| video7de | 29.12.2011 11:26 |
Lieber Chris,
Sie schickt der Himmel! Antivir funktioniert und der redirect ist auch hinfort!!! Nach ewigem wuseln nun nach 10 Minuten die Lösung.
Hier die Dateien:
TDSS Code:
10:51:45.0860 2640 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
10:51:45.0969 2640 ============================================================
10:51:45.0969 2640 Current date / time: 2011/12/29 10:51:45.0969
10:51:45.0969 2640 SystemInfo:
10:51:45.0969 2640
10:51:45.0969 2640 OS Version: 6.1.7600 ServicePack: 0.0
10:51:45.0969 2640 Product type: Workstation
10:51:45.0969 2640 ComputerName: LENOVO_LAPTOP
10:51:45.0969 2640 UserName: Raphael
10:51:45.0969 2640 Windows directory: C:\Windows
10:51:45.0969 2640 System windows directory: C:\Windows
10:51:45.0969 2640 Processor architecture: Intel x86
10:51:45.0969 2640 Number of processors: 2
10:51:45.0969 2640 Page size: 0x1000
10:51:45.0969 2640 Boot type: Normal boot
10:51:45.0969 2640 ============================================================
10:51:47.0888 2640 Initialize success
10:52:13.0051 3028 ============================================================
10:52:13.0051 3028 Scan started
10:52:13.0051 3028 Mode: Manual;
10:52:13.0051 3028 ============================================================
10:52:16.0374 3028 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
10:52:16.0389 3028 1394ohci - ok
10:52:16.0483 3028 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
10:52:16.0483 3028 ACPI - ok
10:52:16.0514 3028 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
10:52:16.0514 3028 AcpiPmi - ok
10:52:16.0561 3028 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:52:16.0577 3028 adp94xx - ok
10:52:16.0623 3028 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:52:16.0655 3028 adpahci - ok
10:52:16.0670 3028 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:52:16.0686 3028 adpu320 - ok
10:52:16.0779 3028 AF15BDA (5b1ef06f0cdcf7ed33bd5d99e9421f02) C:\Windows\system32\DRIVERS\AF15BDA.sys
10:52:16.0795 3028 AF15BDA - ok
10:52:16.0873 3028 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
10:52:16.0904 3028 AFD - ok
10:52:16.0935 3028 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
10:52:16.0935 3028 agp440 - ok
10:52:16.0967 3028 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:52:16.0982 3028 aic78xx - ok
10:52:17.0013 3028 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
10:52:17.0029 3028 aliide - ok
10:52:17.0076 3028 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
10:52:17.0076 3028 amdagp - ok
10:52:17.0091 3028 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
10:52:17.0091 3028 amdide - ok
10:52:17.0123 3028 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:52:17.0123 3028 AmdK8 - ok
10:52:17.0185 3028 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:52:17.0201 3028 AmdPPM - ok
10:52:17.0247 3028 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
10:52:17.0247 3028 amdsata - ok
10:52:17.0279 3028 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:52:17.0279 3028 amdsbs - ok
10:52:17.0310 3028 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
10:52:17.0310 3028 amdxata - ok
10:52:17.0419 3028 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
10:52:17.0419 3028 AppID - ok
10:52:17.0481 3028 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:52:17.0481 3028 arc - ok
10:52:17.0497 3028 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:52:17.0513 3028 arcsas - ok
10:52:17.0544 3028 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:52:17.0544 3028 AsyncMac - ok
10:52:17.0575 3028 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
10:52:17.0575 3028 atapi - ok
10:52:17.0653 3028 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
10:52:17.0653 3028 avgntflt - ok
10:52:17.0700 3028 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
10:52:17.0700 3028 avipbb - ok
10:52:17.0731 3028 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:52:17.0731 3028 avkmgr - ok
10:52:17.0825 3028 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:52:17.0856 3028 b06bdrv - ok
10:52:17.0903 3028 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:52:17.0934 3028 b57nd60x - ok
10:52:17.0981 3028 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:52:17.0981 3028 Beep - ok
10:52:18.0027 3028 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:52:18.0027 3028 blbdrive - ok
10:52:18.0074 3028 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
10:52:18.0090 3028 bowser - ok
10:52:18.0105 3028 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:52:18.0121 3028 BrFiltLo - ok
10:52:18.0137 3028 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:52:18.0152 3028 BrFiltUp - ok
10:52:18.0183 3028 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:52:18.0199 3028 Brserid - ok
10:52:18.0230 3028 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:52:18.0246 3028 BrSerWdm - ok
10:52:18.0261 3028 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:52:18.0277 3028 BrUsbMdm - ok
10:52:18.0308 3028 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:52:18.0308 3028 BrUsbSer - ok
10:52:18.0371 3028 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
10:52:18.0386 3028 BthEnum - ok
10:52:18.0417 3028 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:52:18.0417 3028 BTHMODEM - ok
10:52:18.0480 3028 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
10:52:18.0480 3028 BthPan - ok
10:52:18.0558 3028 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\Windows\System32\Drivers\BTHport.sys
10:52:18.0636 3028 BTHPORT - ok
10:52:18.0714 3028 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\Windows\System32\Drivers\BTHUSB.sys
10:52:18.0714 3028 BTHUSB - ok
10:52:18.0776 3028 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:52:18.0792 3028 cdfs - ok
10:52:18.0854 3028 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
10:52:18.0870 3028 cdrom - ok
10:52:18.0932 3028 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:52:18.0948 3028 circlass - ok
10:52:18.0995 3028 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:52:19.0026 3028 CLFS - ok
10:52:19.0057 3028 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:52:19.0073 3028 CmBatt - ok
10:52:19.0088 3028 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
10:52:19.0088 3028 cmdide - ok
10:52:19.0119 3028 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
10:52:19.0135 3028 CNG - ok
10:52:19.0166 3028 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:52:19.0166 3028 Compbatt - ok
10:52:19.0197 3028 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:52:19.0213 3028 CompositeBus - ok
10:52:19.0244 3028 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:52:19.0244 3028 crcdisk - ok
10:52:19.0338 3028 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
10:52:19.0353 3028 CSC - ok
10:52:19.0431 3028 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
10:52:19.0447 3028 DfsC - ok
10:52:19.0463 3028 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:52:19.0463 3028 discache - ok
10:52:19.0509 3028 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:52:19.0509 3028 Disk - ok
10:52:19.0587 3028 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:52:19.0587 3028 drmkaud - ok
10:52:19.0650 3028 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
10:52:19.0665 3028 DXGKrnl - ok
10:52:19.0806 3028 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:52:19.0884 3028 ebdrv - ok
10:52:19.0962 3028 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:52:19.0977 3028 elxstor - ok
10:52:20.0009 3028 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
10:52:20.0009 3028 ErrDev - ok
10:52:20.0118 3028 esgiguard - ok
10:52:20.0180 3028 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:52:20.0196 3028 exfat - ok
10:52:20.0227 3028 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:52:20.0243 3028 fastfat - ok
10:52:20.0274 3028 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:52:20.0274 3028 fdc - ok
10:52:20.0305 3028 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:52:20.0321 3028 FileInfo - ok
10:52:20.0336 3028 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:52:20.0336 3028 Filetrace - ok
10:52:20.0352 3028 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:52:20.0367 3028 flpydisk - ok
10:52:20.0399 3028 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:52:20.0414 3028 FltMgr - ok
10:52:20.0461 3028 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:52:20.0461 3028 FsDepends - ok
10:52:20.0492 3028 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
10:52:20.0492 3028 Fs_Rec - ok
10:52:20.0555 3028 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
10:52:20.0586 3028 fvevol - ok
10:52:20.0617 3028 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:52:20.0617 3028 gagp30kx - ok
10:52:20.0711 3028 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:52:20.0711 3028 hcw85cir - ok
10:52:20.0789 3028 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
10:52:20.0804 3028 HdAudAddService - ok
10:52:20.0835 3028 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:52:20.0835 3028 HDAudBus - ok
10:52:20.0867 3028 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:52:20.0882 3028 HidBatt - ok
10:52:20.0913 3028 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:52:20.0929 3028 HidBth - ok
10:52:20.0960 3028 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:52:20.0960 3028 HidIr - ok
10:52:20.0991 3028 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
10:52:21.0007 3028 HidUsb - ok
10:52:21.0038 3028 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:52:21.0054 3028 HpSAMD - ok
10:52:21.0116 3028 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
10:52:21.0163 3028 HTTP - ok
10:52:21.0210 3028 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
10:52:21.0210 3028 hwpolicy - ok
10:52:21.0225 3028 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
10:52:21.0241 3028 i8042prt - ok
10:52:21.0272 3028 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
10:52:21.0303 3028 iaStorV - ok
10:52:21.0553 3028 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:52:21.0818 3028 igfx - ok
10:52:21.0990 3028 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:52:21.0990 3028 iirsp - ok
10:52:22.0021 3028 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
10:52:22.0037 3028 intelide - ok
10:52:22.0068 3028 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:52:22.0068 3028 intelppm - ok
10:52:22.0099 3028 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:52:22.0115 3028 IpFilterDriver - ok
10:52:22.0130 3028 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:52:22.0130 3028 IPMIDRV - ok
10:52:22.0177 3028 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:52:22.0193 3028 IPNAT - ok
10:52:22.0224 3028 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:52:22.0224 3028 IRENUM - ok
10:52:22.0255 3028 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
10:52:22.0255 3028 isapnp - ok
10:52:22.0302 3028 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
10:52:22.0318 3028 iScsiPrt - ok
10:52:22.0364 3028 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:52:22.0364 3028 kbdclass - ok
10:52:22.0380 3028 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
10:52:22.0396 3028 kbdhid - ok
10:52:22.0427 3028 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
10:52:22.0442 3028 KSecDD - ok
10:52:22.0489 3028 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
10:52:22.0505 3028 KSecPkg - ok
10:52:22.0552 3028 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:52:22.0567 3028 lltdio - ok
10:52:22.0630 3028 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:52:22.0630 3028 LSI_FC - ok
10:52:22.0676 3028 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:52:22.0676 3028 LSI_SAS - ok
10:52:22.0723 3028 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:52:22.0723 3028 LSI_SAS2 - ok
10:52:22.0754 3028 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:52:22.0770 3028 LSI_SCSI - ok
10:52:22.0817 3028 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:52:22.0817 3028 luafv - ok
10:52:22.0848 3028 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:52:22.0848 3028 megasas - ok
10:52:22.0879 3028 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:52:22.0895 3028 MegaSR - ok
10:52:22.0926 3028 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:52:22.0926 3028 Modem - ok
10:52:22.0957 3028 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:52:22.0957 3028 monitor - ok
10:52:22.0973 3028 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
10:52:22.0988 3028 mouclass - ok
10:52:23.0020 3028 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:52:23.0020 3028 mouhid - ok
10:52:23.0051 3028 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
10:52:23.0051 3028 mountmgr - ok
10:52:23.0082 3028 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
10:52:23.0098 3028 mpio - ok
10:52:23.0113 3028 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:52:23.0129 3028 mpsdrv - ok
10:52:23.0144 3028 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
10:52:23.0160 3028 MRxDAV - ok
10:52:23.0207 3028 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:52:23.0222 3028 mrxsmb - ok
10:52:23.0238 3028 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:52:23.0269 3028 mrxsmb10 - ok
10:52:23.0285 3028 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:52:23.0300 3028 mrxsmb20 - ok
10:52:23.0316 3028 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
10:52:23.0316 3028 msahci - ok
10:52:23.0332 3028 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
10:52:23.0347 3028 msdsm - ok
10:52:23.0378 3028 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:52:23.0394 3028 Msfs - ok
10:52:23.0410 3028 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:52:23.0410 3028 mshidkmdf - ok
10:52:23.0441 3028 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
10:52:23.0441 3028 msisadrv - ok
10:52:23.0503 3028 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:52:23.0503 3028 MSKSSRV - ok
10:52:23.0519 3028 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:52:23.0534 3028 MSPCLOCK - ok
10:52:23.0566 3028 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:52:23.0566 3028 MSPQM - ok
10:52:23.0581 3028 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:52:23.0612 3028 MsRPC - ok
10:52:23.0628 3028 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
10:52:23.0628 3028 mssmbios - ok
10:52:23.0659 3028 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:52:23.0659 3028 MSTEE - ok
10:52:23.0675 3028 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:52:23.0675 3028 MTConfig - ok
10:52:23.0706 3028 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:52:23.0722 3028 Mup - ok
10:52:23.0768 3028 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:52:23.0800 3028 NativeWifiP - ok
10:52:23.0846 3028 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
10:52:23.0862 3028 NDIS - ok
10:52:23.0878 3028 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:52:23.0893 3028 NdisCap - ok
10:52:23.0924 3028 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:52:23.0924 3028 NdisTapi - ok
10:52:23.0971 3028 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
10:52:23.0971 3028 Ndisuio - ok
10:52:23.0987 3028 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
10:52:24.0002 3028 NdisWan - ok
10:52:24.0018 3028 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
10:52:24.0018 3028 NDProxy - ok
10:52:24.0143 3028 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:52:24.0158 3028 NetBIOS - ok
10:52:24.0190 3028 NetBT (d6024d5ce4986119199a2a75fd3632db) C:\Windows\system32\DRIVERS\netbt.sys
10:52:24.0205 3028 Suspicious file (Forged): C:\Windows\system32\DRIVERS\netbt.sys. Real md5: d6024d5ce4986119199a2a75fd3632db, Fake md5: dd52a733bf4ca5af84562a5e2f963b91
10:52:24.0205 3028 NetBT ( Rootkit.Win32.ZAccess.aml ) - infected
10:52:24.0205 3028 NetBT - detected Rootkit.Win32.ZAccess.aml (0)
10:52:24.0392 3028 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
10:52:24.0548 3028 netw5v32 - ok
10:52:24.0736 3028 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:52:24.0751 3028 nfrd960 - ok
10:52:24.0782 3028 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:52:24.0798 3028 Npfs - ok
10:52:24.0829 3028 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:52:24.0845 3028 nsiproxy - ok
10:52:24.0923 3028 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
10:52:25.0016 3028 Ntfs - ok
10:52:25.0063 3028 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:52:25.0063 3028 Null - ok
10:52:25.0110 3028 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
10:52:25.0126 3028 nvraid - ok
10:52:25.0188 3028 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
10:52:25.0188 3028 nvstor - ok
10:52:25.0204 3028 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
10:52:25.0219 3028 nv_agp - ok
10:52:25.0250 3028 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
10:52:25.0250 3028 ohci1394 - ok
10:52:25.0297 3028 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:52:25.0313 3028 Parport - ok
10:52:25.0360 3028 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
10:52:25.0360 3028 partmgr - ok
10:52:25.0406 3028 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:52:25.0406 3028 Parvdm - ok
10:52:25.0453 3028 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
10:52:25.0453 3028 pci - ok
10:52:25.0500 3028 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
10:52:25.0500 3028 pciide - ok
10:52:25.0547 3028 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:52:25.0562 3028 pcmcia - ok
10:52:25.0594 3028 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:52:25.0594 3028 pcw - ok
10:52:25.0640 3028 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:52:25.0672 3028 PEAUTH - ok
10:52:25.0781 3028 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:52:25.0781 3028 PptpMiniport - ok
10:52:25.0812 3028 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:52:25.0812 3028 Processor - ok
10:52:25.0874 3028 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:52:25.0874 3028 Psched - ok
10:52:25.0937 3028 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:52:25.0984 3028 ql2300 - ok
10:52:25.0999 3028 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:52:26.0015 3028 ql40xx - ok
10:52:26.0046 3028 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:52:26.0046 3028 QWAVEdrv - ok
10:52:26.0077 3028 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:52:26.0077 3028 RasAcd - ok
10:52:26.0124 3028 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:52:26.0124 3028 RasAgileVpn - ok
10:52:26.0155 3028 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:52:26.0171 3028 Rasl2tp - ok
10:52:26.0202 3028 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:52:26.0218 3028 RasPppoe - ok
10:52:26.0249 3028 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:52:26.0249 3028 RasSstp - ok
10:52:26.0280 3028 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
10:52:26.0296 3028 rdbss - ok
10:52:26.0311 3028 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:52:26.0311 3028 rdpbus - ok
10:52:26.0342 3028 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:52:26.0342 3028 RDPCDD - ok
10:52:26.0405 3028 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
10:52:26.0405 3028 RDPDR - ok
10:52:26.0452 3028 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:52:26.0452 3028 RDPENCDD - ok
10:52:26.0483 3028 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:52:26.0483 3028 RDPREFMP - ok
10:52:26.0514 3028 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
10:52:26.0530 3028 RDPWD - ok
10:52:26.0576 3028 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
10:52:26.0576 3028 rdyboost - ok
10:52:26.0670 3028 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
10:52:26.0670 3028 RFCOMM - ok
10:52:26.0732 3028 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:52:26.0748 3028 rspndr - ok
10:52:26.0795 3028 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
10:52:26.0795 3028 s3cap - ok
10:52:26.0857 3028 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
10:52:26.0857 3028 sbp2port - ok
10:52:26.0888 3028 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
10:52:26.0904 3028 scfilter - ok
10:52:26.0966 3028 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
10:52:26.0966 3028 sdbus - ok
10:52:27.0013 3028 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:52:27.0029 3028 secdrv - ok
10:52:27.0076 3028 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:52:27.0076 3028 Serenum - ok
10:52:27.0107 3028 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:52:27.0122 3028 Serial - ok
10:52:27.0154 3028 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:52:27.0154 3028 sermouse - ok
10:52:27.0200 3028 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
10:52:27.0200 3028 sffdisk - ok
10:52:27.0247 3028 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:52:27.0247 3028 sffp_mmc - ok
10:52:27.0294 3028 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:52:27.0294 3028 sffp_sd - ok
10:52:27.0341 3028 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:52:27.0341 3028 sfloppy - ok
10:52:27.0388 3028 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
10:52:27.0388 3028 sisagp - ok
10:52:27.0434 3028 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:52:27.0434 3028 SiSRaid2 - ok
10:52:27.0450 3028 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:52:27.0466 3028 SiSRaid4 - ok
10:52:27.0481 3028 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:52:27.0497 3028 Smb - ok
10:52:27.0528 3028 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:52:27.0528 3028 spldr - ok
10:52:27.0622 3028 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
10:52:27.0668 3028 srv - ok
10:52:27.0715 3028 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
10:52:27.0746 3028 srv2 - ok
10:52:27.0809 3028 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:52:27.0809 3028 SrvHsfHDA - ok
10:52:27.0856 3028 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:52:27.0918 3028 SrvHsfV92 - ok
10:52:27.0949 3028 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:52:27.0980 3028 SrvHsfWinac - ok
10:52:28.0027 3028 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
10:52:28.0043 3028 srvnet - ok
10:52:28.0168 3028 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:52:28.0168 3028 ssmdrv - ok
10:52:28.0230 3028 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:52:28.0230 3028 stexstor - ok
10:52:28.0308 3028 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
10:52:28.0308 3028 storflt - ok
10:52:28.0339 3028 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
10:52:28.0355 3028 storvsc - ok
10:52:28.0386 3028 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
10:52:28.0386 3028 swenum - ok
10:52:28.0495 3028 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
10:52:28.0542 3028 Tcpip - ok
10:52:28.0620 3028 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
10:52:28.0620 3028 TCPIP6 - ok
10:52:28.0651 3028 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
10:52:28.0667 3028 tcpipreg - ok
10:52:28.0698 3028 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
10:52:28.0698 3028 TDPIPE - ok
10:52:28.0729 3028 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
10:52:28.0745 3028 TDTCP - ok
10:52:28.0776 3028 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
10:52:28.0792 3028 tdx - ok
10:52:28.0823 3028 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
10:52:28.0823 3028 TermDD - ok
10:52:28.0901 3028 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:52:28.0901 3028 tssecsrv - ok
10:52:28.0948 3028 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
10:52:28.0948 3028 tunnel - ok
10:52:28.0963 3028 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:52:28.0979 3028 uagp35 - ok
10:52:29.0010 3028 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
10:52:29.0041 3028 udfs - ok
10:52:29.0104 3028 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:52:29.0119 3028 uliagpkx - ok
10:52:29.0182 3028 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
10:52:29.0197 3028 umbus - ok
10:52:29.0213 3028 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:52:29.0228 3028 UmPass - ok
10:52:29.0291 3028 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
10:52:29.0291 3028 usbccgp - ok
10:52:29.0338 3028 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
10:52:29.0338 3028 usbcir - ok
10:52:29.0400 3028 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
10:52:29.0400 3028 usbehci - ok
10:52:29.0431 3028 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
10:52:29.0509 3028 usbhub - ok
10:52:29.0540 3028 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
10:52:29.0540 3028 usbohci - ok
10:52:29.0572 3028 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:52:29.0572 3028 usbprint - ok
10:52:29.0634 3028 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:52:29.0634 3028 USBSTOR - ok
10:52:29.0665 3028 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
10:52:29.0665 3028 usbuhci - ok
10:52:29.0743 3028 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
10:52:29.0743 3028 usbvideo - ok
10:52:29.0821 3028 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:52:29.0821 3028 vdrvroot - ok
10:52:29.0868 3028 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:52:29.0884 3028 vga - ok
10:52:29.0915 3028 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:52:29.0915 3028 VgaSave - ok
10:52:29.0946 3028 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
10:52:29.0946 3028 vhdmp - ok
10:52:29.0993 3028 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
10:52:29.0993 3028 viaagp - ok
10:52:30.0024 3028 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:52:30.0024 3028 ViaC7 - ok
10:52:30.0071 3028 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
10:52:30.0086 3028 viaide - ok
10:52:30.0133 3028 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
10:52:30.0149 3028 vmbus - ok
10:52:30.0180 3028 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
10:52:30.0180 3028 VMBusHID - ok
10:52:30.0211 3028 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
10:52:30.0211 3028 volmgr - ok
10:52:30.0242 3028 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:52:30.0258 3028 volmgrx - ok
10:52:30.0289 3028 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
10:52:30.0305 3028 volsnap - ok
10:52:30.0336 3028 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:52:30.0336 3028 vsmraid - ok
10:52:30.0383 3028 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
10:52:30.0383 3028 vwifibus - ok
10:52:30.0445 3028 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
10:52:30.0445 3028 WacomPen - ok
10:52:30.0492 3028 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
10:52:30.0492 3028 WANARP - ok
10:52:30.0508 3028 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
10:52:30.0508 3028 Wanarpv6 - ok
10:52:30.0554 3028 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:52:30.0554 3028 Wd - ok
10:52:30.0601 3028 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:52:30.0617 3028 Wdf01000 - ok
10:52:30.0695 3028 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:52:30.0695 3028 WfpLwf - ok
10:52:30.0726 3028 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:52:30.0726 3028 WIMMount - ok
10:52:30.0788 3028 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:52:30.0788 3028 WmiAcpi - ok
10:52:30.0866 3028 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:52:30.0866 3028 ws2ifsl - ok
10:52:30.0913 3028 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:52:30.0913 3028 WSDPrintDevice - ok
10:52:30.0960 3028 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
10:52:30.0976 3028 WudfPf - ok
10:52:31.0007 3028 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:52:31.0007 3028 WUDFRd - ok
10:52:31.0069 3028 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:52:31.0132 3028 \Device\Harddisk0\DR0 - ok
10:52:31.0132 3028 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR2
10:52:31.0288 3028 \Device\Harddisk1\DR2 - ok
10:52:31.0288 3028 Boot (0x1200) (cf1970a99990a141d68ab8a941942eb6) \Device\Harddisk0\DR0\Partition0
10:52:31.0288 3028 \Device\Harddisk0\DR0\Partition0 - ok
10:52:31.0319 3028 Boot (0x1200) (a76eb35fd143f30831fb86d63185e27a) \Device\Harddisk0\DR0\Partition1
10:52:31.0334 3028 \Device\Harddisk0\DR0\Partition1 - ok
10:52:31.0366 3028 Boot (0x1200) (8d9b352d9357148842acff734fddcf19) \Device\Harddisk0\DR0\Partition2
10:52:31.0366 3028 \Device\Harddisk0\DR0\Partition2 - ok
10:52:31.0366 3028 Boot (0x1200) (050e7189f6cfde5cd08a342cc6880901) \Device\Harddisk1\DR2\Partition0
10:52:31.0366 3028 \Device\Harddisk1\DR2\Partition0 - ok
10:52:31.0381 3028 ============================================================
10:52:31.0381 3028 Scan finished
10:52:31.0381 3028 ============================================================
10:52:31.0381 1108 Detected object count: 1
10:52:31.0381 1108 Actual detected object count: 1
10:54:12.0610 1108 Backup copy found, using it..
10:54:12.0656 1108 C:\Windows\system32\DRIVERS\netbt.sys - will be cured on reboot
10:54:14.0029 1108 C:\Windows\System32\c_63923.nls - will be deleted on reboot
10:54:15.0012 1108 NetBT ( Rootkit.Win32.ZAccess.aml ) - User select action: Cure
und nun extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 29.12.2011 11:05:47 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Raphael\Desktop
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,96 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 73,04% Memory free
5,92 Gb Paging File | 5,08 Gb Available in Paging File | 85,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,86 Gb Total Space | 108,54 Gb Free Space | 37,84% Space Free | Partition Type: NTFS
Drive D: | 980,72 Mb Total Space | 958,77 Mb Free Space | 97,76% Space Free | Partition Type: FAT
Drive Q: | 9,77 Gb Total Space | 3,00 Gb Free Space | 30,70% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,65 Gb Free Space | 44,62% Space Free | Partition Type: NTFS
Computer Name: LENOVO_LAPTOP | User Name: Raphael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{5C069542-CA13-4f1b-B90C-28C6430F4992}" = HP LaserJet Professional CP1520 Series
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AABE44D1-0B72-4C6B-9778-20B2317F8064}" = hpzTLBXFX
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{BEEDEC2C-D33F-4FEF-8692-A5CCE6FF6835}" = hppTLBXFXCP1520
"{D608C59B-424B-45D4-971C-5978F8564CEE}" = hppLaserJetService
"{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}" = HPLaserJetHelp_LearnCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE6DB3B1-C754-405D-BCAB-F4F9C765BF35}" = hppCP1520LaserJetService
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cinergy T Stick MKII" = Cinergy T Stick MKII V9.06.3.01
"ESET Online Scanner" = ESET Online Scanner v3
"FlashGet 3.3" = FlashGet 3.3
"FlashGet(JetCar)" = FlashGet(JetCar)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Online TV Player 3_is1" = Online TV Player 5
"Videoload Manager" = Videoload Manager 2.0.2200
"VLC media player" = VLC media player 1.1.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.12.2011 05:06:38 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xd98 Startzeit der fehlerhaften Anwendung: 0x01ccc5400119520f Pfad der
fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 3f41a47e-3133-11e1-bbef-002269f701c6
Error - 28.12.2011 05:21:40 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xeb8 Startzeit der fehlerhaften Anwendung: 0x01ccc5421a2bb906 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 58dd4441-3135-11e1-bbef-002269f701c6
Error - 28.12.2011 05:23:48 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SH4SER~1.EXE, Version: 1.0.19.0,
Zeitstempel: 0x4e930a80 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00452416 ID des fehlerhaften
Prozesses: 0xa9c Startzeit der fehlerhaften Anwendung: 0x01ccc54266441dda Pfad der
fehlerhaften Anwendung: C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE Pfad des fehlerhaften
Moduls: unknown Berichtskennung: a523ba3d-3135-11e1-bbef-002269f701c6
Error - 28.12.2011 05:24:54 | Computer Name = Lenovo_Laptop | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "SpyHunter 4 Service" konnte nicht neu
gestartet werden.
Error - 28.12.2011 11:33:31 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x9d0 Startzeit der fehlerhaften Anwendung: 0x01ccc5760c4a24ae Pfad der
fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 4b9de5b9-3169-11e1-905b-002269f701c6
Error - 28.12.2011 11:41:36 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x4a0 Startzeit der fehlerhaften Anwendung: 0x01ccc5772e3eb18f Pfad der
fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 6ca02504-316a-11e1-bb66-002269f701c6
Error - 28.12.2011 11:56:38 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x678 Startzeit der fehlerhaften Anwendung: 0x01ccc579479299c4 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 85fff41b-316c-11e1-bb66-002269f701c6
Error - 28.12.2011 12:01:37 | Computer Name = Lenovo_Laptop | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "MSN® Toolbar" konnte nicht heruntergefahren
werden.
Error - 28.12.2011 16:55:23 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: avguard.exe, Version: 12.1.0.18,
Zeitstempel: 0x4e7ca198 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0040ce26 ID des fehlerhaften
Prozesses: 0x5e4 Startzeit der fehlerhaften Anwendung: 0x01ccc5a2fa858ec9 Pfad der
fehlerhaften Anwendung: C:\Program Files\Avira\AntiVir Desktop\avguard.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 424a9433-3196-11e1-a9c7-002269f701c6
Error - 29.12.2011 06:02:44 | Computer Name = Lenovo_Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sched.exe, Version: 12.1.0.18, Zeitstempel:
0x4e7ca198 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0040ce26 ID des fehlerhaften Prozesses:
0x5d0 Startzeit der fehlerhaften Anwendung: 0x01ccc610f95aff43 Pfad der fehlerhaften
Anwendung: C:\Program Files\Avira\AntiVir Desktop\sched.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 4013bc75-3204-11e1-a799-002269f701c6
[ System Events ]
Error - 17.10.2011 13:27:47 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
Error - 19.10.2011 09:06:52 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Bluetooth-Unterstützungsdienst erreicht.
Error - 19.10.2011 09:06:52 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 21.10.2011 16:57:24 | Computer Name = Lenovo_Laptop | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 24.10.2011 04:40:52 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SBSD Security Center Service erreicht.
Error - 24.10.2011 04:40:52 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 28.10.2011 18:11:11 | Computer Name = Lenovo_Laptop | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 02.11.2011 21:44:32 | Computer Name = Lenovo_Laptop | Source = DCOM | ID = 10010
Description =
Error - 05.11.2011 05:21:30 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Bandoo Coordinator erreicht.
Error - 05.11.2011 05:21:30 | Computer Name = Lenovo_Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bandoo Coordinator" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
< End of report >
--- --- ---
[/code]
und nun noch otl.txt
OTL Logfile: Code:
OTL logfile created on: 29.12.2011 11:05:47 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Raphael\Desktop
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,96 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 73,04% Memory free
5,92 Gb Paging File | 5,08 Gb Available in Paging File | 85,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,86 Gb Total Space | 108,54 Gb Free Space | 37,84% Space Free | Partition Type: NTFS
Drive D: | 980,72 Mb Total Space | 958,77 Mb Free Space | 97,76% Space Free | Partition Type: FAT
Drive Q: | 9,77 Gb Total Space | 3,00 Gb Free Space | 30,70% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,65 Gb Free Space | 44,62% Space Free | Partition Type: NTFS
Computer Name: LENOVO_LAPTOP | User Name: Raphael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Raphael\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Users\Raphael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\cabd75d4716ede2fed948cbff94dcc38\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\9be84470118f84e965ff0f142701efc6\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()
========== Win32 Services (SafeList) ==========
SRV - (SpyHunter 4 Service) -- File not found
SRV - (gupdatem) Google Update-Dienst (gupdatem) -- File not found
SRV - (gupdate) Google Update Service (gupdate) -- File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (ITETech )
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3F C3 24 B6 F3 D8 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..extensions.enabledItems: toolbar@web.de:1.6.4
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 12:03:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 12:03:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Raphael\AppData\Roaming\5053 [2011.12.07 08:41:27 | 000,000,000 | ---D | M]
[2011.09.22 03:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raphael\AppData\Roaming\mozilla\Extensions
[2011.12.19 14:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raphael\AppData\Roaming\mozilla\Firefox\Profiles\orc23auv.default\extensions
[2011.06.19 04:23:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Raphael\AppData\Roaming\mozilla\Firefox\Profiles\orc23auv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.12.19 14:27:17 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\Raphael\AppData\Roaming\mozilla\Firefox\Profiles\orc23auv.default\extensions\toolbar@web.de
[2011.08.04 16:43:55 | 000,002,501 | ---- | M] () -- C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\orc23auv.default\searchplugins\SearchResults.xml
[2011.12.28 16:51:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.03.02 19:00:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.02 19:00:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.12.07 08:41:27 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\RAPHAEL\APPDATA\ROAMING\5053
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.02.19 03:41:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.02.19 03:41:40 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.02.19 03:41:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.04 16:43:55 | 000,002,501 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.02.19 03:41:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.02.19 03:41:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\Jccatch.dll (FlashGet)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Raphael\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Programme\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - Startup: C:\Users\Raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Raphael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Raphael\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Raphael\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{279AA4D6-97C6-42BB-97AD-EAAB512E16ED}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2D27C62-6423-4D21-A058-EB6E9F7F60AF}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk Q:\
O32 - Unable to obtain root file information for disk S:\
O33 - MountPoints2\{060e9960-ea53-11e0-81c2-002269f701c6}\Shell - "" = AutoRun
O33 - MountPoints2\{060e9960-ea53-11e0-81c2-002269f701c6}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.29 11:04:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Raphael\Desktop\OTL.exe
[2011.12.29 10:51:32 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Raphael\Desktop\TDSSKiller.exe
[2011.12.29 10:41:38 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\Avira
[2011.12.29 10:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.29 10:41:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.12.29 10:41:12 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.29 10:41:12 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.12.29 10:41:12 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.12.29 10:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.28 18:43:24 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Local\ElevatedDiagnostics
[2011.12.28 18:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.12.28 18:36:19 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.12.28 16:35:46 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\Malwarebytes
[2011.12.28 16:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.28 16:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.28 16:35:35 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.28 16:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.28 10:24:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011.12.28 09:45:48 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011.12.28 09:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011.12.28 09:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011.12.27 02:25:13 | 000,000,000 | -HSD | C] -- C:\Users\Raphael\AppData\Local\bb82545e
[2011.12.19 14:15:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.19 14:15:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.19 14:15:38 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.19 14:15:38 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.19 14:15:38 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.19 14:15:38 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.19 14:15:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.19 14:15:38 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.19 14:15:38 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.19 14:15:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.19 14:15:38 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.19 14:15:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.19 14:15:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.19 14:15:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.19 14:15:38 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.19 14:15:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.19 14:15:38 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.19 14:15:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.19 14:15:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.19 14:15:38 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.19 14:15:38 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.19 14:15:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.19 14:15:38 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.19 14:15:38 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.19 14:15:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.19 14:15:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.19 14:15:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.19 14:15:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.19 14:15:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.19 14:15:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.19 14:15:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.19 14:15:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.19 14:15:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.19 14:15:38 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.19 14:15:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.19 14:15:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.19 14:15:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.19 14:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DesktopIcons
[2011.12.09 04:09:28 | 000,000,000 | ---D | C] -- C:\TEMP
[2011.12.09 04:02:37 | 000,000,000 | ---D | C] -- C:\Users\Raphael\Documents\GPass
[2011.12.09 04:02:37 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\GPass
[2011.12.09 03:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online TV Player 5
[2011.12.09 03:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Online TV Player 5
[2011.12.07 08:41:26 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\5053
[2011.12.07 08:41:15 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\xmldm
[2011.12.07 08:41:14 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\kock
[2011.12.03 13:01:49 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\Muoh
[2011.12.03 13:01:49 | 000,000,000 | ---D | C] -- C:\Users\Raphael\AppData\Roaming\Adxyu
[2010.08.25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Raphael\AppData\Roaming\*.tmp files -> C:\Users\Raphael\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.29 11:09:52 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.29 11:09:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.29 11:09:52 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.29 11:09:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.29 11:03:24 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.29 11:02:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.29 11:02:18 | 2384,900,096 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.29 10:57:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Raphael\Desktop\OTL.exe
[2011.12.29 10:50:57 | 000,018,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 10:50:57 | 000,018,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 10:41:25 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.29 10:20:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.28 22:26:26 | 087,262,320 | ---- | M] () -- C:\Users\Raphael\Desktop\avira_free_antivirus_de.exe
[2011.12.28 16:36:52 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.24 01:58:19 | 021,073,936 | ---- | M] () -- C:\Users\Raphael\Documents\vlc-1.1.11-win32.exe
[2011.12.23 14:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Raphael\Desktop\TDSSKiller.exe
[2011.12.19 14:15:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.19 14:15:38 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.19 14:15:38 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.19 14:15:38 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.19 14:15:38 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.19 14:15:38 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.19 14:15:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.19 14:15:38 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.19 14:15:38 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.19 14:15:38 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.19 14:15:38 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.19 14:15:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.19 14:15:38 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.19 14:15:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.19 14:15:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.19 14:15:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.19 14:15:38 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.19 14:15:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.19 14:15:38 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.19 14:15:38 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.19 14:15:38 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.19 14:15:38 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.19 14:15:38 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.19 14:15:38 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.19 14:15:38 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.19 14:15:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.19 14:15:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.19 14:15:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.19 14:15:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.19 14:15:38 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.12.19 14:15:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.19 14:15:38 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.19 14:15:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.19 14:15:38 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.19 14:15:38 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.19 14:15:38 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.19 14:15:38 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.19 14:15:38 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.09 04:09:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.12.09 03:35:20 | 000,000,010 | ---- | M] () -- C:\Windows\System32\810429tv4-test.jun
[2011.12.07 08:41:21 | 000,000,036 | ---- | M] () -- C:\Users\Raphael\AppData\Roaming\blckdom.res
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Raphael\AppData\Roaming\*.tmp files -> C:\Users\Raphael\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.29 10:41:25 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.28 22:20:10 | 087,262,320 | ---- | C] () -- C:\Users\Raphael\Desktop\avira_free_antivirus_de.exe
[2011.12.28 16:36:34 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.19 14:15:38 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.12.19 14:13:37 | 000,002,006 | ---- | C] () -- C:\Users\Raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE.lnk
[2011.12.09 03:35:20 | 000,000,010 | ---- | C] () -- C:\Windows\System32\810429tv4-test.jun
[2011.12.07 08:41:21 | 000,000,036 | ---- | C] () -- C:\Users\Raphael\AppData\Roaming\blckdom.res
[2011.03.05 15:00:00 | 000,000,292 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011.03.05 07:57:41 | 000,000,598 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2011.03.05 07:57:25 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.03.03 01:20:04 | 000,643,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.03.03 01:20:04 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.03.03 01:20:04 | 000,126,394 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.03.03 01:20:04 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.08.25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009.09.16 10:44:52 | 000,003,235 | ---- | C] () -- C:\Windows\System32\hptcpmon.ini
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,292,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,607,190 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,103,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.01.03 01:09:18 | 000,000,356 | ---- | C] () -- C:\Windows\System32\AF15IrTbl.bin
< End of report >
--- --- ---
[end code]
Wer so was lesen kann, kann auch in der Matrix lesen ... Was meinen Sie, alles schön?
Herzliche Grüße |
