Trojaner-Board
Seite 1 von 5 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos (https://www.trojaner-board.de/107049-rechner-langsam-kaspersky-schwarze-liste-beschaedigt-update-erfolglos.html)

darkrider78 28.12.2011 03:26
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos
 
Hallo,
da mein Rechner sehr langsam ist und Kaspersky eine Fehlermeldung ausspuckt, dass die schwarze Liste beschädigt ist, bin ich mir sicher, dass ich Viren auf den Rechner habe...

Bitte erneut um Hilfe!

Danke Voraus.

MFG darkrider78

cosinus 28.12.2011 05:42
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

darkrider78 30.12.2011 01:09
Den Vollscan mit Malewarebytes habe ich gemacht.
Ich finde nur leider die Logs nicht.

Und die Logs von ESET auch nicht, bitte sagen Sie mir, wo die Programme die Logdateien speichern.

cosinus 30.12.2011 01:10
Zitat:
Ich finde nur leider die Logs nicht.
Malwarebytes starten => Reiter Logdateien

Zitat:
Und die Logs von ESET auch nicht,
Wurde in meiner Anleitung gepostet

darkrider78 30.12.2011 04:37
Code:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 03:46:49
mbam-log-2011-12-28 (03-46-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 500409
Laufzeit: 1 Stunde(n), 46 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Nach Löschung der Funde:
Code:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 02:56:58
mbam-log-2011-12-28 (02-56-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 488011
Laufzeit: 45 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_cfg.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_u_r.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Irgendwas hat mir den ESET Log zerschossen, ich werde gleich währen ich schlafe einen erneuten Scan machen und den Log dann posten...

darkrider78 31.12.2011 00:18
Hier der ESET Log:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=24697847b8c78a4398d03265229f1ef9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-12-30 11:08:42
# local_time=2011-12-31 12:08:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 5894 76894212 0 0
# compatibility_mode=8192 67108863 100 0 222447 222447 0 0
# scanned=277617
# found=8
# cleaned=8
# scan_time=23501
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CheatEngine61(1).exe        Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CrystalDiskInfo4_0_2a-en.exe        Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Documents\Sicherung vom USB-STICK\Downloads\CheatEngine60.exe        Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Downloads\CheatEngine61(1).exe        Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Downloads\CheatEngine61.exe        Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Downloads\CrystalDiskInfo4_0_2a-en.exe        Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Downloads\DivXInstaller813(1).exe        Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
I:\Users\***\Downloads\DivXInstaller813.exe        Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C

cosinus 31.12.2011 00:25
Zitat:
(gelöscht - in Quarantäne kopiert)
Warum kann man die Anleitungen nichmal vollstädnig und aufmerksam lesen?
Bei ESET sollten die Funde noch NICHT entfernt werden!

darkrider78 31.12.2011 00:36
Und jetzt?
EDIT: Sry, wegen der Anleitung, mir geht es in letzter Zeit vsehr schlecht und ich bin leicht verwirrt.

darkrider78 31.12.2011 01:50
Guten Rutsch, melde mich 01.01.12 zwischen 18 und 23 Uhr wieder...

cosinus 31.12.2011 15:34
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

darkrider78 01.01.2012 16:59
Code:
OTL logfile created on: 1/1/2012 4:41:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\***\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 72.22% Memory free
6.00 Gb Paging File | 4.76 Gb Available in Paging File | 79.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 890.41 Gb Total Space | 779.72 Gb Free Space | 87.57% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 23.48 Gb Free Space | 58.70% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/01/01 16:36:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/12/29 18:40:26 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011/12/29 16:36:26 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/12/29 16:36:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/12/29 16:35:50 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/12/29 16:35:44 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/12/29 16:35:32 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/29 16:35:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/12/29 16:35:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/12/29 16:35:23 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/29 16:35:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/11/13 00:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/05/27 20:40:48 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/05/12 14:12:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe -- (AVP)
SRV - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011/11/23 14:17:08 | 000,131,856 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/08/19 09:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C525(UVC)
DRV - [2011/08/19 09:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 09:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/09/14 05:46:26 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010/09/14 05:46:22 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010/09/14 05:46:18 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010/09/14 05:46:14 | 000,577,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/27 17:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 10:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: lazarus@interclue.com:2.0.4
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.2.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.7.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..keyword.URL: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/12/27 16:42:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011/12/28 04:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/27 16:45:55 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2011/12/27 16:45:50 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\moveplayer@movenetworks.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] ("PennerBar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\pennerbar3@pennergame.de
[2011/12/27 16:58:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\AUTOPAGER@MOZILLA.ORG.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\COMPACTMENUCE@MERCI.CHAO.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\CTRL-TAB@DESIGN-NOIR.DE.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\423XF1HP.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ie_banner_deny.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.161 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: DhcpNameServer = 83.169.185.161 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer = 83.169.185.161 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\kloehk.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - State: "bootini" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: BsScanner - Service
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: BsScanner - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/01 15:26:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/31 03:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011/12/31 03:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/12/31 02:07:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2011/12/31 02:05:16 | 000,000,000 | ---D | C] -- C:\AiO-Files
[2011/12/31 02:04:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\svcpack
[2011/12/31 00:13:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SoftGrid Client
[2011/12/31 00:13:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/31 00:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011/12/31 00:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/12/31 00:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2011/12/31 00:11:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TP
[2011/12/30 19:16:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\CyberLink
[2011/12/30 04:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
[2011/12/30 04:08:41 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Crossfire
[2011/12/30 01:24:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 01:02:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2011/12/30 01:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2011/12/30 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2011/12/30 01:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011/12/29 16:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/12/28 21:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/12/28 15:08:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Logitech® Webcam-Software
[2011/12/28 15:04:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/12/28 15:04:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/28 15:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011/12/28 15:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/12/28 15:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011/12/28 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011/12/28 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/12/28 15:01:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/12/28 14:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2011/12/28 14:20:20 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/12/28 04:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/28 02:55:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011/12/28 02:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/28 02:55:40 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/28 02:23:28 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\CFNA
[2011/12/28 02:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Suite CBE 11
[2011/12/28 02:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/12/28 02:04:11 | 000,488,536 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:50:52 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/12/28 00:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/12/27 18:59:05 | 000,000,000 | ---D | C] -- C:\CFLog
[2011/12/27 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/27 18:41:15 | 000,025,088 | ---- | C] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2011/12/27 18:38:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\WinRAR
[2011/12/27 18:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games
[2011/12/27 17:38:21 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Hörspiele
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Vuze Downloads
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Videomaskenprojekte
[2011/12/27 17:27:19 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Texturen Pakete
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Sicherung vom USB-STICK
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\PF
[2011/12/27 17:22:08 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\O&O
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Need for Speed World
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\My Cheat Tables
[2011/12/27 17:21:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Minecraft Mod's
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX_Music_Maker_17
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX Downloads
[2011/12/27 17:18:46 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie GTA SA
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie FS
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kalypso Media
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Image - SimCity3000 Deutschland
[2011/12/27 17:18:04 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\ICQ
[2011/12/27 17:18:03 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\HUiiii
[2011/12/27 17:17:55 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\FUSSBALL MANAGER 11 Demo
[2011/12/27 17:04:47 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Filme
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Eigene Dateien
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Cross Fire
[2011/12/27 17:02:05 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Play4Free
[2011/12/27 17:01:57 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Heroes
[2011/12/27 17:01:30 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Abbild CBS
[2011/12/27 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe
[2011/12/27 16:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/12/27 16:53:52 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/12/27 16:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/12/27 16:52:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/27 16:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:46:18 | 000,000,000 | ---D | C] -- C:\SG Interactive
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2011/12/27 16:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2011/12/27 16:42:18 | 000,000,000 | ---D | C] -- C:\Programme
[2011/12/27 16:31:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:19:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:18:12 | 000,117,760 | -H-- | C] (Skydaz) -- C:\Users\***\Desktop\Mod Tools v2.2.exe
[2011/12/27 16:18:10 | 000,925,696 | -H-- | C] (Georg Rottensteiner) -- C:\Users\***\Desktop\HitBlock.exe
[2011/12/27 16:18:10 | 000,388,608 | -H-- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis204.exe
[2011/12/27 16:18:09 | 000,684,032 | -H-- | C] (Wissen digital) -- C:\Users\***\Desktop\Führerschein.exe
[2011/12/27 16:18:06 | 003,095,040 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/27 16:18:02 | 002,904,064 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/27 16:17:42 | 001,236,480 | ---- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/27 16:17:40 | 001,953,792 | -H-- | C] ( g4bo) -- C:\Users\***\Desktop\CF_G4box.exe
[2011/12/27 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\***\CrossFire_1080
[2011/12/27 16:14:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ATI
[2011/12/27 16:14:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Power2Go
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\Searches
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/27 16:13:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:13:55 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts
[2011/12/27 16:13:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/27 16:13:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2011/12/27 16:13:42 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/27 16:13:42 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/12/27 16:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials 4
[2011/12/27 16:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2011/12/27 16:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2011/12/27 16:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2011/12/27 16:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/27 16:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/12/27 16:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/12/27 16:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/12/27 16:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/12/27 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/12/27 16:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/27 16:06:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/12/27 16:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/12/27 16:04:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/01 16:13:05 | 026,928,174 | ---- | M] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:06:25 | 002,992,284 | ---- | M] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2012/01/01 15:35:23 | 000,662,686 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/01 15:35:23 | 000,623,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/01 15:35:23 | 000,133,764 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/01 15:35:23 | 000,109,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/01 15:21:23 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/31 03:36:14 | 000,001,690 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011/12/31 01:54:11 | 000,058,360 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 17:01:58 | 000,000,869 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | M] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 16:32:21 | 000,278,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/28 15:03:37 | 000,001,586 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 02:56:22 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 02:44:07 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:44:07 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 02:42:07 | 000,002,495 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | M] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:48:12 | 000,000,858 | ---- | M] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:03:11 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/12/27 16:53:03 | 000,001,545 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:48:05 | 000,000,849 | ---- | M] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:10:27 | 000,000,020 | ---- | M] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | M] () -- C:\Windows\DùR
[2011/12/27 15:22:37 | 016,257,873 | ---- | M] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/25 20:03:37 | 000,093,860 | ---- | M] () -- C:\Users\***\Documents\New.MMM
[2011/12/25 20:02:40 | 000,119,382 | ---- | M] () -- C:\Users\***\Documents\rock.MMM
[2011/12/25 11:37:48 | 000,000,371 | ---- | M] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/24 13:06:06 | 000,001,352 | ---- | M] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/23 15:22:44 | 001,236,480 | ---- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/23 14:47:28 | 002,904,064 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/23 14:46:52 | 003,095,040 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/19 15:14:42 | 000,036,864 | ---- | M] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/17 20:05:55 | 001,264,095 | ---- | M] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/16 15:09:51 | 000,000,053 | RH-- | M] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/14 16:41:30 | 536,435,153 | ---- | M] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 21:42:15 | 000,000,754 | -H-- | M] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/07 13:07:25 | 000,013,157 | -H-- | M] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/03 00:14:34 | 000,073,604 | -H-- | M] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/02 18:39:56 | 000,025,088 | ---- | M] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/01 16:08:54 | 026,928,174 | ---- | C] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:05:59 | 002,992,284 | ---- | C] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2011/12/31 02:04:14 | 000,000,371 | ---- | C] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/31 02:04:14 | 000,000,279 | ---- | C] () -- C:\Users\***\Desktop\AiO.ini
[2011/12/31 01:54:03 | 000,058,360 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 19:15:21 | 520,349,696 | ---- | C] () -- C:\Users\***\Desktop\ophcrack-vista-livecd-2.3.1.iso
[2011/12/30 17:01:58 | 000,000,869 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | C] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 23:58:09 | 000,036,864 | ---- | C] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/28 21:04:18 | 000,001,140 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011/12/28 15:03:37 | 000,001,586 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 14:20:57 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/12/28 14:20:05 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/12/28 14:20:00 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/12/28 02:56:22 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | C] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:05:08 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:05:07 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 00:49:44 | 000,000,858 | ---- | C] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:49:41 | 000,001,690 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/12/27 23:58:21 | 2415,321,088 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/27 17:30:38 | 000,231,252 | -H-- | C] () -- C:\Users\***\Documents\Unbenannt.png
[2011/12/27 17:30:38 | 000,119,382 | ---- | C] () -- C:\Users\***\Documents\rock.MMM
[2011/12/27 17:30:38 | 000,093,860 | ---- | C] () -- C:\Users\***\Documents\New.MMM
[2011/12/27 17:28:14 | 052,723,711 | -H-- | C] () -- C:\Users\***\Documents\IMAGE.iso
[2011/12/27 17:28:14 | 000,000,107 | -H-- | C] () -- C:\Users\***\Documents\gta sa 1.cht
[2011/12/27 17:28:13 | 016,257,873 | ---- | C] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/27 17:28:13 | 001,264,095 | ---- | C] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/27 17:27:53 | 000,036,134 | -H-- | C] () -- C:\Users\***\Documents\cc_20111101_194453.reg
[2011/12/27 17:27:52 | 011,481,072 | -H-- | C] () -- C:\Users\***\Documents\bfh.wmv
[2011/12/27 17:27:52 | 000,001,352 | ---- | C] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/27 17:27:48 | 140,388,356 | -H-- | C] () -- C:\Users\***\Documents\Absicherung vor Änderung der reg wegen Skype.reg
[2011/12/27 17:27:48 | 000,292,033 | -H-- | C] () -- C:\Users\***\Documents\20111103-5-ichbinschwerti.jpg
[2011/12/27 17:27:47 | 000,073,604 | -H-- | C] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/27 16:58:32 | 000,002,495 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/27 16:53:03 | 000,001,545 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:18:19 | 001,009,664 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.exe
[2011/12/27 16:18:19 | 000,001,669 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.ini
[2011/12/27 16:18:15 | 000,013,157 | -H-- | C] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,013,149 | -H-- | C] () -- C:\Users\***\Desktop\Spracherkennung starten - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,000,209 | -H-- | C] () -- C:\Users\***\Desktop\Team Fortress 2.url
[2011/12/27 16:18:15 | 000,000,072 | -H-- | C] () -- C:\Users\***\Desktop\taskmgr (2).cmd
[2011/12/27 16:18:14 | 003,171,328 | -H-- | C] () -- C:\Users\***\Desktop\RollerCoaster Tycoon.exe
[2011/12/27 16:18:12 | 000,001,785 | -H-- | C] () -- C:\Users\***\Desktop\Maus- und Tastatureinstellungen.lnk
[2011/12/27 16:18:12 | 000,000,720 | -H-- | C] () -- C:\Users\***\Desktop\MacroX.lnk
[2011/12/27 16:18:12 | 000,000,000 | -H-- | C] () -- C:\Users\***\Desktop\info.nfo
[2011/12/27 16:18:09 | 000,000,754 | -H-- | C] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/27 16:18:08 | 000,000,891 | -H-- | C] () -- C:\Users\***\Desktop\Eigene Musik.lnk
[2011/12/27 16:18:08 | 000,000,757 | -H-- | C] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk
[2011/12/27 16:17:43 | 536,435,153 | ---- | C] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/27 16:17:42 | 000,000,849 | ---- | C] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:17:42 | 000,000,053 | RH-- | C] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/27 16:17:40 | 000,001,035 | -H-- | C] () -- C:\Users\***\Desktop\Cheat Engine.lnk
[2011/12/27 16:14:05 | 000,001,417 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
[2011/08/19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 06:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/07/01 23:01:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/12 14:13:56 | 000,662,686 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/12 14:13:56 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/12 14:13:56 | 000,133,764 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/12 14:13:56 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/29 16:37:26 | 000,002,137 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/04/06 18:54:32 | 000,203,336 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,278,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,623,174 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,109,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== LOP Check ==========
 
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2009/07/14 05:53:46 | 000,011,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/12/27 16:31:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/30 01:24:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 19:17:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CyberLink
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:13:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:14:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010/06/30 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/28 02:55:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2009/07/14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Media Center Programs
[2011/12/31 00:13:27 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2012/01/01 16:37:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2011/12/27 18:41:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010/06/30 11:23:09 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/12/28 15:04:22 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011/09/23 13:04:06 | 001,341,376 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007/11/14 18:44:42 | 000,129,552 | ---- | M] (Promise Technology, Inc.) MD5=58CB1FA96B24DFE2196548E959B1996B -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2009/10/26 18:41:10 | 000,189,496 | ---- | M] (Advanced Micro Devices, Inc) MD5=6C27F0A964EA98F457CAAB9A47030538 -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\W7\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\drivers\iaStor.sys
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e8a55be84650e755\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys
[2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl2.sys
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys
[2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys
[2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2011/04/13 15:38:36 | 000,229,776 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\klogon.dll
[2009/07/14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
 
========== Files - Unicode (All) ==========
[2011/12/27 16:18:19 | 000,000,000 | -H-- | C] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt
[2011/09/13 23:06:17 | 000,000,000 | -H-- | M] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt

< End of report >
[/CODE]

cosinus 02.01.2012 12:33
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
FF - prefs.js..keyword.URL: "http://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

darkrider78 02.01.2012 18:34
Hier das Log:
Code:
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q=" removed from keyword.URL
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 8118 removed from network.proxy.http_port
Prefs.js: "127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: "127.0.0.1" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: "127.0.0.1" removed from network.proxy.ssl
Prefs.js: 8118 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File C:\Users\***\Desktop\patcher_cf.exe not found.
C:\Windows\põ‚ moved successfully.
C:\Windows\DùR moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: ***
->Temp folder emptied: 14312852 bytes
->Temporary Internet Files folder emptied: 23992236 bytes
->Java cache emptied: 8383236 bytes
->FireFox cache emptied: 40165227 bytes
->Flash cache emptied: 57317 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33436802 bytes
RecycleBin emptied: 37291606 bytes
 
Total Files Cleaned = 150.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01022012_182951

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 02.01.2012 21:06
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

darkrider78 05.01.2012 13:45
Hier der Log (mein Rechner ist noch langsamer geworden):

Code:
13:37:11.0753 3228        TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:37:11.0875 3228        ============================================================
13:37:11.0875 3228        Current date / time: 2012/01/05 13:37:11.0875
13:37:11.0876 3228        SystemInfo:
13:37:11.0876 3228       
13:37:11.0876 3228        OS Version: 6.1.7601 ServicePack: 1.0
13:37:11.0876 3228        Product type: Workstation
13:37:11.0876 3228        ComputerName: TOBIAS-PC
13:37:11.0876 3228        UserName: Tobias
13:37:11.0876 3228        Windows directory: C:\Windows
13:37:11.0876 3228        System windows directory: C:\Windows
13:37:11.0877 3228        Processor architecture: Intel x86
13:37:11.0877 3228        Number of processors: 2
13:37:11.0877 3228        Page size: 0x1000
13:37:11.0877 3228        Boot type: Normal boot
13:37:11.0877 3228        ============================================================
13:37:12.0440 3228        Initialize success
13:40:21.0334 4568        ============================================================
13:40:21.0334 4568        Scan started
13:40:21.0334 4568        Mode: Manual; SigCheck; TDLFS;
13:40:21.0334 4568        ============================================================
13:40:23.0191 4568        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:40:23.0315 4568        1394ohci - ok
13:40:23.0347 4568        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:40:23.0362 4568        ACPI - ok
13:40:23.0378 4568        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:40:23.0471 4568        AcpiPmi - ok
13:40:23.0627 4568        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:23.0690 4568        adp94xx - ok
13:40:23.0721 4568        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:40:23.0737 4568        adpahci - ok
13:40:23.0768 4568        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:40:23.0783 4568        adpu320 - ok
13:40:23.0893 4568        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:40:23.0971 4568        AFD - ok
13:40:24.0017 4568        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:40:24.0033 4568        agp440 - ok
13:40:24.0127 4568        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:40:24.0158 4568        aic78xx - ok
13:40:24.0205 4568        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:40:24.0220 4568        aliide - ok
13:40:24.0251 4568        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:40:24.0267 4568        amdagp - ok
13:40:24.0361 4568        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:40:24.0376 4568        amdide - ok
13:40:24.0423 4568        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:40:24.0485 4568        AmdK8 - ok
13:40:24.0579 4568        amdkmdag        (51610b74a9a1d84dc86fce1019beaff4) C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:24.0735 4568        amdkmdag - ok
13:40:24.0829 4568        amdkmdap        (cd1d86ab81eece67d7bd6f7ef9786ccc) C:\Windows\system32\DRIVERS\atikmpag.sys
13:40:24.0891 4568        amdkmdap - ok
13:40:24.0922 4568        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:40:24.0953 4568        AmdPPM - ok
13:40:24.0985 4568        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:40:25.0031 4568        amdsata - ok
13:40:25.0094 4568        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:25.0125 4568        amdsbs - ok
13:40:25.0141 4568        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:40:25.0172 4568        amdxata - ok
13:40:25.0203 4568        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:40:25.0328 4568        AppID - ok
13:40:25.0375 4568        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:40:25.0390 4568        arc - ok
13:40:25.0531 4568        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:40:25.0577 4568        arcsas - ok
13:40:25.0624 4568        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:25.0718 4568        AsyncMac - ok
13:40:25.0874 4568        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:40:25.0905 4568        atapi - ok
13:40:25.0967 4568        AtiHdmiService  (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
13:40:25.0999 4568        AtiHdmiService - ok
13:40:26.0123 4568        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:40:26.0186 4568        b06bdrv - ok
13:40:26.0217 4568        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:40:26.0248 4568        b57nd60x - ok
13:40:26.0264 4568        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:40:26.0311 4568        Beep - ok
13:40:26.0435 4568        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:26.0482 4568        blbdrive - ok
13:40:26.0529 4568        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:40:26.0607 4568        bowser - ok
13:40:26.0638 4568        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:26.0685 4568        BrFiltLo - ok
13:40:26.0763 4568        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:26.0825 4568        BrFiltUp - ok
13:40:26.0857 4568        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:40:26.0888 4568        Brserid - ok
13:40:26.0919 4568        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:26.0966 4568        BrSerWdm - ok
13:40:27.0106 4568        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:27.0153 4568        BrUsbMdm - ok
13:40:27.0184 4568        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:27.0215 4568        BrUsbSer - ok
13:40:27.0231 4568        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:27.0262 4568        BTHMODEM - ok
13:40:27.0387 4568        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:40:27.0465 4568        cdfs - ok
13:40:27.0512 4568        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:40:27.0543 4568        cdrom - ok
13:40:27.0683 4568        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:40:27.0761 4568        circlass - ok
13:40:27.0777 4568        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:40:27.0824 4568        CLFS - ok
13:40:28.0027 4568        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:28.0105 4568        CmBatt - ok
13:40:28.0120 4568        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:40:28.0136 4568        cmdide - ok
13:40:28.0198 4568        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:40:28.0245 4568        CNG - ok
13:40:28.0261 4568        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:40:28.0292 4568        Compbatt - ok
13:40:28.0354 4568        CompFilter      (bc6b87086ff0d99f87fe8af9a919a1e7) C:\Windows\system32\DRIVERS\lvbusflt.sys
13:40:28.0385 4568        CompFilter - ok
13:40:28.0526 4568        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:40:28.0604 4568        CompositeBus - ok
13:40:28.0635 4568        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:28.0651 4568        crcdisk - ok
13:40:28.0729 4568        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:40:28.0791 4568        DfsC - ok
13:40:28.0947 4568        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:40:28.0994 4568        discache - ok
13:40:29.0056 4568        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:40:29.0087 4568        Disk - ok
13:40:29.0150 4568        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:40:29.0181 4568        drmkaud - ok
13:40:29.0212 4568        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:40:29.0243 4568        DXGKrnl - ok
13:40:29.0321 4568        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:40:29.0399 4568        ebdrv - ok
13:40:29.0571 4568        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:40:29.0602 4568        elxstor - ok
13:40:29.0649 4568        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:40:29.0696 4568        ErrDev - ok
13:40:29.0743 4568        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:40:29.0774 4568        exfat - ok
13:40:29.0836 4568        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:40:29.0899 4568        fastfat - ok
13:40:29.0930 4568        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:40:29.0961 4568        fdc - ok
13:40:30.0023 4568        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:40:30.0039 4568        FileInfo - ok
13:40:30.0101 4568        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:40:30.0148 4568        Filetrace - ok
13:40:30.0179 4568        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:30.0211 4568        flpydisk - ok
13:40:30.0242 4568        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:40:30.0273 4568        FltMgr - ok
13:40:30.0304 4568        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:40:30.0320 4568        FsDepends - ok
13:40:30.0413 4568        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:40:30.0445 4568        Fs_Rec - ok
13:40:30.0476 4568        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:40:30.0523 4568        fvevol - ok
13:40:30.0569 4568        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:40:30.0585 4568        gagp30kx - ok
13:40:30.0616 4568        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:40:30.0647 4568        hcw85cir - ok
13:40:30.0725 4568        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:40:30.0788 4568        HdAudAddService - ok
13:40:30.0835 4568        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:40:30.0897 4568        HDAudBus - ok
13:40:30.0928 4568        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:40:30.0975 4568        HidBatt - ok
13:40:31.0037 4568        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:40:31.0084 4568        HidBth - ok
13:40:31.0131 4568        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:40:31.0178 4568        HidIr - ok
13:40:31.0225 4568        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
13:40:31.0271 4568        HidUsb - ok
13:40:31.0396 4568        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:40:31.0427 4568        HpSAMD - ok
13:40:31.0474 4568        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:40:31.0537 4568        HTTP - ok
13:40:31.0568 4568        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:40:31.0599 4568        hwpolicy - ok
13:40:31.0677 4568        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:40:31.0693 4568        i8042prt - ok
13:40:31.0724 4568        iaStor          (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:40:31.0755 4568        iaStor - ok
13:40:31.0786 4568        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:40:31.0802 4568        iaStorV - ok
13:40:32.0051 4568        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:40:32.0161 4568        igfx - ok
13:40:32.0254 4568        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:40:32.0285 4568        iirsp - ok
13:40:32.0379 4568        IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
13:40:32.0441 4568        IntcAzAudAddService - ok
13:40:32.0488 4568        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:40:32.0535 4568        intelide - ok
13:40:32.0566 4568        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:40:32.0597 4568        intelppm - ok
13:40:32.0629 4568        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:32.0691 4568        IpFilterDriver - ok
13:40:32.0785 4568        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:40:32.0847 4568        IPMIDRV - ok
13:40:32.0878 4568        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:40:32.0956 4568        IPNAT - ok
13:40:33.0019 4568        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:40:33.0097 4568        IRENUM - ok
13:40:33.0143 4568        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:40:33.0175 4568        isapnp - ok
13:40:33.0190 4568        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:40:33.0221 4568        iScsiPrt - ok
13:40:33.0268 4568        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:40:33.0284 4568        kbdclass - ok
13:40:33.0315 4568        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
13:40:33.0331 4568        kbdhid - ok
13:40:33.0424 4568        KL1            (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
13:40:33.0455 4568        KL1 - ok
13:40:33.0487 4568        kl2            (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
13:40:33.0487 4568        kl2 - ok
13:40:33.0533 4568        KLIF            (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
13:40:33.0549 4568        KLIF - ok
13:40:33.0596 4568        KLIM6          (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
13:40:33.0611 4568        KLIM6 - ok
13:40:33.0736 4568        klmouflt        (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
13:40:33.0752 4568        klmouflt - ok
13:40:33.0799 4568        KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:40:33.0830 4568        KSecDD - ok
13:40:33.0845 4568        KSecPkg        (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:40:33.0861 4568        KSecPkg - ok
13:40:33.0955 4568        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:40:34.0017 4568        lltdio - ok
13:40:34.0079 4568        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:40:34.0095 4568        LSI_FC - ok
13:40:34.0126 4568        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:40:34.0142 4568        LSI_SAS - ok
13:40:34.0204 4568        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:40:34.0235 4568        LSI_SAS2 - ok
13:40:34.0235 4568        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:40:34.0251 4568        LSI_SCSI - ok
13:40:34.0267 4568        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:40:34.0313 4568        luafv - ok
13:40:34.0438 4568        LVRS            (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
13:40:34.0485 4568        LVRS - ok
13:40:34.0625 4568        LVUVC          (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
13:40:34.0719 4568        LVUVC - ok
13:40:34.0969 4568        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:40:35.0015 4568        megasas - ok
13:40:35.0031 4568        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:40:35.0047 4568        MegaSR - ok
13:40:35.0078 4568        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:40:35.0109 4568        Modem - ok
13:40:35.0234 4568        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:40:35.0281 4568        monitor - ok
13:40:35.0327 4568        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:40:35.0359 4568        mouclass - ok
13:40:35.0390 4568        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:40:35.0421 4568        mouhid - ok
13:40:35.0515 4568        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:40:35.0546 4568        mountmgr - ok
13:40:35.0561 4568        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:40:35.0577 4568        mpio - ok
13:40:35.0624 4568        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:40:35.0686 4568        mpsdrv - ok
13:40:35.0733 4568        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:40:35.0780 4568        MRxDAV - ok
13:40:35.0889 4568        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:35.0936 4568        mrxsmb - ok
13:40:35.0967 4568        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:36.0014 4568        mrxsmb10 - ok
13:40:36.0029 4568        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:36.0061 4568        mrxsmb20 - ok
13:40:36.0201 4568        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:40:36.0232 4568        msahci - ok
13:40:36.0248 4568        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:40:36.0279 4568        msdsm - ok
13:40:36.0295 4568        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:40:36.0341 4568        Msfs - ok
13:40:36.0404 4568        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:40:36.0466 4568        mshidkmdf - ok
13:40:36.0497 4568        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:40:36.0513 4568        msisadrv - ok
13:40:36.0544 4568        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:40:36.0575 4568        MSKSSRV - ok
13:40:36.0653 4568        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:36.0731 4568        MSPCLOCK - ok
13:40:36.0747 4568        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:40:36.0778 4568        MSPQM - ok
13:40:36.0825 4568        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:40:36.0841 4568        MsRPC - ok
13:40:36.0919 4568        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:40:36.0950 4568        mssmbios - ok
13:40:36.0997 4568        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:40:37.0028 4568        MSTEE - ok
13:40:37.0059 4568        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:40:37.0121 4568        MTConfig - ok
13:40:37.0231 4568        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:40:37.0262 4568        Mup - ok
13:40:37.0309 4568        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:40:37.0355 4568        NativeWifiP - ok
13:40:37.0387 4568        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:40:37.0402 4568        NDIS - ok
13:40:37.0511 4568        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:40:37.0589 4568        NdisCap - ok
13:40:37.0636 4568        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:37.0699 4568        NdisTapi - ok
13:40:37.0792 4568        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:37.0855 4568        Ndisuio - ok
13:40:37.0917 4568        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:37.0995 4568        NdisWan - ok
13:40:38.0042 4568        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:40:38.0104 4568        NDProxy - ok
13:40:38.0182 4568        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:40:38.0245 4568        NetBIOS - ok
13:40:38.0276 4568        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:40:38.0323 4568        NetBT - ok
13:40:38.0385 4568        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:40:38.0401 4568        nfrd960 - ok
13:40:38.0479 4568        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:40:38.0525 4568        Npfs - ok
13:40:38.0557 4568        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:40:38.0588 4568        nsiproxy - ok
13:40:38.0650 4568        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:40:38.0697 4568        Ntfs - ok
13:40:38.0775 4568        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:40:38.0837 4568        Null - ok
13:40:38.0869 4568        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:40:38.0884 4568        nvraid - ok
13:40:38.0900 4568        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:40:38.0915 4568        nvstor - ok
13:40:38.0947 4568        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:40:38.0962 4568        nv_agp - ok
13:40:39.0040 4568        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:40:39.0103 4568        ohci1394 - ok
13:40:39.0134 4568        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:40:39.0181 4568        Parport - ok
13:40:39.0212 4568        partmgr        (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:40:39.0243 4568        partmgr - ok
13:40:39.0337 4568        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:40:39.0399 4568        Parvdm - ok
13:40:39.0430 4568        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:40:39.0446 4568        pci - ok
13:40:39.0461 4568        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:40:39.0477 4568        pciide - ok
13:40:39.0508 4568        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:40:39.0524 4568        pcmcia - ok
13:40:39.0539 4568        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:40:39.0555 4568        pcw - ok
13:40:39.0633 4568        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:40:39.0695 4568        PEAUTH - ok
13:40:39.0742 4568        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:40:39.0789 4568        PptpMiniport - ok
13:40:39.0836 4568        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:40:39.0867 4568        Processor - ok
13:40:39.0976 4568        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:40:40.0039 4568        Psched - ok
13:40:40.0101 4568        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:40:40.0148 4568        ql2300 - ok
13:40:40.0163 4568        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:40:40.0179 4568        ql40xx - ok
13:40:40.0273 4568        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:40:40.0335 4568        QWAVEdrv - ok
13:40:40.0351 4568        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:40:40.0397 4568        RasAcd - ok
13:40:40.0475 4568        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:40:40.0553 4568        RasAgileVpn - ok
13:40:40.0631 4568        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:40:40.0694 4568        Rasl2tp - ok
13:40:40.0725 4568        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:40:40.0772 4568        RasPppoe - ok
13:40:40.0787 4568        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:40:40.0850 4568        RasSstp - ok
13:40:41.0193 4568        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:40:41.0240 4568        rdbss - ok
13:40:41.0302 4568        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:40:41.0365 4568        rdpbus - ok
13:40:41.0443 4568        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:40:41.0521 4568        RDPCDD - ok
13:40:41.0599 4568        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:40:41.0645 4568        RDPENCDD - ok
13:40:41.0677 4568        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:40:41.0723 4568        RDPREFMP - ok
13:40:41.0786 4568        RDPWD          (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:40:41.0864 4568        RDPWD - ok
13:40:41.0895 4568        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:40:41.0911 4568        rdyboost - ok
13:40:41.0989 4568        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:40:42.0067 4568        rspndr - ok
13:40:42.0113 4568        RTL8167        (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:40:42.0160 4568        RTL8167 - ok
13:40:42.0207 4568        RTL8192su      (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys
13:40:42.0223 4568        RTL8192su - ok
13:40:42.0301 4568        SbieDrv        (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Programme\Sandboxie\SbieDrv.sys
13:40:42.0347 4568        SbieDrv - ok
13:40:42.0472 4568        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:40:42.0519 4568        sbp2port - ok
13:40:42.0550 4568        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:40:42.0613 4568        scfilter - ok
13:40:42.0722 4568        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:40:42.0769 4568        secdrv - ok
13:40:42.0800 4568        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:40:42.0831 4568        Serenum - ok
13:40:42.0878 4568        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:40:42.0925 4568        Serial - ok
13:40:43.0003 4568        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:40:43.0049 4568        sermouse - ok
13:40:43.0081 4568        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:40:43.0112 4568        sffdisk - ok
13:40:43.0127 4568        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:40:43.0159 4568        sffp_mmc - ok
13:40:43.0174 4568        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
13:40:43.0221 4568        sffp_sd - ok
13:40:43.0486 4568        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:40:43.0549 4568        sfloppy - ok
13:40:43.0658 4568        Sftfs          (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:40:43.0689 4568        Sftfs - ok
13:40:43.0751 4568        Sftplay        (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:40:43.0798 4568        Sftplay - ok
13:40:43.0814 4568        Sftredir        (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:40:43.0829 4568        Sftredir - ok
13:40:43.0892 4568        Sftvol          (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:40:43.0923 4568        Sftvol - ok
13:40:43.0970 4568        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:40:44.0017 4568        sisagp - ok
13:40:44.0063 4568        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:40:44.0079 4568        SiSRaid2 - ok
13:40:44.0157 4568        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:40:44.0204 4568        SiSRaid4 - ok
13:40:44.0251 4568        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:40:44.0282 4568        Smb - ok
13:40:44.0329 4568        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:40:44.0344 4568        spldr - ok
13:40:44.0438 4568        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:40:44.0500 4568        srv - ok
13:40:44.0531 4568        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:40:44.0594 4568        srv2 - ok
13:40:44.0625 4568        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:40:44.0656 4568        srvnet - ok
13:40:44.0812 4568        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:40:44.0843 4568        stexstor - ok
13:40:44.0999 4568        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:40:45.0031 4568        swenum - ok
13:40:45.0187 4568        Tcpip          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:40:45.0233 4568        Tcpip - ok
13:40:45.0265 4568        TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:40:45.0296 4568        TCPIP6 - ok
13:40:45.0311 4568        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:40:45.0343 4568        tcpipreg - ok
13:40:45.0389 4568        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:40:45.0467 4568        TDPIPE - ok
13:40:45.0530 4568        TDTCP          (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:40:45.0608 4568        TDTCP - ok
13:40:45.0655 4568        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:40:45.0701 4568        tdx - ok
13:40:45.0748 4568        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:40:45.0779 4568        TermDD - ok
13:40:45.0998 4568        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:40:46.0076 4568        tssecsrv - ok
13:40:46.0123 4568        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:40:46.0169 4568        TsUsbFlt - ok
13:40:46.0294 4568        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:40:46.0357 4568        tunnel - ok
13:40:46.0388 4568        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:40:46.0403 4568        uagp35 - ok
13:40:46.0435 4568        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:40:46.0513 4568        udfs - ok
13:40:46.0669 4568        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:40:46.0700 4568        uliagpkx - ok
13:40:46.0731 4568        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:40:46.0762 4568        umbus - ok
13:40:46.0778 4568        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:40:46.0809 4568        UmPass - ok
13:40:47.0012 4568        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:40:47.0105 4568        usbaudio - ok
13:40:47.0293 4568        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:40:47.0355 4568        usbccgp - ok
13:40:47.0402 4568        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:40:47.0433 4568        usbcir - ok
13:40:47.0542 4568        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:40:47.0605 4568        usbehci - ok
13:40:47.0651 4568        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:40:47.0714 4568        usbhub - ok
13:40:47.0870 4568        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:40:47.0932 4568        usbohci - ok
13:40:47.0995 4568        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:40:48.0057 4568        usbprint - ok
13:40:48.0229 4568        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:40:48.0291 4568        USBSTOR - ok
13:40:48.0338 4568        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:40:48.0385 4568        usbuhci - ok
13:40:48.0431 4568        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:40:48.0478 4568        usbvideo - ok
13:40:48.0509 4568        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:40:48.0525 4568        vdrvroot - ok
13:40:48.0572 4568        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:40:48.0634 4568        vga - ok
13:40:48.0665 4568        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:40:48.0697 4568        VgaSave - ok
13:40:48.0728 4568        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:40:48.0743 4568        vhdmp - ok
13:40:48.0790 4568        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:40:48.0837 4568        viaagp - ok
13:40:48.0884 4568        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:40:48.0915 4568        ViaC7 - ok
13:40:48.0962 4568        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:40:48.0977 4568        viaide - ok
13:40:48.0993 4568        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:40:49.0009 4568        volmgr - ok
13:40:49.0040 4568        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:40:49.0087 4568        volmgrx - ok
13:40:49.0149 4568        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:40:49.0180 4568        volsnap - ok
13:40:49.0211 4568        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:40:49.0227 4568        vsmraid - ok
13:40:49.0243 4568        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:40:49.0274 4568        vwifibus - ok
13:40:49.0305 4568        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:40:49.0336 4568        vwififlt - ok
13:40:49.0523 4568        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:40:49.0586 4568        WacomPen - ok
13:40:49.0664 4568        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0726 4568        WANARP - ok
13:40:49.0726 4568        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0757 4568        Wanarpv6 - ok
13:40:49.0867 4568        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:40:49.0898 4568        Wd - ok
13:40:50.0023 4568        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:40:50.0054 4568        Wdf01000 - ok
13:40:50.0132 4568        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:40:50.0179 4568        WfpLwf - ok
13:40:50.0257 4568        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:40:50.0288 4568        WIMMount - ok
13:40:50.0335 4568        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:40:50.0366 4568        WmiAcpi - ok
13:40:50.0397 4568        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:40:50.0444 4568        ws2ifsl - ok
13:40:50.0491 4568        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:40:50.0522 4568        WudfPf - ok
13:40:50.0600 4568        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:40:50.0647 4568        WUDFRd - ok
13:40:50.0678 4568        XDva391 - ok
13:40:50.0709 4568        MBR (0x1B8)    (4624822e540ec83cd0819525c65846ba) \Device\Harddisk0\DR0
13:40:51.0395 4568        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:40:51.0395 4568        \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:40:51.0411 4568        Boot (0x1200)  (e4598dd304b5c05e27e3c867efb0eb0c) \Device\Harddisk0\DR0\Partition0
13:40:51.0411 4568        \Device\Harddisk0\DR0\Partition0 - ok
13:40:51.0427 4568        Boot (0x1200)  (046bbd7303f14eb983a3f0c302651470) \Device\Harddisk0\DR0\Partition1
13:40:51.0442 4568        \Device\Harddisk0\DR0\Partition1 - ok
13:40:51.0473 4568        Boot (0x1200)  (376b50b18dd730f4a63e4b8227f4638c) \Device\Harddisk0\DR0\Partition2
13:40:51.0473 4568        \Device\Harddisk0\DR0\Partition2 - ok
13:40:51.0473 4568        ============================================================
13:40:51.0473 4568        Scan finished
13:40:51.0473 4568        ============================================================
13:40:51.0489 4236        Detected object count: 1
13:40:51.0489 4236        Actual detected object count: 1
13:41:45.0902 4236        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:41:45.0902 4236        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:41:52.0781 4360        ============================================================
13:41:52.0781 4360        Scan started
13:41:52.0781 4360        Mode: Manual; SigCheck; TDLFS;
13:41:52.0781 4360        ============================================================
13:41:53.0156 4360        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:41:53.0203 4360        1394ohci - ok
13:41:53.0234 4360        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:41:53.0249 4360        ACPI - ok
13:41:53.0281 4360        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:41:53.0296 4360        AcpiPmi - ok
13:41:53.0390 4360        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:41:53.0437 4360        adp94xx - ok
13:41:53.0437 4360        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:41:53.0452 4360        adpahci - ok
13:41:53.0483 4360        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:41:53.0499 4360        adpu320 - ok
13:41:53.0530 4360        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:41:53.0546 4360        AFD - ok
13:41:53.0624 4360        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:41:53.0639 4360        agp440 - ok
13:41:53.0671 4360        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:41:53.0686 4360        aic78xx - ok
13:41:53.0717 4360        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:41:53.0733 4360        aliide - ok
13:41:53.0749 4360        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:41:53.0764 4360        amdagp - ok
13:41:53.0780 4360        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:41:53.0795 4360        amdide - ok
13:41:53.0811 4360        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:41:53.0811 4360        AmdK8 - ok
13:41:53.0936 4360        amdkmdag        (51610b74a9a1d84dc86fce1019beaff4) C:\Windows\system32\DRIVERS\atikmdag.sys
13:41:53.0998 4360        amdkmdag - ok
13:41:54.0061 4360        amdkmdap        (cd1d86ab81eece67d7bd6f7ef9786ccc) C:\Windows\system32\DRIVERS\atikmpag.sys
13:41:54.0076 4360        amdkmdap - ok
13:41:54.0107 4360        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:41:54.0123 4360        AmdPPM - ok
13:41:54.0154 4360        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:41:54.0170 4360        amdsata - ok
13:41:54.0185 4360        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:41:54.0201 4360        amdsbs - ok
13:41:54.0263 4360        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:41:54.0279 4360        amdxata - ok
13:41:54.0326 4360        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:41:54.0373 4360        AppID - ok
13:41:54.0388 4360        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:41:54.0404 4360        arc - ok
13:41:54.0419 4360        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:41:54.0435 4360        arcsas - ok
13:41:54.0451 4360        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:41:54.0482 4360        AsyncMac - ok
13:41:54.0497 4360        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:41:54.0513 4360        atapi - ok
13:41:54.0591 4360        AtiHdmiService  (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
13:41:54.0607 4360        AtiHdmiService - ok
13:41:54.0638 4360        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:41:54.0653 4360        b06bdrv - ok
13:41:54.0669 4360        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:41:54.0685 4360        b57nd60x - ok
13:41:54.0700 4360        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:41:54.0731 4360        Beep - ok
13:41:54.0763 4360        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:41:54.0778 4360        blbdrive - ok
13:41:54.0841 4360        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:41:54.0856 4360        bowser - ok
13:41:54.0872 4360        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:41:54.0887 4360        BrFiltLo - ok
13:41:54.0903 4360        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:41:54.0919 4360        BrFiltUp - ok
13:41:54.0950 4360        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:41:54.0965 4360        Brserid - ok
13:41:54.0981 4360        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:41:54.0997 4360        BrSerWdm - ok
13:41:55.0075 4360        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:41:55.0106 4360        BrUsbMdm - ok
13:41:55.0137 4360        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:41:55.0153 4360        BrUsbSer - ok
13:41:55.0168 4360        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:41:55.0184 4360        BTHMODEM - ok
13:41:55.0199 4360        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:41:55.0231 4360        cdfs - ok
13:41:55.0262 4360        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:41:55.0277 4360        cdrom - ok
13:41:55.0340 4360        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:41:55.0355 4360        circlass - ok
13:41:55.0387 4360        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:41:55.0402 4360        CLFS - ok
13:41:55.0433 4360        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:41:55.0449 4360        CmBatt - ok
13:41:55.0465 4360        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:41:55.0480 4360        cmdide - ok
13:41:55.0496 4360        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:41:55.0511 4360        CNG - ok
13:41:55.0589 4360        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:41:55.0605 4360        Compbatt - ok
13:41:55.0636 4360        CompFilter      (bc6b87086ff0d99f87fe8af9a919a1e7) C:\Windows\system32\DRIVERS\lvbusflt.sys
13:41:55.0652 4360        CompFilter - ok
13:41:55.0683 4360        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:41:55.0699 4360        CompositeBus - ok
13:41:55.0730 4360        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:41:55.0745 4360        crcdisk - ok
13:41:55.0792 4360        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:41:55.0808 4360        DfsC - ok
13:41:55.0870 4360        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:41:55.0901 4360        discache - ok
13:41:55.0917 4360        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:41:55.0933 4360        Disk - ok
13:41:55.0964 4360        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:41:55.0979 4360        drmkaud - ok
13:41:56.0011 4360        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:41:56.0042 4360        DXGKrnl - ok
13:41:56.0104 4360        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:41:56.0151 4360        ebdrv - ok
13:41:56.0213 4360        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:41:56.0229 4360        elxstor - ok
13:41:56.0260 4360        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:41:56.0276 4360        ErrDev - ok
13:41:56.0307 4360        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:41:56.0323 4360        exfat - ok
13:41:56.0338 4360        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:41:56.0354 4360        fastfat - ok
13:41:56.0385 4360        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:41:56.0401 4360        fdc - ok
13:41:56.0479 4360        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:41:56.0494 4360        FileInfo - ok
13:41:56.0510 4360        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:41:56.0525 4360        Filetrace - ok
13:41:56.0557 4360        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:41:56.0572 4360        flpydisk - ok
13:41:56.0588 4360        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:41:56.0603 4360        FltMgr - ok
13:41:56.0619 4360        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:41:56.0635 4360        FsDepends - ok
13:41:56.0650 4360        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:41:56.0666 4360        Fs_Rec - ok
13:41:56.0697 4360        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:41:56.0713 4360        fvevol - ok
13:41:56.0791 4360        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:41:56.0822 4360        gagp30kx - ok
13:41:56.0837 4360        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:41:56.0853 4360        hcw85cir - ok
13:41:56.0869 4360        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:41:56.0900 4360        HdAudAddService - ok
13:41:56.0931 4360        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:41:56.0947 4360        HDAudBus - ok
13:41:57.0025 4360        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:41:57.0056 4360        HidBatt - ok
13:41:57.0071 4360        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:41:57.0087 4360        HidBth - ok
13:41:57.0103 4360        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:41:57.0118 4360        HidIr - ok
13:41:57.0134 4360        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
13:41:57.0149 4360        HidUsb - ok
13:41:57.0181 4360        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:41:57.0196 4360        HpSAMD - ok
13:41:57.0227 4360        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:41:57.0259 4360        HTTP - ok
13:41:57.0337 4360        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:41:57.0368 4360        hwpolicy - ok
13:41:57.0383 4360        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:41:57.0399 4360        i8042prt - ok
13:41:57.0430 4360        iaStor          (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:41:57.0446 4360        iaStor - ok
13:41:57.0477 4360        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:41:57.0493 4360        iaStorV - ok
13:41:57.0586 4360        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:41:57.0649 4360        igfx - ok
13:41:57.0711 4360        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:41:57.0742 4360        iirsp - ok
13:41:57.0820 4360        IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
13:41:57.0851 4360        IntcAzAudAddService - ok
13:41:57.0883 4360        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:41:57.0898 4360        intelide - ok
13:41:57.0914 4360        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:41:57.0929 4360        intelppm - ok
13:41:57.0992 4360        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:58.0039 4360        IpFilterDriver - ok
13:41:58.0070 4360        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:41:58.0085 4360        IPMIDRV - ok
13:41:58.0101 4360        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:41:58.0132 4360        IPNAT - ok
13:41:58.0148 4360        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:41:58.0163 4360        IRENUM - ok
13:41:58.0179 4360        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:41:58.0195 4360        isapnp - ok
13:41:58.0210 4360        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:41:58.0226 4360        iScsiPrt - ok
13:41:58.0288 4360        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:41:58.0319 4360        kbdclass - ok
13:41:58.0351 4360        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
13:41:58.0366 4360        kbdhid - ok
13:41:58.0397 4360        KL1            (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
13:41:58.0413 4360        KL1 - ok
13:41:58.0429 4360        kl2            (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
13:41:58.0444 4360        kl2 - ok
13:41:58.0522 4360        KLIF            (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
13:41:58.0553 4360        KLIF - ok
13:41:58.0569 4360        KLIM6          (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
13:41:58.0585 4360        KLIM6 - ok
13:41:58.0600 4360        klmouflt        (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
13:41:58.0600 4360        klmouflt - ok
13:41:58.0631 4360        KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:41:58.0647 4360        KSecDD - ok
13:41:58.0678 4360        KSecPkg        (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:41:58.0678 4360        KSecPkg - ok
13:41:58.0756 4360        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:41:58.0819 4360        lltdio - ok
13:41:58.0834 4360        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:41:58.0850 4360        LSI_FC - ok
13:41:58.0881 4360        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:41:58.0897 4360        LSI_SAS - ok
13:41:58.0928 4360        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:41:58.0943 4360        LSI_SAS2 - ok
13:41:58.0959 4360        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:41:58.0975 4360        LSI_SCSI - ok
13:41:59.0021 4360        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:41:59.0068 4360        luafv - ok
13:41:59.0099 4360        LVRS            (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
13:41:59.0115 4360        LVRS - ok
13:41:59.0193 4360        LVUVC          (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
13:41:59.0255 4360        LVUVC - ok
13:41:59.0287 4360        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:41:59.0302 4360        megasas - ok
13:41:59.0365 4360        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:41:59.0396 4360        MegaSR - ok
13:41:59.0458 4360        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:41:59.0489 4360        Modem - ok
13:41:59.0536 4360        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:41:59.0567 4360        monitor - ok
13:41:59.0599 4360        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:41:59.0614 4360        mouclass - ok
13:41:59.0630 4360        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:41:59.0661 4360        mouhid - ok
13:41:59.0692 4360        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:41:59.0708 4360        mountmgr - ok
13:41:59.0755 4360        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:41:59.0786 4360        mpio - ok
13:41:59.0817 4360        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:41:59.0864 4360        mpsdrv - ok
13:41:59.0895 4360        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:41:59.0911 4360        MRxDAV - ok
13:41:59.0942 4360        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:59.0957 4360        mrxsmb - ok
13:42:00.0004 4360        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:00.0020 4360        mrxsmb10 - ok
13:42:00.0035 4360        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:00.0051 4360        mrxsmb20 - ok
13:42:00.0098 4360        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:42:00.0113 4360        msahci - ok
13:42:00.0129 4360        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:42:00.0145 4360        msdsm - ok
13:42:00.0176 4360        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:42:00.0191 4360        Msfs - ok
13:42:00.0238 4360        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:42:00.0269 4360        mshidkmdf - ok
13:42:00.0285 4360        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:42:00.0301 4360        msisadrv - ok
13:42:00.0316 4360        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:42:00.0347 4360        MSKSSRV - ok
13:42:00.0363 4360        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:00.0394 4360        MSPCLOCK - ok
13:42:00.0394 4360        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:42:00.0425 4360        MSPQM - ok
13:42:00.0441 4360        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:42:00.0457 4360        MsRPC - ok
13:42:00.0472 4360        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:42:00.0488 4360        mssmbios - ok
13:42:00.0535 4360        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:42:00.0566 4360        MSTEE - ok
13:42:00.0597 4360        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:42:00.0597 4360        MTConfig - ok
13:42:00.0628 4360        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:42:00.0644 4360        Mup - ok
13:42:00.0659 4360        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:42:00.0675 4360        NativeWifiP - ok
13:42:00.0722 4360        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:42:00.0737 4360        NDIS - ok
13:42:00.0815 4360        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:00.0878 4360        NdisCap - ok
13:42:00.0893 4360        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:00.0909 4360        NdisTapi - ok
13:42:00.0940 4360        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:00.0971 4360        Ndisuio - ok
13:42:00.0987 4360        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:01.0018 4360        NdisWan - ok
13:42:01.0081 4360        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:42:01.0127 4360        NDProxy - ok
13:42:01.0143 4360        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:42:01.0190 4360        NetBIOS - ok
13:42:01.0221 4360        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:42:01.0237 4360        NetBT - ok
13:42:01.0283 4360        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:42:01.0299 4360        nfrd960 - ok
13:42:01.0315 4360        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:42:01.0346 4360        Npfs - ok
13:42:01.0361 4360        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:42:01.0377 4360        nsiproxy - ok
13:42:01.0486 4360        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:42:01.0517 4360        Ntfs - ok
13:42:01.0549 4360        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:42:01.0580 4360        Null - ok
13:42:01.0595 4360        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:42:01.0611 4360        nvraid - ok
13:42:01.0642 4360        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:42:01.0642 4360        nvstor - ok
13:42:01.0658 4360        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:42:01.0673 4360        nv_agp - ok
13:42:01.0751 4360        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:42:01.0783 4360        ohci1394 - ok
13:42:01.0814 4360        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:42:01.0829 4360        Parport - ok
13:42:01.0861 4360        partmgr        (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:42:01.0876 4360        partmgr - ok
13:42:01.0892 4360        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:42:01.0907 4360        Parvdm - ok
13:42:01.0939 4360        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:42:01.0954 4360        pci - ok
13:42:02.0001 4360        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:42:02.0032 4360        pciide - ok
13:42:02.0063 4360        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:42:02.0079 4360        pcmcia - ok
13:42:02.0095 4360        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:42:02.0110 4360        pcw - ok
13:42:02.0141 4360        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:42:02.0173 4360        PEAUTH - ok
13:42:02.0219 4360        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:42:02.0235 4360        PptpMiniport - ok
13:42:02.0251 4360        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:42:02.0266 4360        Processor - ok
13:42:02.0344 4360        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:42:02.0391 4360        Psched - ok
13:42:02.0422 4360        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:42:02.0453 4360        ql2300 - ok
13:42:02.0485 4360        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:42:02.0500 4360        ql40xx - ok
13:42:02.0547 4360        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:42:02.0563 4360        QWAVEdrv - ok
13:42:02.0578 4360        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:42:02.0609 4360        RasAcd - ok
13:42:02.0672 4360        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:02.0719 4360        RasAgileVpn - ok
13:42:02.0734 4360        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:02.0765 4360        Rasl2tp - ok
13:42:02.0781 4360        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:02.0812 4360        RasPppoe - ok
13:42:02.0828 4360        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:42:02.0859 4360        RasSstp - ok
13:42:02.0875 4360        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:42:02.0906 4360        rdbss - ok
13:42:02.0968 4360        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:42:02.0999 4360        rdpbus - ok
13:42:03.0031 4360        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:03.0062 4360        RDPCDD - ok
13:42:03.0093 4360        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:42:03.0124 4360        RDPENCDD - ok
13:42:03.0140 4360        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:42:03.0155 4360        RDPREFMP - ok
13:42:03.0202 4360        RDPWD          (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:42:03.0218 4360        RDPWD - ok
13:42:03.0296 4360        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:42:03.0311 4360        rdyboost - ok
13:42:03.0358 4360        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:42:03.0374 4360        rspndr - ok
13:42:03.0405 4360        RTL8167        (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:42:03.0421 4360        RTL8167 - ok
13:42:03.0452 4360        RTL8192su      (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys
13:42:03.0467 4360        RTL8192su - ok
13:42:03.0530 4360        SbieDrv        (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Programme\Sandboxie\SbieDrv.sys
13:42:03.0561 4360        SbieDrv - ok
13:42:03.0655 4360        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:42:03.0670 4360        sbp2port - ok
13:42:03.0701 4360        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:42:03.0733 4360        scfilter - ok
13:42:03.0779 4360        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:42:03.0795 4360        secdrv - ok
13:42:03.0826 4360        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:42:03.0842 4360        Serenum - ok
13:42:03.0857 4360        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:42:03.0873 4360        Serial - ok
13:42:03.0951 4360        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:42:03.0951 4360        sermouse - ok
13:42:03.0982 4360        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:42:03.0998 4360        sffdisk - ok
13:42:04.0013 4360        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:42:04.0029 4360        sffp_mmc - ok
13:42:04.0060 4360        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
13:42:04.0060 4360        sffp_sd - ok
13:42:04.0091 4360        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:42:04.0107 4360        sfloppy - ok
13:42:04.0201 4360        Sftfs          (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:42:04.0232 4360        Sftfs - ok
13:42:04.0279 4360        Sftplay        (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:42:04.0310 4360        Sftplay - ok
13:42:04.0326 4360        Sftredir        (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:42:04.0341 4360        Sftredir - ok
13:42:04.0357 4360        Sftvol          (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:42:04.0357 4360        Sftvol - ok
13:42:04.0404 4360        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:42:04.0419 4360        sisagp - ok
13:42:04.0497 4360        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:42:04.0513 4360        SiSRaid2 - ok
13:42:04.0544 4360        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:42:04.0575 4360        SiSRaid4 - ok
13:42:04.0591 4360        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:42:04.0622 4360        Smb - ok
13:42:04.0653 4360        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:42:04.0669 4360        spldr - ok
13:42:04.0700 4360        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:42:04.0716 4360        srv - ok
13:42:04.0778 4360        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:42:04.0809 4360        srv2 - ok
13:42:04.0825 4360        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:42:04.0840 4360        srvnet - ok
13:42:04.0872 4360        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:42:04.0887 4360        stexstor - ok
13:42:04.0934 4360        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:42:04.0950 4360        swenum - ok
13:42:05.0059 4360        Tcpip          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:42:05.0090 4360        Tcpip - ok
13:42:05.0121 4360        TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:42:05.0137 4360        TCPIP6 - ok
13:42:05.0168 4360        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:42:05.0199 4360        tcpipreg - ok
13:42:05.0230 4360        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:42:05.0262 4360        TDPIPE - ok
13:42:05.0262 4360        TDTCP          (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:42:05.0293 4360        TDTCP - ok
13:42:05.0324 4360        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:42:05.0355 4360        tdx - ok
13:42:05.0433 4360        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:42:05.0449 4360        TermDD - ok
13:42:05.0496 4360        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:42:05.0527 4360        tssecsrv - ok
13:42:05.0558 4360        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:42:05.0574 4360        TsUsbFlt - ok
13:42:05.0589 4360        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:42:05.0620 4360        tunnel - ok
13:42:05.0683 4360        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:42:05.0714 4360        uagp35 - ok
13:42:05.0745 4360        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:42:05.0776 4360        udfs - ok
13:42:05.0823 4360        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:42:05.0823 4360        uliagpkx - ok
13:42:05.0854 4360        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:42:05.0854 4360        umbus - ok
13:42:05.0886 4360        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:42:05.0901 4360        UmPass - ok
13:42:05.0917 4360        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:42:05.0932 4360        usbaudio - ok
13:42:06.0010 4360        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:42:06.0026 4360        usbccgp - ok
13:42:06.0057 4360        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:42:06.0073 4360        usbcir - ok
13:42:06.0088 4360        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:42:06.0104 4360        usbehci - ok
13:42:06.0120 4360        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:42:06.0135 4360        usbhub - ok
13:42:06.0151 4360        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:42:06.0166 4360        usbohci - ok
13:42:06.0198 4360        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:42:06.0213 4360        usbprint - ok
13:42:06.0291 4360        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:42:06.0338 4360        USBSTOR - ok
13:42:06.0354 4360        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:42:06.0369 4360        usbuhci - ok
13:42:06.0385 4360        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:42:06.0400 4360        usbvideo - ok
13:42:06.0416 4360        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:42:06.0432 4360        vdrvroot - ok
13:42:06.0447 4360        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:42:06.0463 4360        vga - ok
13:42:06.0525 4360        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:42:06.0572 4360        VgaSave - ok
13:42:06.0603 4360        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:42:06.0619 4360        vhdmp - ok
13:42:06.0634 4360        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:42:06.0650 4360        viaagp - ok
13:42:06.0681 4360        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:42:06.0697 4360        ViaC7 - ok
13:42:06.0759 4360        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:42:06.0790 4360        viaide - ok
13:42:06.0806 4360        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:42:06.0822 4360        volmgr - ok
13:42:06.0853 4360        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:42:06.0868 4360        volmgrx - ok
13:42:06.0900 4360        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:42:06.0931 4360        volsnap - ok
13:42:06.0993 4360        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:42:07.0009 4360        vsmraid - ok
13:42:07.0024 4360        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:42:07.0040 4360        vwifibus - ok
13:42:07.0056 4360        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:42:07.0087 4360        vwififlt - ok
13:42:07.0118 4360        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:42:07.0118 4360        WacomPen - ok
13:42:07.0149 4360        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:07.0165 4360        WANARP - ok
13:42:07.0180 4360        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:07.0196 4360        Wanarpv6 - ok
13:42:07.0274 4360        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:42:07.0305 4360        Wd - ok
13:42:07.0321 4360        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:42:07.0352 4360        Wdf01000 - ok
13:42:07.0383 4360        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:42:07.0414 4360        WfpLwf - ok
13:42:07.0430 4360        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:42:07.0446 4360        WIMMount - ok
13:42:07.0477 4360        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:42:07.0492 4360        WmiAcpi - ok
13:42:07.0570 4360        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:42:07.0602 4360        ws2ifsl - ok
13:42:07.0648 4360        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:42:07.0664 4360        WudfPf - ok
13:42:07.0680 4360        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:42:07.0711 4360        WUDFRd - ok
13:42:07.0742 4360        XDva391 - ok
13:42:07.0773 4360        MBR (0x1B8)    (4624822e540ec83cd0819525c65846ba) \Device\Harddisk0\DR0
13:42:08.0397 4360        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:42:08.0397 4360        \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:42:08.0444 4360        Boot (0x1200)  (e4598dd304b5c05e27e3c867efb0eb0c) \Device\Harddisk0\DR0\Partition0
13:42:08.0444 4360        \Device\Harddisk0\DR0\Partition0 - ok
13:42:08.0460 4360        Boot (0x1200)  (046bbd7303f14eb983a3f0c302651470) \Device\Harddisk0\DR0\Partition1
13:42:08.0460 4360        \Device\Harddisk0\DR0\Partition1 - ok
13:42:08.0506 4360        Boot (0x1200)  (376b50b18dd730f4a63e4b8227f4638c) \Device\Harddisk0\DR0\Partition2
13:42:08.0506 4360        \Device\Harddisk0\DR0\Partition2 - ok
13:42:08.0506 4360        ============================================================
13:42:08.0506 4360        Scan finished
13:42:08.0506 4360        ============================================================
13:42:08.0506 3404        Detected object count: 1
13:42:08.0506 3404        Actual detected object count: 1
13:42:11.0580 3404        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:42:11.0580 3404        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:25 Uhr.
Seite 1 von 5 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131