56 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Ryoku

[2011.07.19 15:59:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Sports Interactive

[2011.08.30 22:03:14 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Syas

[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Thunderbird

[2010.08.09 13:43:23 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Trillian

[2011.06.12 23:59:28 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\uTorrent

[2011.10.14 01:25:42 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.02.13 13:46:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\.minecraft

[2010.08.21 23:12:11 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Adobe

[2010.09.15 18:48:24 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Avira

[2011.06.16 15:35:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Bitcoin

[2011.07.13 19:34:36 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\BosMon

[2010.08.08 23:53:06 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Identities

[2010.08.08 23:54:48 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Macromedia

[2011.10.16 17:51:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes

[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs

[2011.04.05 15:38:54 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft

[2011.04.03 13:41:06 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Mozilla

[2010.09.27 17:14:39 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Replay Media Catcher 4

[2011.07.09 15:17:07 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Roxio

[2011.08.26 17:28:56 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Ryoku

[2010.08.30 19:27:34 | 000,000,000 | RH-D | M] -- C:\Users\***\AppData\Roaming\SecuROM

[2011.07.19 15:59:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Sports Interactive

[2011.08.30 22:03:14 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Syas

[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Thunderbird

[2010.08.09 13:43:23 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Trillian

[2011.06.12 23:59:28 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\uTorrent

 
 < %APPDATA%\*.exe /s >

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll

[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll

[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll

[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe

[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >
 

< End of report >

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2010.08.16 14:57:50 | 000,000,154 | R--- | M] () - E:\autorun.cfg -- [ UDF ]

O32 - AutoRun File - [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive) - E:\autorun.exe -- [ UDF ]

O32 - AutoRun File - [2006.09.11 15:26:42 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]

O32 - AutoRun File - [2008.06.03 00:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]

O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell - "" = AutoRun

O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.30 00:37:58 | 000,180,224 | -HS- | M] ()

O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 18:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive)

[2011.10.17 17:45:02 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys

[2011.10.16 18:46:51 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\nsnmqxq.sys

:Commands

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

OTL-Fix:

Code:

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

C:\autoexec.bat moved successfully.

File move failed. E:\autorun.cfg scheduled to be moved on reboot.

File move failed. E:\autorun.exe scheduled to be moved on reboot.

File move failed. E:\autorun.inf scheduled to be moved on reboot.

Q:\AUTORUN.INF moved successfully.

S:\AUTORUN.INF moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.

S:\LenovoSDrive.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.

Q:\LenovoQDrive.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.

File move failed. E:\autorun.exe scheduled to be moved on reboot.

File C:\Windows\System32\temppf.sys not found.

C:\Windows\System32\drivers\nsnmqxq.sys moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: ***

->Temp folder emptied: 19124235 bytes

->Temporary Internet Files folder emptied: 55408340 bytes

->Java cache emptied: 41314756 bytes

->FireFox cache emptied: 48365748 bytes

->Flash cache emptied: 217773 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 113153943 bytes

RecycleBin emptied: 1142871808 bytes

 

Total Files Cleaned = 1.355,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.31.0 log created on 10172011_184004

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

TDSS-Killer:

Code:

18:55:25.0866 1200        TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23

18:55:26.0417 1200        ============================================================

18:55:26.0417 1200        Current date / time: 2011/10/17 18:55:26.0417

18:55:26.0418 1200        SystemInfo:

18:55:26.0418 1200        

18:55:26.0418 1200        OS Version: 6.0.6001 ServicePack: 1.0

18:55:26.0418 1200        Product type: Workstation

18:55:26.0418 1200        ComputerName: ***-PC

18:55:26.0419 1200        UserName: ***

18:55:26.0419 1200        Windows directory: C:\Windows

18:55:26.0419 1200        System windows directory: C:\Windows

18:55:26.0419 1200        Processor architecture: Intel x86

18:55:26.0419 1200        Number of processors: 2

18:55:26.0419 1200        Page size: 0x1000

18:55:26.0419 1200        Boot type: Safe boot with network

18:55:26.0419 1200        ============================================================

18:55:26.0965 1200        Initialize success

18:56:23.0533 1120        ============================================================

18:56:23.0533 1120        Scan started

18:56:23.0533 1120        Mode: Manual; SigCheck; TDLFS; 

18:56:23.0533 1120        ============================================================

18:56:24.0032 1120        ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

18:56:24.0344 1120        ACPI - ok

18:56:24.0484 1120        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

18:56:24.0562 1120        adp94xx - ok

18:56:24.0640 1120        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

18:56:24.0687 1120        adpahci - ok

18:56:24.0734 1120        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

18:56:24.0781 1120        adpu160m - ok

18:56:24.0828 1120        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

18:56:24.0859 1120        adpu320 - ok

18:56:24.0968 1120        AFD             (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

18:56:25.0062 1120        AFD - ok

18:56:25.0124 1120        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

18:56:25.0155 1120        agp440 - ok

18:56:25.0202 1120        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

18:56:25.0233 1120        aic78xx - ok

18:56:25.0311 1120        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

18:56:25.0342 1120        aliide - ok

18:56:25.0389 1120        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

18:56:25.0420 1120        amdagp - ok

18:56:25.0498 1120        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

18:56:25.0514 1120        amdide - ok

18:56:25.0576 1120        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

18:56:25.0779 1120        AmdK7 - ok

18:56:25.0842 1120        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

18:56:25.0935 1120        AmdK8 - ok

18:56:26.0076 1120        ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\Windows\system32\DRIVERS\Apfiltr.sys

18:56:26.0154 1120        ApfiltrService - ok

18:56:26.0232 1120        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

18:56:26.0263 1120        arc - ok

18:56:26.0341 1120        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

18:56:26.0372 1120        arcsas - ok

18:56:26.0434 1120        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

18:56:26.0544 1120        AsyncMac - ok

18:56:26.0590 1120        atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

18:56:26.0622 1120        atapi - ok

18:56:26.0731 1120        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

18:56:26.0762 1120        avgntflt - ok

18:56:26.0824 1120        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

18:56:26.0856 1120        avipbb - ok

18:56:26.0918 1120        b57nd60x        (f17463eddb3b6a988f939ff403e067c3) C:\Windows\system32\DRIVERS\b57nd60x.sys

18:56:27.0027 1120        b57nd60x - ok

18:56:27.0105 1120        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

18:56:27.0199 1120        Beep - ok

18:56:27.0292 1120        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

18:56:27.0386 1120        blbdrive - ok

18:56:27.0448 1120        bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

18:56:27.0511 1120        bowser - ok

18:56:27.0573 1120        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

18:56:27.0729 1120        BrFiltLo - ok

18:56:27.0760 1120        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

18:56:27.0854 1120        BrFiltUp - ok

18:56:27.0932 1120        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

18:56:28.0275 1120        Brserid - ok

18:56:28.0384 1120        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

18:56:28.0556 1120        BrSerWdm - ok

18:56:28.0603 1120        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

18:56:28.0759 1120        BrUsbMdm - ok

18:56:28.0806 1120        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

18:56:28.0977 1120        BrUsbSer - ok

18:56:29.0040 1120        BthEnum         (ae19cfbbba41800f3d5343e21d2ca09f) C:\Windows\system32\DRIVERS\BthEnum.sys

18:56:29.0133 1120        BthEnum - ok

18:56:29.0211 1120        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

18:56:29.0367 1120        BTHMODEM - ok

18:56:29.0414 1120        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

18:56:29.0539 1120        BthPan - ok

18:56:29.0601 1120        BTHPORT         (75f19df0bc62992d05fdd8a32d968531) C:\Windows\system32\Drivers\BTHport.sys

18:56:29.0679 1120        BTHPORT - ok

18:56:29.0742 1120        BTHUSB          (4ce2a25c5936bc515357d60fee73f221) C:\Windows\system32\Drivers\BTHUSB.sys

18:56:29.0788 1120        BTHUSB - ok

18:56:29.0851 1120        btwaudio        (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys

18:56:29.0882 1120        btwaudio - ok

18:56:29.0944 1120        btwavdt         (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys

18:56:29.0960 1120        btwavdt - ok

18:56:30.0069 1120        btwl2cap        (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys

18:56:30.0085 1120        btwl2cap - ok

18:56:30.0147 1120        btwrchid        (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys

18:56:30.0163 1120        btwrchid - ok

18:56:30.0225 1120        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

18:56:30.0334 1120        cdfs - ok

18:56:30.0397 1120        cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

18:56:30.0490 1120        cdrom - ok

18:56:30.0537 1120        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

18:56:30.0631 1120        circlass - ok

18:56:30.0678 1120        CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

18:56:30.0756 1120        CLFS - ok

18:56:30.0865 1120        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

18:56:30.0958 1120        CmBatt - ok

18:56:31.0005 1120        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

18:56:31.0036 1120        cmdide - ok

18:56:31.0114 1120        CnxtHdAudService (8b7a0ce6613f991359ff95212900396c) C:\Windows\system32\drivers\CHDRT32.sys

18:56:31.0192 1120        CnxtHdAudService - ok

18:56:31.0224 1120        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

18:56:31.0255 1120        Compbatt - ok

18:56:31.0302 1120        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

18:56:31.0317 1120        crcdisk - ok

18:56:31.0380 1120        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

18:56:31.0473 1120        Crusoe - ok

18:56:31.0567 1120        DfsC            (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

18:56:31.0645 1120        DfsC - ok

18:56:31.0770 1120        disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

18:56:31.0785 1120        disk - ok

18:56:31.0879 1120        DLABMFSM        (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\Windows\system32\DLA\DLABMFSM.SYS

18:56:31.0910 1120        DLABMFSM - ok

18:56:31.0957 1120        DLABOIOM        (ad4cb3d783634c90a9d0ce360933a63c) C:\Windows\system32\DLA\DLABOIOM.SYS

18:56:31.0972 1120        DLABOIOM - ok

18:56:32.0035 1120        DLACDBHM        (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS

18:56:32.0050 1120        DLACDBHM - ok

18:56:32.0113 1120        DLADResM        (dae193b1ddc6914f56b767a4f1406351) C:\Windows\system32\DLA\DLADResM.SYS

18:56:32.0144 1120        DLADResM - ok

18:56:32.0206 1120        DLAIFS_M        (6a82f77c4a6f5235bf352f0028e2ef52) C:\Windows\system32\DLA\DLAIFS_M.SYS

18:56:32.0238 1120        DLAIFS_M - ok

18:56:32.0284 1120        DLAOPIOM        (0e6052c0ada37504896a847231a3907d) C:\Windows\system32\DLA\DLAOPIOM.SYS

18:56:32.0300 1120        DLAOPIOM - ok

18:56:32.0362 1120        DLAPoolM        (29670bb4e2b973c5b55a76107d4910b2) C:\Windows\system32\DLA\DLAPoolM.SYS

18:56:32.0378 1120        DLAPoolM - ok

18:56:32.0456 1120        DLARTL_M        (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS

18:56:32.0472 1120        DLARTL_M - ok

18:56:32.0518 1120        DLAUDFAM        (6b087732b86c1d866d69dbbe463ea90a) C:\Windows\system32\DLA\DLAUDFAM.SYS

18:56:32.0550 1120        DLAUDFAM - ok

18:56:32.0612 1120        DLAUDF_M        (bbeecb95f2841ae4a3e3690d46d7153d) C:\Windows\system32\DLA\DLAUDF_M.SYS

18:56:32.0628 1120        DLAUDF_M - ok

18:56:32.0768 1120        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

18:56:32.0846 1120        drmkaud - ok

18:56:32.0893 1120        DRVMCDB         (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS

18:56:32.0924 1120        DRVMCDB - ok

18:56:32.0955 1120        DRVNDDM         (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS

18:56:32.0971 1120        DRVNDDM - ok

18:56:33.0049 1120        DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

18:56:33.0174 1120        DXGKrnl - ok

18:56:33.0220 1120        e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

18:56:33.0330 1120        e1express - ok

18:56:33.0376 1120        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

18:56:33.0486 1120        E1G60 - ok

18:56:33.0564 1120        Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

18:56:33.0595 1120        Ecache - ok

18:56:33.0720 1120        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

18:56:33.0782 1120        elxstor - ok

18:56:33.0860 1120        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

18:56:33.0969 1120        ErrDev - ok

18:56:34.0094 1120        exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

18:56:34.0188 1120        exfat - ok

18:56:34.0250 1120        fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

18:56:34.0344 1120        fastfat - ok

18:56:34.0406 1120        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

18:56:34.0500 1120        fdc - ok

18:56:34.0593 1120        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

18:56:34.0624 1120        FileInfo - ok

18:56:34.0671 1120        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

18:56:34.0765 1120        Filetrace - ok

18:56:34.0827 1120        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

18:56:34.0952 1120        flpydisk - ok

18:56:35.0014 1120        FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

18:56:35.0061 1120        FltMgr - ok

18:56:35.0186 1120        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

18:56:35.0248 1120        Fs_Rec - ok

18:56:35.0295 1120        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

18:56:35.0326 1120        gagp30kx - ok

18:56:35.0404 1120        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

18:56:35.0576 1120        HdAudAddService - ok

18:56:35.0638 1120        HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:56:35.0716 1120        HDAudBus - ok

18:56:35.0763 1120        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

18:56:35.0935 1120        HidBth - ok

18:56:35.0966 1120        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

18:56:36.0122 1120        HidIr - ok

18:56:36.0216 1120        HidUsb          (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys

18:56:36.0294 1120        HidUsb - ok

18:56:36.0340 1120        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

18:56:36.0387 1120        HpCISSs - ok

18:56:36.0465 1120        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

18:56:36.0574 1120        HSFHWAZL - ok

18:56:36.0684 1120        HSF_DPV         (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys

18:56:36.0808 1120        HSF_DPV - ok

18:56:36.0886 1120        HSXHWAZL        (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

18:56:36.0949 1120        HSXHWAZL - ok

18:56:37.0027 1120        HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

18:56:37.0136 1120        HTTP - ok

18:56:37.0183 1120        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

18:56:37.0214 1120        i2omp - ok

18:56:37.0292 1120        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

18:56:37.0370 1120        i8042prt - ok

18:56:37.0448 1120        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

18:56:37.0495 1120        iaStorV - ok

18:56:37.0963 1120        igfx            (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

18:56:38.0774 1120        igfx - ok

18:56:38.0883 1120        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

18:56:38.0914 1120        iirsp - ok

18:56:39.0039 1120        IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys

18:56:39.0102 1120        IntcHdmiAddService - ok

18:56:39.0180 1120        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

18:56:39.0211 1120        intelide - ok

18:56:39.0273 1120        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

18:56:39.0382 1120        intelppm - ok

18:56:39.0460 1120        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:56:39.0554 1120        IpFilterDriver - ok

18:56:39.0585 1120        IpInIp - ok

18:56:39.0663 1120        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

18:56:39.0757 1120        IPMIDRV - ok

18:56:39.0804 1120        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

18:56:39.0913 1120        IPNAT - ok

18:56:39.0944 1120        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

18:56:40.0038 1120        IRENUM - ok

18:56:40.0069 1120        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

18:56:40.0100 1120        isapnp - ok

18:56:40.0162 1120        iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

18:56:40.0209 1120        iScsiPrt - ok

18:56:40.0240 1120        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

18:56:40.0272 1120        iteatapi - ok

18:56:40.0334 1120        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

18:56:40.0365 1120        iteraid - ok

18:56:40.0459 1120        JMCR            (a69a1b991824b98f744913555f665893) C:\Windows\system32\DRIVERS\jmcr.sys

18:56:40.0521 1120        JMCR - ok

18:56:40.0568 1120        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

18:56:40.0599 1120        kbdclass - ok

18:56:40.0646 1120        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

18:56:40.0740 1120        kbdhid - ok

18:56:40.0833 1120        KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

18:56:40.0911 1120        KSecDD - ok

18:56:41.0020 1120        lenovo.smi      (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys

18:56:41.0036 1120        lenovo.smi - ok

18:56:41.0130 1120        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

18:56:41.0223 1120        lltdio - ok

18:56:41.0317 1120        LPCFilter       (31f74d5d47eea83e5e89447586917774) C:\Windows\system32\DRIVERS\LPCFilter.sys

18:56:41.0332 1120        LPCFilter - ok

18:56:41.0410 1120        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

18:56:41.0442 1120        LSI_FC - ok

18:56:41.0488 1120        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

18:56:41.0520 1120        LSI_SAS - ok

18:56:41.0582 1120        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

18:56:41.0613 1120        LSI_SCSI - ok

18:56:41.0660 1120        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

18:56:41.0754 1120        luafv - ok

18:56:41.0832 1120        mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

18:56:41.0863 1120        mdmxsdk - ok

18:56:41.0910 1120        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

18:56:41.0941 1120        megasas - ok

18:56:42.0019 1120        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

18:56:42.0081 1120        MegaSR - ok

18:56:42.0128 1120        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

18:56:42.0222 1120        Modem - ok

18:56:42.0284 1120        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

18:56:42.0378 1120        monitor - ok

18:56:42.0424 1120        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

18:56:42.0440 1120        mouclass - ok

18:56:42.0487 1120        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

18:56:42.0580 1120        mouhid - ok

18:56:42.0612 1120        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

18:56:42.0643 1120        MountMgr - ok

18:56:42.0705 1120        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

18:56:42.0752 1120        mpio - ok

18:56:42.0783 1120        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

18:56:42.0877 1120        mpsdrv - ok

18:56:42.0939 1120        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

18:56:42.0970 1120        Mraid35x - ok

18:56:43.0017 1120        MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

18:56:43.0095 1120        MRxDAV - ok

18:56:43.0142 1120        mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:56:43.0220 1120        mrxsmb - ok

18:56:43.0298 1120        mrxsmb10        (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:56:43.0360 1120        mrxsmb10 - ok

18:56:43.0392 1120        mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:56:43.0438 1120        mrxsmb20 - ok

18:56:43.0516 1120        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

18:56:43.0548 1120        msahci - ok

18:56:43.0610 1120        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

18:56:43.0641 1120        msdsm - ok

18:56:43.0750 1120        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

18:56:43.0828 1120        Msfs - ok

18:56:43.0906 1120        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

18:56:43.0938 1120        msisadrv - ok

18:56:44.0031 1120        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

18:56:44.0125 1120        MSKSSRV - ok

18:56:44.0172 1120        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

18:56:44.0250 1120        MSPCLOCK - ok

18:56:44.0296 1120        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

18:56:44.0390 1120        MSPQM - ok

18:56:44.0437 1120        MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

18:56:44.0468 1120        MsRPC - ok

18:56:44.0530 1120        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

18:56:44.0562 1120        mssmbios - ok

18:56:44.0608 1120        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

18:56:44.0702 1120        MSTEE - ok

18:56:44.0749 1120        Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

18:56:44.0780 1120        Mup - ok

18:56:44.0827 1120        NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

18:56:44.0905 1120        NativeWifiP - ok

18:56:44.0983 1120        NDIS            (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys

18:56:45.0045 1120        NDIS - ok

18:56:45.0108 1120        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

18:56:45.0186 1120        NdisTapi - ok

18:56:45.0232 1120        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

18:56:45.0326 1120        Ndisuio - ok

18:56:45.0404 1120        NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

18:56:45.0482 1120        NdisWan - ok

18:56:45.0529 1120        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

18:56:45.0607 1120        NDProxy - ok

18:56:45.0669 1120        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

18:56:45.0763 1120        NetBIOS - ok

18:56:45.0810 1120        netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

18:56:45.0919 1120        netbt - ok

18:56:46.0231 1120        NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys

18:56:46.0543 1120        NETw5v32 - ok

18:56:46.0621 1120        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

18:56:46.0652 1120        nfrd960 - ok

18:56:46.0730 1120        Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

18:56:46.0824 1120        Npfs - ok

18:56:46.0870 1120        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

18:56:46.0980 1120        nsiproxy - ok

18:56:47.0058 1120        Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

18:56:47.0182 1120        Ntfs - ok

18:56:47.0245 1120        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

18:56:47.0432 1120        ntrigdigi - ok

18:56:47.0494 1120        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

18:56:47.0572 1120        Null - ok

18:56:47.0619 1120        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

18:56:47.0666 1120        nvraid - ok

18:56:47.0728 1120        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

18:56:47.0760 1120        nvstor - ok

18:56:47.0806 1120        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

18:56:47.0853 1120        nv_agp - ok

18:56:47.0884 1120        NwlnkFlt - ok

18:56:47.0931 1120        NwlnkFwd - ok

18:56:47.0994 1120        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

18:56:48.0072 1120        ohci1394 - ok

18:56:48.0181 1120        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

18:56:48.0368 1120        Parport - ok

18:56:48.0430 1120        partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

18:56:48.0477 1120        partmgr - ok

18:56:48.0524 1120        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

18:56:48.0696 1120        Parvdm - ok

18:56:48.0742 1120        pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

18:56:48.0774 1120        pci - ok

18:56:48.0820 1120        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

18:56:48.0852 1120        pciide - ok

18:56:48.0914 1120        pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys

18:56:48.0945 1120        pcmcia - ok

18:56:49.0023 1120        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

18:56:49.0257 1120        PEAUTH - ok

18:56:49.0460 1120        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

18:56:49.0554 1120        PptpMiniport - ok

18:56:49.0616 1120        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

18:56:49.0710 1120        Processor - ok

18:56:49.0834 1120        psadd           (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys

18:56:49.0866 1120        psadd - ok

18:56:49.0912 1120        PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

18:56:49.0975 1120        PSched - ok

18:56:50.0022 1120        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys

18:56:50.0037 1120        PxHelp20 - ok

18:56:50.0162 1120        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

18:56:50.0302 1120        ql2300 - ok

18:56:50.0349 1120        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

18:56:50.0396 1120        ql40xx - ok

18:56:50.0474 1120        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

18:56:50.0536 1120        QWAVEdrv - ok

18:56:50.0583 1120        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

18:56:50.0677 1120        RasAcd - ok

18:56:50.0755 1120        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:56:50.0833 1120        Rasl2tp - ok

18:56:50.0880 1120        RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

18:56:50.0958 1120        RasPppoe - ok

18:56:51.0020 1120        RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

18:56:51.0098 1120        RasSstp - ok

18:56:51.0176 1120        rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

18:56:51.0270 1120        rdbss - ok

18:56:51.0316 1120        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:56:51.0426 1120        RDPCDD - ok

18:56:51.0535 1120        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

18:56:51.0628 1120        rdpdr - ok

18:56:51.0675 1120        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

18:56:51.0769 1120        RDPENCDD - ok

18:56:51.0847 1120        RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

18:56:51.0956 1120        RDPWD - ok

18:56:52.0065 1120        RFCOMM          (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys

18:56:52.0112 1120        RFCOMM - ok

18:56:52.0299 1120        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

18:56:52.0393 1120        rspndr - ok

18:56:52.0455 1120        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

18:56:52.0486 1120        sbp2port - ok

18:56:52.0596 1120        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

18:56:52.0689 1120        sdbus - ok

18:56:52.0767 1120        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

18:56:52.0923 1120        secdrv - ok

18:56:53.0017 1120        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

18:56:53.0173 1120        Serenum - ok

18:56:53.0220 1120        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

18:56:53.0391 1120        Serial - ok

18:56:53.0438 1120        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

18:56:53.0516 1120        sermouse - ok

18:56:53.0641 1120        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

18:56:53.0703 1120        sffdisk - ok

18:56:53.0750 1120        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

18:56:53.0844 1120        sffp_mmc - ok

18:56:53.0890 1120        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

18:56:54.0000 1120        sffp_sd - ok

18:56:54.0046 1120        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

18:56:54.0218 1120        sfloppy - ok

18:56:54.0265 1120        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

18:56:54.0296 1120        sisagp - ok

18:56:54.0343 1120        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

18:56:54.0374 1120        SiSRaid2 - ok

18:56:54.0421 1120        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

18:56:54.0452 1120        SiSRaid4 - ok

18:56:54.0514 1120        Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

18:56:54.0624 1120        Smb - ok

18:56:54.0717 1120        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

18:56:54.0748 1120        spldr - ok

18:56:54.0858 1120        srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

18:56:54.0951 1120        srv - ok

18:56:54.0998 1120        srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

18:56:55.0076 1120        srv2 - ok

18:56:55.0123 1120        srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

18:56:55.0185 1120        srvnet - ok

18:56:55.0279 1120        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

18:56:55.0294 1120        ssmdrv - ok

18:56:55.0466 1120        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

18:56:55.0513 1120        swenum - ok

18:56:55.0575 1120        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

18:56:55.0606 1120        Symc8xx - ok

18:56:55.0653 1120        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

18:56:55.0684 1120        Sym_hi - ok

18:56:55.0716 1120        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

18:56:55.0747 1120        Sym_u3 - ok

18:56:55.0903 1120        Tcpip           (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys

18:56:56.0028 1120        Tcpip - ok

18:56:56.0121 1120        Tcpip6          (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys

18:56:56.0215 1120        Tcpip6 - ok

18:56:56.0262 1120        tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

18:56:56.0355 1120        tcpipreg - ok

18:56:56.0449 1120        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

18:56:56.0542 1120        TDPIPE - ok

18:56:56.0589 1120        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

18:56:56.0698 1120        TDTCP - ok

18:56:56.0745 1120        tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

18:56:56.0870 1120        tdx - ok

18:56:56.0932 1120        TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

18:56:56.0964 1120        TermDD - ok

18:56:57.0073 1120        TPM             (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys

18:56:57.0104 1120        TPM - ok

18:56:57.0213 1120        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:56:57.0307 1120        tssecsrv - ok

18:56:57.0369 1120        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

18:56:57.0432 1120        tunmp - ok

18:56:57.0494 1120        tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

18:56:57.0541 1120        tunnel - ok

18:56:57.0681 1120        tvtfilter       (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys

18:56:57.0712 1120        tvtfilter ( UnsignedFile.Multi.Generic ) - warning

18:56:57.0712 1120        tvtfilter - detected UnsignedFile.Multi.Generic (1)

18:56:57.0775 1120        TVTI2C          (7e66dda1ef146bfc3a6e36e08e036602) C:\Windows\system32\DRIVERS\Tvti2c.sys

18:56:57.0790 1120        TVTI2C - ok

18:56:57.0853 1120        tvtumon         (2d1ec233c89416ba8187c9d7d49a075a) C:\Windows\system32\DRIVERS\tvtumon.sys

18:56:57.0884 1120        tvtumon - ok

18:56:57.0962 1120        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

18:56:57.0993 1120        uagp35 - ok

18:56:58.0040 1120        udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

18:56:58.0134 1120        udfs - ok

18:56:58.0243 1120        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

18:56:58.0258 1120        uliagpkx - ok

18:56:58.0321 1120        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

18:56:58.0352 1120        uliahci - ok

18:56:58.0430 1120        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

18:56:58.0461 1120        UlSata - ok

18:56:58.0508 1120        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

18:56:58.0539 1120        ulsata2 - ok

18:56:58.0586 1120        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

18:56:58.0664 1120        umbus - ok

18:56:58.0758 1120        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

18:56:58.0836 1120        usbccgp - ok

18:56:58.0867 1120        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

18:56:59.0023 1120        usbcir - ok

18:56:59.0101 1120        usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

18:56:59.0194 1120        usbehci - ok

18:56:59.0272 1120        usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

18:56:59.0366 1120        usbhub - ok

18:56:59.0428 1120        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

18:56:59.0584 1120        usbohci - ok

18:56:59.0631 1120        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

18:56:59.0772 1120        usbprint - ok

18:56:59.0818 1120        USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:56:59.0928 1120        USBSTOR - ok

18:56:59.0974 1120        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

18:57:00.0037 1120        usbuhci - ok

18:57:00.0115 1120        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

18:57:00.0208 1120        usbvideo - ok

18:57:00.0271 1120        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

18:57:00.0380 1120        vga - ok

18:57:00.0442 1120        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

18:57:00.0536 1120        VgaSave - ok

18:57:00.0614 1120        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

18:57:00.0630 1120        viaagp - ok

18:57:00.0708 1120        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

18:57:00.0786 1120        ViaC7 - ok

18:57:00.0848 1120        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

18:57:00.0879 1120        viaide - ok

18:57:00.0973 1120        vm331avs        (b9dfda5510fffb6c8b825271e3e3d2e0) C:\Windows\system32\Drivers\vm331avs.sys

18:57:01.0098 1120        vm331avs - ok

18:57:01.0144 1120        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

18:57:01.0176 1120        volmgr - ok

18:57:01.0254 1120        volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

18:57:01.0300 1120        volmgrx - ok

18:57:01.0363 1120        volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

18:57:01.0425 1120        volsnap - ok

18:57:01.0472 1120        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

18:57:01.0503 1120        vsmraid - ok

18:57:01.0612 1120        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

18:57:01.0784 1120        WacomPen - ok

18:57:01.0815 1120        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:57:01.0909 1120        Wanarp - ok

18:57:01.0956 1120        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:57:02.0018 1120        Wanarpv6 - ok

18:57:02.0080 1120        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

18:57:02.0112 1120        Wd - ok

18:57:02.0174 1120        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

18:57:02.0252 1120        Wdf01000 - ok

18:57:02.0408 1120        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys

18:57:02.0439 1120        WimFltr - ok

18:57:02.0533 1120        winachsf        (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

18:57:02.0626 1120        winachsf - ok

18:57:02.0798 1120        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

18:57:02.0876 1120        WmiAcpi - ok

18:57:03.0016 1120        WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

18:57:03.0094 1120        WpdUsb - ok

18:57:03.0172 1120        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

18:57:03.0266 1120        ws2ifsl - ok

18:57:03.0360 1120        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:57:03.0469 1120        WUDFRd - ok

18:57:03.0547 1120        XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys

18:57:03.0594 1120        XAudio - ok

18:57:03.0703 1120        MBR (0x1B8)     (b9b95b7ae4b744c06c8006057e1ee836) \Device\Harddisk0\DR0

18:57:03.0890 1120        \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:57:03.0890 1120        \Device\Harddisk0\DR0 - detected TDSS File System (1)

18:57:03.0937 1120        Boot (0x1200)   (705ce3082de2322caef83935af64c5c2) \Device\Harddisk0\DR0\Partition0

18:57:03.0937 1120        \Device\Harddisk0\DR0\Partition0 - ok

18:57:03.0968 1120        Boot (0x1200)   (7e83e0ecbf0c7168ed5f81d8a5b59f5e) \Device\Harddisk0\DR0\Partition1

18:57:03.0968 1120        \Device\Harddisk0\DR0\Partition1 - ok

18:57:04.0015 1120        Boot (0x1200)   (ce5ad19d41b24f57d6a6da81efba7ca4) \Device\Harddisk0\DR0\Partition2

18:57:04.0015 1120        \Device\Harddisk0\DR0\Partition2 - ok

18:57:04.0015 1120        ============================================================

18:57:04.0015 1120        Scan finished

18:57:04.0015 1120        ============================================================

18:57:04.0062 1352        Detected object count: 2

18:57:04.0062 1352        Actual detected object count: 2

18:57:14.0077 1352        tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user

18:57:14.0077 1352        tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:57:14.0077 1352        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:57:14.0077 1352        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Zitat:

18:57:14.0077 1352 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:57:14.0077 1352 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Diese Einträge bitte unbedingt mit dem TDSS-Killer entfernen

Mach bitte dann ein neues Log mit dem TDSS-Killer und poste es.

TDSS-Killer:

Code:

20:36:05.0014 1468        TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23

20:36:05.0669 1468        ============================================================

20:36:05.0669 1468        Current date / time: 2011/10/17 20:36:05.0669

20:36:05.0669 1468        SystemInfo:

20:36:05.0669 1468        

20:36:05.0669 1468        OS Version: 6.0.6001 ServicePack: 1.0

20:36:05.0669 1468        Product type: Workstation

20:36:05.0669 1468        ComputerName: ***-PC

20:36:05.0669 1468        UserName: ***

20:36:05.0669 1468        Windows directory: C:\Windows

20:36:05.0669 1468        System windows directory: C:\Windows

20:36:05.0669 1468        Processor architecture: Intel x86

20:36:05.0669 1468        Number of processors: 2

20:36:05.0669 1468        Page size: 0x1000

20:36:05.0669 1468        Boot type: Safe boot with network

20:36:05.0669 1468        ============================================================

20:36:06.0215 1468        Initialize success

20:36:11.0004 1308        ============================================================

20:36:11.0004 1308        Scan started

20:36:11.0004 1308        Mode: Manual; SigCheck; TDLFS; 

20:36:11.0004 1308        ============================================================

20:36:11.0472 1308        ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

20:36:11.0753 1308        ACPI - ok

20:36:11.0909 1308        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

20:36:11.0971 1308        adp94xx - ok

20:36:12.0049 1308        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

20:36:12.0112 1308        adpahci - ok

20:36:12.0174 1308        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

20:36:12.0205 1308        adpu160m - ok

20:36:12.0268 1308        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

20:36:12.0299 1308        adpu320 - ok

20:36:12.0408 1308        AFD             (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

20:36:12.0533 1308        AFD - ok

20:36:12.0595 1308        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

20:36:12.0627 1308        agp440 - ok

20:36:12.0673 1308        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:36:12.0705 1308        aic78xx - ok

20:36:12.0798 1308        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

20:36:12.0814 1308        aliide - ok

20:36:12.0876 1308        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

20:36:12.0907 1308        amdagp - ok

20:36:12.0970 1308        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

20:36:12.0985 1308        amdide - ok

20:36:13.0063 1308        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

20:36:13.0282 1308        AmdK7 - ok

20:36:13.0329 1308        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

20:36:13.0422 1308        AmdK8 - ok

20:36:13.0531 1308        ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\Windows\system32\DRIVERS\Apfiltr.sys

20:36:13.0609 1308        ApfiltrService - ok

20:36:13.0672 1308        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

20:36:13.0703 1308        arc - ok

20:36:13.0781 1308        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

20:36:13.0812 1308        arcsas - ok

20:36:13.0875 1308        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:36:13.0984 1308        AsyncMac - ok

20:36:14.0031 1308        atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

20:36:14.0062 1308        atapi - ok

20:36:14.0187 1308        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

20:36:14.0218 1308        avgntflt - ok

20:36:14.0343 1308        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

20:36:14.0389 1308        avipbb - ok

20:36:14.0467 1308        b57nd60x        (f17463eddb3b6a988f939ff403e067c3) C:\Windows\system32\DRIVERS\b57nd60x.sys

20:36:14.0561 1308        b57nd60x - ok

20:36:14.0655 1308        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:36:14.0748 1308        Beep - ok

20:36:14.0826 1308        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

20:36:14.0920 1308        blbdrive - ok

20:36:14.0998 1308        bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

20:36:15.0060 1308        bowser - ok

20:36:15.0138 1308        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:36:15.0310 1308        BrFiltLo - ok

20:36:15.0341 1308        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:36:15.0435 1308        BrFiltUp - ok

20:36:15.0528 1308        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:36:15.0871 1308        Brserid - ok

20:36:15.0965 1308        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:36:16.0152 1308        BrSerWdm - ok

20:36:16.0261 1308        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:36:16.0402 1308        BrUsbMdm - ok

20:36:16.0480 1308        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:36:16.0651 1308        BrUsbSer - ok

20:36:16.0714 1308        BthEnum         (ae19cfbbba41800f3d5343e21d2ca09f) C:\Windows\system32\DRIVERS\BthEnum.sys

20:36:16.0823 1308        BthEnum - ok

20:36:16.0901 1308        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:36:17.0073 1308        BTHMODEM - ok

20:36:17.0119 1308        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

20:36:17.0244 1308        BthPan - ok

20:36:17.0338 1308        BTHPORT         (75f19df0bc62992d05fdd8a32d968531) C:\Windows\system32\Drivers\BTHport.sys

20:36:17.0431 1308        BTHPORT - ok

20:36:17.0494 1308        BTHUSB          (4ce2a25c5936bc515357d60fee73f221) C:\Windows\system32\Drivers\BTHUSB.sys

20:36:17.0541 1308        BTHUSB - ok

20:36:17.0650 1308        btwaudio        (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys

20:36:17.0681 1308        btwaudio - ok

20:36:17.0728 1308        btwavdt         (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys

20:36:17.0759 1308        btwavdt - ok

20:36:17.0837 1308        btwl2cap        (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys

20:36:17.0853 1308        btwl2cap - ok

20:36:17.0915 1308        btwrchid        (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys

20:36:17.0931 1308        btwrchid - ok

20:36:17.0993 1308        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:36:18.0087 1308        cdfs - ok

20:36:18.0149 1308        cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

20:36:18.0258 1308        cdrom - ok

20:36:18.0305 1308        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

20:36:18.0399 1308        circlass - ok

20:36:18.0445 1308        CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

20:36:18.0508 1308        CLFS - ok

20:36:18.0648 1308        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:36:18.0742 1308        CmBatt - ok

20:36:18.0804 1308        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

20:36:18.0835 1308        cmdide - ok

20:36:18.0898 1308        CnxtHdAudService (8b7a0ce6613f991359ff95212900396c) C:\Windows\system32\drivers\CHDRT32.sys

20:36:18.0960 1308        CnxtHdAudService - ok

20:36:19.0007 1308        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:36:19.0038 1308        Compbatt - ok

20:36:19.0069 1308        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

20:36:19.0101 1308        crcdisk - ok

20:36:19.0163 1308        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

20:36:19.0257 1308        Crusoe - ok

20:36:19.0381 1308        DfsC            (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

20:36:19.0506 1308        DfsC - ok

20:36:19.0662 1308        disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

20:36:19.0709 1308        disk - ok

20:36:19.0818 1308        DLABMFSM        (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\Windows\system32\DLA\DLABMFSM.SYS

20:36:19.0849 1308        DLABMFSM - ok

20:36:19.0896 1308        DLABOIOM        (ad4cb3d783634c90a9d0ce360933a63c) C:\Windows\system32\DLA\DLABOIOM.SYS

20:36:19.0912 1308        DLABOIOM - ok

20:36:19.0974 1308        DLACDBHM        (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS

20:36:19.0990 1308        DLACDBHM - ok

20:36:20.0052 1308        DLADResM        (dae193b1ddc6914f56b767a4f1406351) C:\Windows\system32\DLA\DLADResM.SYS

20:36:20.0068 1308        DLADResM - ok

20:36:20.0130 1308        DLAIFS_M        (6a82f77c4a6f5235bf352f0028e2ef52) C:\Windows\system32\DLA\DLAIFS_M.SYS

20:36:20.0161 1308        DLAIFS_M - ok

20:36:20.0208 1308        DLAOPIOM        (0e6052c0ada37504896a847231a3907d) C:\Windows\system32\DLA\DLAOPIOM.SYS

20:36:20.0239 1308        DLAOPIOM - ok

20:36:20.0302 1308        DLAPoolM        (29670bb4e2b973c5b55a76107d4910b2) C:\Windows\system32\DLA\DLAPoolM.SYS

20:36:20.0317 1308        DLAPoolM - ok

20:36:20.0364 1308        DLARTL_M        (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS

20:36:20.0380 1308        DLARTL_M - ok

20:36:20.0458 1308        DLAUDFAM        (6b087732b86c1d866d69dbbe463ea90a) C:\Windows\system32\DLA\DLAUDFAM.SYS

20:36:20.0473 1308        DLAUDFAM - ok

20:36:20.0536 1308        DLAUDF_M        (bbeecb95f2841ae4a3e3690d46d7153d) C:\Windows\system32\DLA\DLAUDF_M.SYS

20:36:20.0567 1308        DLAUDF_M - ok

20:36:20.0692 1308        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

20:36:20.0770 1308        drmkaud - ok

20:36:20.0848 1308        DRVMCDB         (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS

20:36:20.0879 1308        DRVMCDB - ok

20:36:20.0926 1308        DRVNDDM         (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS

20:36:20.0957 1308        DRVNDDM - ok

20:36:21.0051 1308        DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

20:36:21.0160 1308        DXGKrnl - ok

20:36:21.0238 1308        e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

20:36:21.0331 1308        e1express - ok

20:36:21.0394 1308        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

20:36:21.0487 1308        E1G60 - ok

20:36:21.0565 1308        Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

20:36:21.0612 1308        Ecache - ok

20:36:21.0737 1308        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

20:36:21.0799 1308        elxstor - ok

20:36:21.0877 1308        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

20:36:21.0987 1308        ErrDev - ok

20:36:22.0080 1308        exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

20:36:22.0189 1308        exfat - ok

20:36:22.0252 1308        fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

20:36:22.0361 1308        fastfat - ok

20:36:22.0408 1308        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

20:36:22.0501 1308        fdc - ok

20:36:22.0611 1308        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

20:36:22.0642 1308        FileInfo - ok

20:36:22.0689 1308        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

20:36:22.0798 1308        Filetrace - ok

20:36:22.0829 1308        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

20:36:22.0954 1308        flpydisk - ok

20:36:23.0032 1308        FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

20:36:23.0063 1308        FltMgr - ok

20:36:23.0157 1308        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

20:36:23.0219 1308        Fs_Rec - ok

20:36:23.0281 1308        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

20:36:23.0313 1308        gagp30kx - ok

20:36:23.0391 1308        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

20:36:23.0578 1308        HdAudAddService - ok

20:36:23.0640 1308        HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

20:36:23.0718 1308        HDAudBus - ok

20:36:23.0765 1308        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

20:36:23.0937 1308        HidBth - ok

20:36:23.0968 1308        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

20:36:24.0139 1308        HidIr - ok

20:36:24.0233 1308        HidUsb          (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys

20:36:24.0327 1308        HidUsb - ok

20:36:24.0405 1308        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

20:36:24.0436 1308        HpCISSs - ok

20:36:24.0498 1308        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

20:36:24.0670 1308        HSFHWAZL - ok

20:36:24.0795 1308        HSF_DPV         (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys

20:36:24.0935 1308        HSF_DPV - ok

20:36:25.0013 1308        HSXHWAZL        (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

20:36:25.0060 1308        HSXHWAZL - ok

20:36:25.0138 1308        HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

20:36:25.0247 1308        HTTP - ok

20:36:25.0309 1308        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

20:36:25.0341 1308        i2omp - ok

20:36:25.0387 1308        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

20:36:25.0481 1308        i8042prt - ok

20:36:25.0543 1308        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

20:36:25.0590 1308        iaStorV - ok

20:36:26.0043 1308        igfx            (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

20:36:26.0885 1308        igfx - ok

20:36:26.0932 1308        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

20:36:26.0963 1308        iirsp - ok

20:36:27.0057 1308        IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys

20:36:27.0135 1308        IntcHdmiAddService - ok

20:36:27.0181 1308        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

20:36:27.0213 1308        intelide - ok

20:36:27.0259 1308        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

20:36:27.0353 1308        intelppm - ok

20:36:27.0431 1308        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:36:27.0525 1308        IpFilterDriver - ok

20:36:27.0587 1308        IpInIp - ok

20:36:27.0634 1308        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

20:36:27.0727 1308        IPMIDRV - ok

20:36:27.0759 1308        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

20:36:27.0868 1308        IPNAT - ok

20:36:27.0930 1308        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

20:36:28.0024 1308        IRENUM - ok

20:36:28.0055 1308        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

20:36:28.0102 1308        isapnp - ok

20:36:28.0164 1308        iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

20:36:28.0195 1308        iScsiPrt - ok

20:36:28.0242 1308        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

20:36:28.0273 1308        iteatapi - ok

20:36:28.0320 1308        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

20:36:28.0351 1308        iteraid - ok

20:36:28.0445 1308        JMCR            (a69a1b991824b98f744913555f665893) C:\Windows\system32\DRIVERS\jmcr.sys

20:36:28.0523 1308        JMCR - ok

20:36:28.0585 1308        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

20:36:28.0601 1308        kbdclass - ok

20:36:28.0663 1308        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

20:36:28.0741 1308        kbdhid - ok

20:36:28.0819 1308        KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

20:36:28.0897 1308        KSecDD - ok

20:36:29.0038 1308        lenovo.smi      (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys

20:36:29.0069 1308        lenovo.smi - ok

20:36:29.0116 1308        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

20:36:29.0225 1308        lltdio - ok

20:36:29.0303 1308        LPCFilter       (31f74d5d47eea83e5e89447586917774) C:\Windows\system32\DRIVERS\LPCFilter.sys

20:36:29.0334 1308        LPCFilter - ok

20:36:29.0397 1308        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

20:36:29.0428 1308        LSI_FC - ok

20:36:29.0475 1308        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

20:36:29.0521 1308        LSI_SAS - ok

20:36:29.0584 1308        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

20:36:29.0615 1308        LSI_SCSI - ok

20:36:29.0677 1308        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

20:36:29.0787 1308        luafv - ok

20:36:29.0849 1308        mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

20:36:29.0880 1308        mdmxsdk - ok

20:36:29.0927 1308        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

20:36:29.0958 1308        megasas - ok

20:36:30.0067 1308        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

20:36:30.0130 1308        MegaSR - ok

20:36:30.0208 1308        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

20:36:30.0301 1308        Modem - ok

20:36:30.0364 1308        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

20:36:30.0457 1308        monitor - ok

20:36:30.0520 1308        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

20:36:30.0551 1308        mouclass - ok

20:36:30.0613 1308        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

20:36:30.0691 1308        mouhid - ok

20:36:30.0723 1308        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

20:36:30.0754 1308        MountMgr - ok

20:36:30.0816 1308        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

20:36:30.0847 1308        mpio - ok

20:36:30.0894 1308        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

20:36:31.0003 1308        mpsdrv - ok

20:36:31.0066 1308        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

20:36:31.0097 1308        Mraid35x - ok

20:36:31.0144 1308        MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

20:36:31.0206 1308        MRxDAV - ok

20:36:31.0269 1308        mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:36:31.0331 1308        mrxsmb - ok

20:36:31.0409 1308        mrxsmb10        (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:36:31.0471 1308        mrxsmb10 - ok

20:36:31.0503 1308        mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:36:31.0565 1308        mrxsmb20 - ok

20:36:31.0643 1308        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

20:36:31.0659 1308        msahci - ok

20:36:31.0737 1308        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

20:36:31.0768 1308        msdsm - ok

20:36:31.0877 1308        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

20:36:31.0971 1308        Msfs - ok

20:36:32.0033 1308        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

20:36:32.0064 1308        msisadrv - ok

20:36:32.0189 1308        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

20:36:32.0283 1308        MSKSSRV - ok

20:36:32.0361 1308        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

20:36:32.0439 1308        MSPCLOCK - ok

20:36:32.0501 1308        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

20:36:32.0579 1308        MSPQM - ok

20:36:32.0626 1308        MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

20:36:32.0673 1308        MsRPC - ok

20:36:32.0735 1308        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

20:36:32.0766 1308        mssmbios - ok

20:36:32.0829 1308        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

20:36:32.0922 1308        MSTEE - ok

20:36:32.0969 1308        Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

20:36:33.0000 1308        Mup - ok

20:36:33.0078 1308        NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

20:36:33.0141 1308        NativeWifiP - ok

20:36:33.0203 1308        NDIS            (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys

20:36:33.0281 1308        NDIS - ok

20:36:33.0328 1308        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

20:36:33.0406 1308        NdisTapi - ok

20:36:33.0453 1308        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

20:36:33.0531 1308        Ndisuio - ok

20:36:33.0593 1308        NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

20:36:33.0671 1308        NdisWan - ok

20:36:33.0718 1308        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

20:36:33.0796 1308        NDProxy - ok

20:36:33.0858 1308        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

20:36:33.0952 1308        NetBIOS - ok

20:36:33.0999 1308        netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

20:36:34.0108 1308        netbt - ok

20:36:34.0420 1308        NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys

20:36:34.0747 1308        NETw5v32 - ok

20:36:34.0825 1308        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

20:36:34.0857 1308        nfrd960 - ok

20:36:34.0935 1308        Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

20:36:35.0028 1308        Npfs - ok

20:36:35.0075 1308        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

20:36:35.0184 1308        nsiproxy - ok

20:36:35.0309 1308        Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

20:36:35.0449 1308        Ntfs - ok

20:36:35.0496 1308        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

20:36:35.0652 1308        ntrigdigi - ok

20:36:35.0699 1308        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

20:36:35.0793 1308        Null - ok

20:36:35.0855 1308        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

20:36:35.0886 1308        nvraid - ok

20:36:35.0949 1308        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

20:36:35.0980 1308        nvstor - ok

20:36:36.0027 1308        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

20:36:36.0058 1308        nv_agp - ok

20:36:36.0089 1308        NwlnkFlt - ok

20:36:36.0136 1308        NwlnkFwd - ok

20:36:36.0198 1308        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

20:36:36.0323 1308        ohci1394 - ok

20:36:36.0417 1308        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

20:36:36.0588 1308        Parport - ok

20:36:36.0635 1308        partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

20:36:36.0666 1308        partmgr - ok

20:36:36.0713 1308        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

20:36:36.0869 1308        Parvdm - ok

20:36:36.0931 1308        pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

20:36:36.0978 1308        pci - ok

20:36:37.0009 1308        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

20:36:37.0041 1308        pciide - ok

20:36:37.0119 1308        pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys

20:36:37.0165 1308        pcmcia - ok

20:36:37.0243 1308        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

20:36:37.0477 1308        PEAUTH - ok

20:36:37.0727 1308        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

20:36:37.0821 1308        PptpMiniport - ok

20:36:37.0867 1308        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

20:36:37.0961 1308        Processor - ok

20:36:38.0070 1308        psadd           (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys

20:36:38.0086 1308        psadd - ok

20:36:38.0148 1308        PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

20:36:38.0226 1308        PSched - ok

20:36:38.0273 1308        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys

20:36:38.0289 1308        PxHelp20 - ok

20:36:38.0398 1308        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

20:36:38.0538 1308        ql2300 - ok

20:36:38.0601 1308        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

20:36:38.0632 1308        ql40xx - ok

20:36:38.0694 1308        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

20:36:38.0757 1308        QWAVEdrv - ok

20:36:38.0803 1308        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

20:36:38.0897 1308        RasAcd - ok

20:36:38.0959 1308        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:36:39.0053 1308        Rasl2tp - ok

20:36:39.0100 1308        RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

20:36:39.0193 1308        RasPppoe - ok

20:36:39.0240 1308        RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

20:36:39.0334 1308        RasSstp - ok

20:36:39.0381 1308        rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

20:36:39.0490 1308        rdbss - ok

20:36:39.0537 1308        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:36:39.0630 1308        RDPCDD - ok

20:36:39.0724 1308        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

20:36:39.0817 1308        rdpdr - ok

20:36:39.0864 1308        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

20:36:39.0958 1308        RDPENCDD - ok

20:36:40.0036 1308        RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

20:36:40.0129 1308        RDPWD - ok

20:36:40.0207 1308        RFCOMM          (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys

20:36:40.0254 1308        RFCOMM - ok

20:36:40.0410 1308        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

20:36:40.0488 1308        rspndr - ok

20:36:40.0582 1308        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

20:36:40.0613 1308        sbp2port - ok

20:36:40.0738 1308        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

20:36:40.0831 1308        sdbus - ok

20:36:40.0894 1308        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

20:36:41.0050 1308        secdrv - ok

20:36:41.0112 1308        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

20:36:41.0268 1308        Serenum - ok

20:36:41.0299 1308        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

20:36:41.0471 1308        Serial - ok

20:36:41.0533 1308        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

20:36:41.0611 1308        sermouse - ok

20:36:41.0721 1308        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

20:36:41.0783 1308        sffdisk - ok

20:36:41.0830 1308        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

20:36:41.0923 1308        sffp_mmc - ok

20:36:41.0970 1308        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

20:36:42.0064 1308        sffp_sd - ok

20:36:42.0111 1308        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

20:36:42.0267 1308        sfloppy - ok

20:36:42.0345 1308        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

20:36:42.0376 1308        sisagp - ok

20:36:42.0423 1308        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

20:36:42.0454 1308        SiSRaid2 - ok

20:36:42.0501 1308        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

20:36:42.0532 1308        SiSRaid4 - ok

20:36:42.0610 1308        Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

20:36:42.0719 1308        Smb - ok

20:36:42.0828 1308        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

20:36:42.0859 1308        spldr - ok

20:36:42.0937 1308        srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

20:36:43.0047 1308        srv - ok

20:36:43.0093 1308        srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

20:36:43.0171 1308        srv2 - ok

20:36:43.0218 1308        srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

20:36:43.0281 1308        srvnet - ok

20:36:43.0374 1308        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

20:36:43.0390 1308        ssmdrv - ok

20:36:43.0577 1308        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

20:36:43.0608 1308        swenum - ok

20:36:43.0686 1308        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

20:36:43.0717 1308        Symc8xx - ok

20:36:43.0764 1308        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

20:36:43.0795 1308        Sym_hi - ok

20:36:43.0842 1308        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

20:36:43.0873 1308        Sym_u3 - ok

20:36:44.0029 1308        Tcpip           (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys

20:36:44.0170 1308        Tcpip - ok

20:36:44.0232 1308        Tcpip6          (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys

20:36:44.0326 1308        Tcpip6 - ok

20:36:44.0373 1308        tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

20:36:44.0482 1308        tcpipreg - ok

20:36:44.0560 1308        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

20:36:44.0638 1308        TDPIPE - ok

20:36:44.0669 1308        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

20:36:44.0778 1308        TDTCP - ok

20:36:44.0825 1308        tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

20:36:44.0934 1308        tdx - ok

20:36:44.0997 1308        TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

20:36:45.0028 1308        TermDD - ok

20:36:45.0168 1308        TPM             (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys

20:36:45.0199 1308        TPM - ok

20:36:45.0309 1308        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:36:45.0402 1308        tssecsrv - ok

20:36:45.0465 1308        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

20:36:45.0527 1308        tunmp - ok

20:36:45.0574 1308        tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

20:36:45.0636 1308        tunnel - ok

20:36:45.0745 1308        tvtfilter       (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys

20:36:45.0777 1308        tvtfilter ( UnsignedFile.Multi.Generic ) - warning

20:36:45.0777 1308        tvtfilter - detected UnsignedFile.Multi.Generic (1)

20:36:45.0855 1308        TVTI2C          (7e66dda1ef146bfc3a6e36e08e036602) C:\Windows\system32\DRIVERS\Tvti2c.sys

20:36:45.0870 1308        TVTI2C - ok

20:36:45.0948 1308        tvtumon         (2d1ec233c89416ba8187c9d7d49a075a) C:\Windows\system32\DRIVERS\tvtumon.sys

20:36:45.0964 1308        tvtumon - ok

20:36:46.0057 1308        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

20:36:46.0089 1308        uagp35 - ok

20:36:46.0151 1308        udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

20:36:46.0260 1308        udfs - ok

20:36:46.0338 1308        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

20:36:46.0369 1308        uliagpkx - ok

20:36:46.0432 1308        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

20:36:46.0479 1308        uliahci - ok

20:36:46.0525 1308        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

20:36:46.0572 1308        UlSata - ok

20:36:46.0619 1308        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

20:36:46.0666 1308        ulsata2 - ok

20:36:46.0697 1308        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

20:36:46.0791 1308        umbus - ok

20:36:46.0853 1308        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

20:36:46.0931 1308        usbccgp - ok

20:36:46.0962 1308        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

20:36:47.0118 1308        usbcir - ok

20:36:47.0165 1308        usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

20:36:47.0274 1308        usbehci - ok

20:36:47.0305 1308        usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

20:36:47.0399 1308        usbhub - ok

20:36:47.0446 1308        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

20:36:47.0602 1308        usbohci - ok

20:36:47.0649 1308        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

20:36:47.0789 1308        usbprint - ok

20:36:47.0867 1308        USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:36:47.0961 1308        USBSTOR - ok

20:36:48.0023 1308        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

20:36:48.0101 1308        usbuhci - ok

20:36:48.0163 1308        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

20:36:48.0257 1308        usbvideo - ok

20:36:48.0335 1308        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

20:36:48.0444 1308        vga - ok

20:36:48.0491 1308        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

20:36:48.0585 1308        VgaSave - ok

20:36:48.0663 1308        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

20:36:48.0694 1308        viaagp - ok

20:36:48.0756 1308        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

20:36:48.0850 1308        ViaC7 - ok

20:36:48.0881 1308        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

20:36:48.0912 1308        viaide - ok

20:36:49.0021 1308        vm331avs        (b9dfda5510fffb6c8b825271e3e3d2e0) C:\Windows\system32\Drivers\vm331avs.sys

20:36:49.0146 1308        vm331avs - ok

20:36:49.0193 1308        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

20:36:49.0224 1308        volmgr - ok

20:36:49.0287 1308        volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

20:36:49.0349 1308        volmgrx - ok

20:36:49.0411 1308        volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

20:36:49.0458 1308        volsnap - ok

20:36:49.0521 1308        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

20:36:49.0567 1308        vsmraid - ok

20:36:49.0677 1308        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

20:36:49.0833 1308        WacomPen - ok

20:36:49.0895 1308        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:36:49.0973 1308        Wanarp - ok

20:36:50.0020 1308        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:36:50.0082 1308        Wanarpv6 - ok

20:36:50.0160 1308        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

20:36:50.0191 1308        Wd - ok

20:36:50.0254 1308        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

20:36:50.0332 1308        Wdf01000 - ok

20:36:50.0488 1308        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys

20:36:50.0519 1308        WimFltr - ok

20:36:50.0628 1308        winachsf        (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

20:36:50.0722 1308        winachsf - ok

20:36:50.0878 1308        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

20:36:50.0956 1308        WmiAcpi - ok

20:36:51.0096 1308        WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

20:36:51.0174 1308        WpdUsb - ok

20:36:51.0252 1308        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

20:36:51.0346 1308        ws2ifsl - ok

20:36:51.0439 1308        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:36:51.0549 1308        WUDFRd - ok

20:36:51.0642 1308        XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys

20:36:51.0689 1308        XAudio - ok

20:36:51.0798 1308        MBR (0x1B8)     (b9b95b7ae4b744c06c8006057e1ee836) \Device\Harddisk0\DR0

20:36:51.0985 1308        \Device\Harddisk0\DR0 - ok

20:36:52.0032 1308        Boot (0x1200)   (705ce3082de2322caef83935af64c5c2) \Device\Harddisk0\DR0\Partition0

20:36:52.0032 1308        \Device\Harddisk0\DR0\Partition0 - ok

20:36:52.0079 1308        Boot (0x1200)   (7e83e0ecbf0c7168ed5f81d8a5b59f5e) \Device\Harddisk0\DR0\Partition1

20:36:52.0079 1308        \Device\Harddisk0\DR0\Partition1 - ok

20:36:52.0126 1308        Boot (0x1200)   (ce5ad19d41b24f57d6a6da81efba7ca4) \Device\Harddisk0\DR0\Partition2

20:36:52.0126 1308        \Device\Harddisk0\DR0\Partition2 - ok

20:36:52.0126 1308        ============================================================

20:36:52.0126 1308        Scan finished

20:36:52.0126 1308        ============================================================

20:36:52.0188 1856        Detected object count: 1

20:36:52.0188 1856        Actual detected object count: 1

20:36:57.0009 1856        tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user

20:36:57.0009 1856        tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip