Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: nochmal: http://www.searchqu.com/413

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.09.2011, 21:25   #1
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Hallo zusammen.

Ich habe die o.g. Seite als Startseite und bekomme Sie nicht weg.
Habe hier gelesen, dass ich Malwarebytes installieren und durchlaufen lassen soll.
Hab ich gemacht.
Hier die log-Datei:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7775

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

22.09.2011 22:15:35
mbam-log-2011-09-22 (22-15-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 189029
Laufzeit: 12 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files\gmp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Catrin\AppData\Local\Temp\114.jpg (Trojan.Clicker) -> Quarantined and deleted successfully.


Was nun?
Vielen Dank

Alt 22.09.2011, 21:35   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________

Alt 23.09.2011, 12:09   #3
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Hallo Arne.

Hab zunächst einen nochmal einen vollständigen Suchlauf mit Malwarebytes gemacht. Hier die Log-Datei:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7778

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

23.09.2011 07:16:18
mbam-log-2011-09-23 (07-16-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 416049
Laufzeit: 2 Stunde(n), 32 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



Anschließend habe ich mein Antivir deaktiviert und ESET wie beschrieben installiert und durchgeführt. Hier ebenfalls der Inhalt der log-Datei:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=c19ea7264da1244fb2ed18377a3030de
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-23 05:45:42
# local_time=2011-09-23 07:45:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 399931 91652094 57217 0
# compatibility_mode=5892 16776573 100 100 237141 154288232 0 0
# compatibility_mode=8192 67108863 100 0 5187 5187 0 0
# scanned=8550
# found=1
# cleaned=0
# scan_time=1211
C:\$Recycle.Bin\S-1-5-21-1572370699-2875465954-4102281512-1000\$RGG8PYB.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=c19ea7264da1244fb2ed18377a3030de
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-23 11:03:45
# local_time=2011-09-23 01:03:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 404712 91656875 61998 0
# compatibility_mode=5892 16776573 100 100 241922 154293013 0 0
# compatibility_mode=8192 67108863 100 0 9968 9968 0 0
# scanned=256942
# found=3
# cleaned=0
# scan_time=15515
C:\$Recycle.Bin\S-1-5-21-1572370699-2875465954-4102281512-1000\$RGG8PYB.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\SRepenning\Downloads\Setup_FreeFlvConverter(2).exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\SRepenning\Downloads\Setup_FreeFlvConverter.exe Win32/Ad
__________________

Alt 23.09.2011, 12:16   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2011, 13:20   #5
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.09.2011 13:20:21 - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Users\XYZ\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 59,66% Memory free
7,18 Gb Paging File | 5,92 Gb Available in Paging File | 82,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,27 Gb Total Space | 37,43 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,19 Gb Free Space | 61,93% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: XYZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.09.23 13:18:26 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\XYZ\Desktop\OTL.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.30 19:59:24 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.27 22:05:19 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.27 14:06:45 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.17 14:54:40 | 001,795,488 | ---- | M] (Audible, Inc.) -- C:\Programme\Audible\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.07.22 22:44:06 | 000,357,376 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.05.09 17:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007.03.28 19:47:34 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Programme\Protector Suite QL\upeksvr.exe
PRC - [2007.03.28 19:30:18 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Programme\Protector Suite QL\psqltray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\ProgramME\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.30 19:59:24 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 22:05:19 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.30 19:59:25 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.30 19:59:25 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.08.19 14:35:00 | 009,787,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.30 19:28:52 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.30 19:28:33 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007.10.10 17:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.08.08 08:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.05.10 11:24:38 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.03.05 10:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006.11.15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/413"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com//web?src=ffb&appid=0&systemid=413&sr=0&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.07 20:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.13 19:56:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.12 21:09:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011.09.18 14:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XYZ\AppData\Roaming\mozilla\Extensions
[2011.09.22 21:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XYZ\AppData\Roaming\mozilla\Firefox\Profiles\icldhjny.default\extensions
[2011.09.18 14:56:14 | 000,002,503 | ---- | M] () -- C:\Users\XYZ\AppData\Roaming\Mozilla\Firefox\Profiles\icldhjny.default\searchplugins\SearchResults.xml
[2011.09.18 14:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.02 18:38:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.08 10:04:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.03 20:33:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.19 17:49:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.14 20:47:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.22 20:37:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.09.07 20:47:29 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.04.24 16:47:18 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.24 16:47:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.04.24 16:47:18 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.24 16:47:18 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.18 14:56:14 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.04.24 16:47:18 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.24 16:47:18 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll (TODO: <Company name>)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\ProgramME\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\XYZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk = C:\Windows\Installer\{5335DADB-34BA-4AE8-A519-648D78498846}\SkypeIcon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Download Video - hxxp://www.viloader.net/addon.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6319E996-A97C-4E0A-86A0-91FC67B9268A}: DhcpNameServer = 192.168.100.1 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6DBD551-211F-4084-9FEB-B515B3710B34}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) -C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {05466845-FF44-4671-92C1-A5FD0F9EEE1C} - Microsoft Reader
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.23 13:18:56 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\XYZ\Desktop\OTL.exe
[2011.09.23 05:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.22 21:59:48 | 000,000,000 | ---D | C] -- C:\Users\XYZ\AppData\Roaming\Malwarebytes
[2011.09.22 21:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.09.22 21:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.22 21:59:35 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.22 21:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.18 17:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.09.18 14:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Searchqu Toolbar
[2011.08.26 20:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.08.26 20:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.08.26 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.08.01 13:51:52 | 000,189,440 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Program Files\ssleay32.dll
[2010.08.01 13:51:51 | 001,002,496 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Program Files\libeay32.dll
[2010.08.01 13:51:50 | 004,132,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vcredist_x86_2008_sp1.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.23 13:18:26 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\XYZ\Desktop\OTL.exe
[2011.09.23 11:58:04 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.23 11:58:04 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.23 08:40:13 | 000,221,050 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.23 08:39:56 | 000,221,050 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.23 08:39:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.23 07:57:46 | 3756,044,288 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.23 07:57:44 | 343,121,448 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.09.22 22:24:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.09.22 21:59:40 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.16 20:24:42 | 000,025,022 | ---- | M] () -- C:\Users\XYZ\Desktop\Sozietätsvertrag E3.pdf
[2011.09.16 08:27:12 | 000,022,073 | ---- | M] () -- C:\Users\XYZ\Desktop\ESt2010_Repenning_Steffen_und_Catrin.elfo
[2011.09.09 00:42:43 | 000,029,977 | ---- | M] () -- C:\Users\XYZ\Desktop\E2 - 08-09-2011.pdf
[2011.09.06 20:34:27 | 000,852,850 | ---- | M] () -- C:\Users\XYZ\Desktop\CIMG5703.jpg
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.31 13:30:39 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.08.31 13:30:39 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.31 13:30:39 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.08.31 13:30:39 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.26 20:19:04 | 000,001,562 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2011.09.22 21:59:40 | 000,000,814 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.16 20:24:42 | 000,025,022 | ---- | C] () -- C:\Users\XYZ\Desktop\Sozietätsvertrag E3.pdf
[2011.09.09 00:42:43 | 000,029,977 | ---- | C] () -- C:\Users\XYZ\Desktop\E2 - 08-09-2011.pdf
[2011.09.06 20:34:26 | 000,852,850 | ---- | C] () -- C:\Users\XYZ\Desktop\CIMG5703.jpg
[2011.08.26 20:19:04 | 000,001,562 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.05.31 21:11:20 | 000,004,096 | -H-- | C] () -- C:\Users\XYZ\AppData\Local\keyfile3.drm
[2010.08.01 13:51:53 | 000,000,011 | ---- | C] () -- C:\Program Files\version.dat
[2010.08.01 13:51:52 | 006,303,744 | ---- | C] () -- C:\Program Files\update.exe
[2010.08.01 13:51:52 | 000,877,056 | ---- | C] () -- C:\Program Files\QtNetwork4.dll
[2010.08.01 13:51:52 | 000,337,408 | ---- | C] () -- C:\Program Files\QtXml4.dll
[2010.08.01 13:51:52 | 000,253,440 | ---- | C] () -- C:\Program Files\QtSvg4.dll
[2010.08.01 13:51:51 | 007,462,912 | ---- | C] () -- C:\Program Files\QtGui4.dll
[2010.08.01 13:51:51 | 002,011,648 | ---- | C] () -- C:\Program Files\QtCore4.dll
[2010.08.01 13:51:51 | 000,999,424 | ---- | C] () -- C:\Program Files\pica.exe
[2010.08.01 13:51:51 | 000,749,056 | ---- | C] () -- C:\Program Files\hilfepica.exe
[2010.08.01 13:51:51 | 000,671,232 | ---- | C] () -- C:\Program Files\integritaetspruefer.exe
[2010.08.01 13:51:51 | 000,577,536 | ---- | C] () -- C:\Program Files\elfostarter.exe
[2010.08.01 13:51:51 | 000,224,256 | ---- | C] () -- C:\Program Files\ericprozess.exe
[2010.08.01 13:51:51 | 000,207,872 | ---- | C] () -- C:\Program Files\patchw32.dll
[2010.08.01 13:51:51 | 000,119,296 | ---- | C] () -- C:\Program Files\evaprozess.exe
[2010.08.01 13:51:51 | 000,035,328 | ---- | C] () -- C:\Program Files\patch.exe
[2009.12.17 20:34:38 | 000,000,689 | ---- | C] () -- C:\Windows\DictaNet.ini
[2009.12.17 20:34:09 | 000,385,024 | ---- | C] () -- C:\Windows\System32\DNMPEG.dll
[2009.12.17 20:34:09 | 000,339,968 | ---- | C] () -- C:\Windows\System32\DNSndCon.dll
[2009.12.17 20:34:09 | 000,105,472 | ---- | C] () -- C:\Windows\System32\DNWavCon.dll
[2009.12.17 12:24:45 | 000,061,440 | ---- | C] () -- C:\Windows\System32\RAMAINC.DLL
[2009.12.17 12:24:33 | 000,172,032 | ---- | C] () -- C:\Windows\System32\32EAcomn.dll
[2009.12.17 12:24:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\32EAclnt.dll
[2009.12.17 12:24:25 | 000,049,152 | ---- | C] () -- C:\Windows\System32\32RACRC.dll
[2009.12.17 12:24:24 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE32.EXE
[2009.12.17 12:24:24 | 000,077,824 | ---- | C] () -- C:\Windows\System32\32DRWORD.DLL
[2009.12.17 12:24:24 | 000,006,893 | ---- | C] () -- C:\Windows\System32\UNWISE32.INI
[2009.12.17 12:24:24 | 000,000,202 | ---- | C] () -- C:\Windows\System32\32TVIC.INI
[2009.11.23 16:42:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx14_ic.ini
[2009.09.04 13:35:39 | 000,016,896 | ---- | C] () -- C:\Users\XYZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.30 19:28:52 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.06.30 19:28:33 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.06.24 17:39:58 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.06.24 17:39:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2009.06.22 19:17:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.22 19:17:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.22 19:17:27 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.06.20 18:39:03 | 000,221,050 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.20 18:39:03 | 000,221,050 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.06.20 18:04:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.06.19 12:48:41 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009.06.19 12:36:59 | 000,027,810 | ---- | C] () -- C:\Users\XYZ\AppData\Roaming\nvModes.001
[2009.06.19 10:53:11 | 000,027,810 | ---- | C] () -- C:\Users\XYZ\AppData\Roaming\nvModes.dat
[2009.06.17 21:46:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.06.17 20:59:47 | 000,000,680 | ---- | C] () -- C:\Users\XYZ\AppData\Local\d3d9caps.dat
[2009.06.17 20:53:17 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.07.25 16:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006.11.02 17:42:41 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:42:41 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:42:41 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:42:41 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:43 | 000,380,648 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.07.30 16:25:06 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SBSPAINT.DLL
[1998.10.16 14:46:18 | 000,273,408 | ---- | C] () -- C:\Windows\System32\DGNXTRA.DLL
 
========== LOP Check ==========
 
[2011.08.26 20:44:10 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\elsterformular
[2010.05.31 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\FreeFLVConverter
[2009.07.05 10:46:09 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\GrabPro
[2009.07.05 10:52:14 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Orbit
[2010.05.30 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Peace Craft
[2010.12.26 11:31:38 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\PeaceCraft2
[2011.09.22 22:24:19 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.03.02 20:48:30 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Adobe
[2010.07.31 13:30:19 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Apple Computer
[2010.12.27 14:03:57 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Avira
[2011.08.26 20:44:10 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\elsterformular
[2010.05.31 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\FreeFLVConverter
[2009.06.19 10:52:45 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Google
[2009.07.05 10:46:09 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\GrabPro
[2009.06.17 20:59:52 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Identities
[2009.06.17 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Intel
[2009.06.20 08:14:30 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Macromedia
[2011.09.22 21:59:48 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Malwarebytes
[2011.03.02 20:48:30 | 000,000,000 | --SD | M] -- C:\Users\XYZ\AppData\Roaming\Microsoft
[2010.01.16 14:06:46 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Mozilla
[2009.07.05 10:52:14 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Orbit
[2010.05.30 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Peace Craft
[2010.12.26 11:31:38 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\PeaceCraft2
[2009.11.22 11:02:50 | 000,000,000 | RH-D | M] -- C:\Users\XYZ\AppData\Roaming\SecuROM
[2011.09.23 12:57:18 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\Skype
[2011.09.23 08:40:37 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\skypePM
[2011.09.06 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\XYZ\AppData\Roaming\vlc
 
< %APPDATA%\*.exe /s >
[2010.10.29 13:05:24 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\XYZ\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007.02.22 03:53:17 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007.02.22 03:53:17 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007.02.22 03:53:17 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008.01.19 07:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.01.19 07:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.01.19 06:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.03.28 19:49:06 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=6A8C7938BED3472E80FC8D25D6EF87E2 -- C:\Program Files\Protector Suite QL\eventlog.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2007.01.06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007.01.06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_45f67928\nvstor.sys
[2007.01.06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.06.19 13:55:40 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009.06.19 13:55:41 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2011.07.23 12:59:34 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:38FF076E

< End of report >
         
--- --- ---


Alt 23.09.2011, 14:17   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
[2011.09.18 14:56:14 | 000,002,503 | ---- | M] () -- C:\Users\XYZ\AppData\Roaming\Mozilla\Firefox\Profiles\icldhjny.default\searchplugins\SearchResults.xml
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll (TODO: <Company name>
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:38FF076E

:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
--> nochmal: http://www.searchqu.com/413

Alt 23.09.2011, 15:01   #7
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



All processes killed
========== OTL ==========
C:\Users\XYZ\AppData\Roaming\Mozilla\Firefox\Profiles\icldhjny.default\searchplugins\SearchResults.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
C:\Programme\pdfforge Toolbar\SearchSettings.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4064EA35-578D-4073-A834-C96D82CBCF40} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4064EA35-578D-4073-A834-C96D82CBCF40}\ deleted successfully.
C:\Programme\Save Flash\SaveFlash.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4064EA35-578D-4073-A834-C96D82CBCF40} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4064EA35-578D-4073-A834-C96D82CBCF40}\ not found.
File C:\Programme\Save Flash\SaveFlash.dll (TODO: <Company name> not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
ADS C:\ProgramData\TEMP:38FF076E deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Catrin
->Temp folder emptied: 1945044676 bytes
->Temporary Internet Files folder emptied: 55820366 bytes
->Java cache emptied: 11870606 bytes
->FireFox cache emptied: 648992219 bytes
->Flash cache emptied: 32029 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: SRepenning
->Temp folder emptied: 827009654 bytes
->Temporary Internet Files folder emptied: 585629403 bytes
->Java cache emptied: 31444543 bytes
->FireFox cache emptied: 54476236 bytes
->Flash cache emptied: 213984 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1202198868 bytes
RecycleBin emptied: 11418703765 bytes

Total Files Cleaned = 16.004,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 09232011_152729

Files\Folders moved on Reboot...
File\Folder C:\Users\XYZ\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5KAWDO1J\,v=5290146.1-2749936.8-2749934.4-2749910.2-2749912.3-2749918.2-2749916.2-2749914.2-2749922.2-3022396.1-2749920.3-4400358.3-4815818.15-4807214.30-6740156.5-2749988.13[1].js not found!

Registry entries deleted on Reboot...


Leider ist der Fehler noch nicht behoben.

Alt 23.09.2011, 15:05   #8
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Mir fällt grad was ganz anderes auf.

Meine Frau bastelt seit einigen Wochen immer mal wieder an einem Fotobuch, dass Sie irgendwo online erstellt.
Die Temp-Dateien f. User Catrin sind extrem groß.

Is das nu alles weg.

Dann hab ich ohnehin größere Sorgen als eine blöde Firefox-Startseite


Alt 23.09.2011, 17:41   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Zitat:
User: Catrin
->Temp folder emptied: 1945044676 bytes
Und die genau die Temps wurden von OTL geleert
Sag jetzt nicht, dass sowas wie Tempdateien irgendwie wichtig sein können
Wichtiges hat NIEMALS was dort in diesem Bereich zu suchen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2011, 18:58   #10
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Hallo Arne.

Was tue ich denn jetzt wg des Ausgangsproblems?

Alt 23.09.2011, 19:42   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Sind denn jetzt "wichtige" Daten weg? Oder können wir das Thema ignorieren? Soweit ich weiß gäbe es auch keine Möglichkeit die wiederherzustellen, wenn überhaupt lagert OTL die gelöschten Sachen in
C:\_OTL\MovedFiles
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2011, 19:49   #12
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Nee, is nix wichtiges weg.
Was auch immer das war.

Alt 23.09.2011, 20:30   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.09.2011, 10:24   #14
ShaiHulud79
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Weiter gehts.
Kaspersky hat nix gefunden.
Hier der Report:


11:17:00.0242 4700 TDSS rootkit removing tool 2.6.0.0 Sep 23 2011 07:42:37
11:17:00.0570 4700 ============================================================
11:17:00.0570 4700 Current date / time: 2011/09/24 11:17:00.0570
11:17:00.0570 4700 SystemInfo:
11:17:00.0570 4700
11:17:00.0570 4700 OS Version: 6.0.6002 ServicePack: 2.0
11:17:00.0570 4700 Product type: Workstation
11:17:00.0571 4700 ComputerName: LAPTOP
11:17:00.0571 4700 UserName: XYZ
11:17:00.0571 4700 Windows directory: C:\Windows
11:17:00.0571 4700 System windows directory: C:\Windows
11:17:00.0571 4700 Processor architecture: Intel x86
11:17:00.0571 4700 Number of processors: 2
11:17:00.0571 4700 Page size: 0x1000
11:17:00.0571 4700 Boot type: Normal boot
11:17:00.0571 4700 ============================================================
11:17:02.0161 4700 Initialize success
11:17:23.0145 5688 ============================================================
11:17:23.0145 5688 Scan started
11:17:23.0145 5688 Mode: Manual;
11:17:23.0145 5688 ============================================================
11:17:24.0692 5688 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:17:24.0714 5688 ACPI - ok
11:17:24.0810 5688 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:17:24.0858 5688 adp94xx - ok
11:17:24.0920 5688 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:17:24.0953 5688 adpahci - ok
11:17:24.0987 5688 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:17:25.0021 5688 adpu160m - ok
11:17:25.0063 5688 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:17:25.0075 5688 adpu320 - ok
11:17:25.0155 5688 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:17:25.0201 5688 AFD - ok
11:17:25.0253 5688 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:17:25.0287 5688 agp440 - ok
11:17:25.0334 5688 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:17:25.0362 5688 aic78xx - ok
11:17:25.0418 5688 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
11:17:25.0427 5688 aliide - ok
11:17:25.0463 5688 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:17:25.0490 5688 amdagp - ok
11:17:25.0527 5688 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
11:17:25.0553 5688 amdide - ok
11:17:25.0590 5688 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:17:25.0599 5688 AmdK7 - ok
11:17:25.0642 5688 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:17:25.0673 5688 AmdK8 - ok
11:17:25.0777 5688 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:17:25.0808 5688 arc - ok
11:17:25.0859 5688 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:17:25.0892 5688 arcsas - ok
11:17:25.0960 5688 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:25.0984 5688 AsyncMac - ok
11:17:26.0041 5688 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:17:26.0042 5688 atapi - ok
11:17:26.0135 5688 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\Windows\system32\DRIVERS\atksgt.sys
11:17:26.0151 5688 atksgt - ok
11:17:26.0252 5688 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
11:17:26.0276 5688 avgio - ok
11:17:26.0420 5688 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
11:17:26.0422 5688 avgntflt - ok
11:17:26.0451 5688 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
11:17:26.0467 5688 avipbb - ok
11:17:26.0540 5688 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:17:26.0557 5688 b57nd60x - ok
11:17:26.0636 5688 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:17:26.0666 5688 Beep - ok
11:17:26.0714 5688 blbdrive - ok
11:17:26.0797 5688 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:17:26.0824 5688 bowser - ok
11:17:26.0886 5688 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:17:26.0933 5688 BrFiltLo - ok
11:17:26.0977 5688 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:17:27.0000 5688 BrFiltUp - ok
11:17:27.0040 5688 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:17:27.0046 5688 Brserid - ok
11:17:27.0087 5688 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:17:27.0115 5688 BrSerWdm - ok
11:17:27.0144 5688 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:17:27.0147 5688 BrUsbMdm - ok
11:17:27.0184 5688 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:17:27.0190 5688 BrUsbSer - ok
11:17:27.0238 5688 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
11:17:27.0262 5688 BthEnum - ok
11:17:27.0313 5688 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:17:27.0340 5688 BTHMODEM - ok
11:17:27.0381 5688 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:17:27.0382 5688 BthPan - ok
11:17:27.0447 5688 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
11:17:27.0456 5688 BTHPORT - ok
11:17:27.0509 5688 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
11:17:27.0515 5688 BTHUSB - ok
11:17:27.0569 5688 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:17:27.0597 5688 cdfs - ok
11:17:27.0663 5688 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:17:27.0676 5688 cdrom - ok
11:17:27.0733 5688 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:17:27.0745 5688 circlass - ok
11:17:27.0795 5688 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:17:27.0804 5688 CLFS - ok
11:17:27.0872 5688 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:27.0876 5688 CmBatt - ok
11:17:27.0934 5688 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
11:17:27.0938 5688 cmdide - ok
11:17:27.0974 5688 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:17:27.0980 5688 Compbatt - ok
11:17:28.0013 5688 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:17:28.0033 5688 crcdisk - ok
11:17:28.0072 5688 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:17:28.0081 5688 Crusoe - ok
11:17:28.0149 5688 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
11:17:28.0194 5688 CSC - ok
11:17:28.0263 5688 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:17:28.0287 5688 DfsC - ok
11:17:28.0365 5688 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:17:28.0388 5688 disk - ok
11:17:28.0472 5688 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:17:28.0475 5688 drmkaud - ok
11:17:28.0560 5688 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:17:28.0658 5688 DXGKrnl - ok
11:17:28.0730 5688 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:17:28.0769 5688 E1G60 - ok
11:17:28.0849 5688 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:17:28.0861 5688 Ecache - ok
11:17:28.0938 5688 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:17:28.0971 5688 elxstor - ok
11:17:29.0069 5688 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:17:29.0079 5688 exfat - ok
11:17:29.0132 5688 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:17:29.0142 5688 fastfat - ok
11:17:29.0196 5688 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:17:29.0200 5688 fdc - ok
11:17:29.0271 5688 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:17:29.0278 5688 FileInfo - ok
11:17:29.0332 5688 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:17:29.0353 5688 Filetrace - ok
11:17:29.0384 5688 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:17:29.0411 5688 flpydisk - ok
11:17:29.0470 5688 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:17:29.0486 5688 FltMgr - ok
11:17:29.0522 5688 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:17:29.0528 5688 Fs_Rec - ok
11:17:29.0575 5688 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:17:29.0603 5688 gagp30kx - ok
11:17:29.0662 5688 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:17:29.0672 5688 GEARAspiWDM - ok
11:17:29.0734 5688 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
11:17:29.0781 5688 HdAudAddService - ok
11:17:29.0848 5688 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:17:29.0926 5688 HDAudBus - ok
11:17:29.0984 5688 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:17:29.0991 5688 HidBth - ok
11:17:30.0030 5688 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:17:30.0039 5688 HidIr - ok
11:17:30.0104 5688 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:17:30.0110 5688 HidUsb - ok
11:17:30.0154 5688 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:17:30.0185 5688 HpCISSs - ok
11:17:30.0239 5688 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:17:30.0301 5688 HTTP - ok
11:17:30.0333 5688 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:17:30.0363 5688 i2omp - ok
11:17:30.0437 5688 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:17:30.0466 5688 i8042prt - ok
11:17:30.0509 5688 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:17:30.0545 5688 iaStorV - ok
11:17:30.0582 5688 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:17:30.0595 5688 iirsp - ok
11:17:30.0675 5688 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:17:30.0685 5688 intelide - ok
11:17:30.0737 5688 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:17:30.0770 5688 intelppm - ok
11:17:30.0853 5688 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:30.0862 5688 IpFilterDriver - ok
11:17:30.0889 5688 IpInIp - ok
11:17:30.0961 5688 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:17:30.0974 5688 IPMIDRV - ok
11:17:31.0052 5688 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:17:31.0059 5688 IPNAT - ok
11:17:31.0134 5688 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:17:31.0149 5688 IRENUM - ok
11:17:31.0182 5688 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:17:31.0210 5688 isapnp - ok
11:17:31.0259 5688 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:17:31.0269 5688 iScsiPrt - ok
11:17:31.0309 5688 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:17:31.0338 5688 iteatapi - ok
11:17:31.0374 5688 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:17:31.0380 5688 iteraid - ok
11:17:31.0438 5688 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:31.0445 5688 kbdclass - ok
11:17:31.0496 5688 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:17:31.0497 5688 kbdhid - ok
11:17:31.0564 5688 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
11:17:31.0619 5688 KSecDD - ok
11:17:31.0678 5688 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\Windows\system32\DRIVERS\lirsgt.sys
11:17:31.0701 5688 lirsgt - ok
11:17:31.0755 5688 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:17:31.0767 5688 lltdio - ok
11:17:31.0840 5688 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:17:31.0871 5688 LSI_FC - ok
11:17:31.0917 5688 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:17:31.0930 5688 LSI_SAS - ok
11:17:31.0995 5688 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:17:32.0010 5688 LSI_SCSI - ok
11:17:32.0052 5688 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:17:32.0087 5688 luafv - ok
11:17:32.0142 5688 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
11:17:32.0170 5688 MBAMProtector - ok
11:17:32.0238 5688 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:17:32.0269 5688 megasas - ok
11:17:32.0333 5688 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:17:32.0341 5688 Modem - ok
11:17:32.0408 5688 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:17:32.0409 5688 monitor - ok
11:17:32.0454 5688 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:17:32.0465 5688 mouclass - ok
11:17:32.0500 5688 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:17:32.0529 5688 mouhid - ok
11:17:32.0562 5688 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:17:32.0576 5688 MountMgr - ok
11:17:32.0620 5688 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:17:32.0634 5688 mpio - ok
11:17:32.0679 5688 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:17:32.0710 5688 mpsdrv - ok
11:17:32.0758 5688 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:17:32.0797 5688 Mraid35x - ok
11:17:32.0834 5688 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:17:32.0848 5688 MRxDAV - ok
11:17:32.0890 5688 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:32.0903 5688 mrxsmb - ok
11:17:32.0961 5688 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:32.0999 5688 mrxsmb10 - ok
11:17:33.0045 5688 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:33.0080 5688 mrxsmb20 - ok
11:17:33.0135 5688 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
11:17:33.0144 5688 msahci - ok
11:17:33.0207 5688 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:17:33.0219 5688 msdsm - ok
11:17:33.0299 5688 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:17:33.0322 5688 Msfs - ok
11:17:33.0363 5688 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:17:33.0363 5688 msisadrv - ok
11:17:33.0417 5688 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:17:33.0436 5688 MSKSSRV - ok
11:17:33.0511 5688 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:33.0515 5688 MSPCLOCK - ok
11:17:33.0541 5688 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:17:33.0545 5688 MSPQM - ok
11:17:33.0588 5688 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:17:33.0615 5688 MsRPC - ok
11:17:33.0659 5688 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:17:33.0691 5688 mssmbios - ok
11:17:33.0731 5688 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:17:33.0738 5688 MSTEE - ok
11:17:33.0780 5688 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:17:33.0816 5688 Mup - ok
11:17:33.0893 5688 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:17:33.0906 5688 NativeWifiP - ok
11:17:34.0026 5688 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:17:34.0106 5688 NDIS - ok
11:17:34.0154 5688 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:34.0164 5688 NdisTapi - ok
11:17:34.0206 5688 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:34.0214 5688 Ndisuio - ok
11:17:34.0260 5688 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:34.0276 5688 NdisWan - ok
11:17:34.0329 5688 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:17:34.0338 5688 NDProxy - ok
11:17:34.0380 5688 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:17:34.0388 5688 NetBIOS - ok
11:17:34.0491 5688 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:17:34.0529 5688 netbt - ok
11:17:34.0686 5688 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
11:17:34.0840 5688 NETw4v32 - ok
11:17:34.0890 5688 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:17:34.0902 5688 nfrd960 - ok
11:17:34.0956 5688 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:17:34.0985 5688 Npfs - ok
11:17:35.0044 5688 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:17:35.0052 5688 nsiproxy - ok
11:17:35.0139 5688 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:17:35.0238 5688 Ntfs - ok
11:17:35.0298 5688 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:17:35.0305 5688 ntrigdigi - ok
11:17:35.0369 5688 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:17:35.0391 5688 Null - ok
11:17:35.0709 5688 nvlddmkm (eee630ffc85b7f3f0dfad33c59967dd4) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:17:35.0786 5688 nvlddmkm - ok
11:17:35.0847 5688 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
11:17:35.0852 5688 nvraid - ok
11:17:35.0889 5688 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
11:17:35.0912 5688 nvstor - ok
11:17:35.0972 5688 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:17:35.0979 5688 nv_agp - ok
11:17:35.0994 5688 NwlnkFlt - ok
11:17:36.0012 5688 NwlnkFwd - ok
11:17:36.0103 5688 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
11:17:36.0132 5688 OEM02Dev - ok
11:17:36.0161 5688 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
11:17:36.0188 5688 OEM02Vfx - ok
11:17:36.0241 5688 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:17:36.0252 5688 ohci1394 - ok
11:17:36.0319 5688 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:17:36.0352 5688 Parport - ok
11:17:36.0395 5688 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:17:36.0427 5688 partmgr - ok
11:17:36.0464 5688 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:17:36.0473 5688 Parvdm - ok
11:17:36.0517 5688 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:17:36.0520 5688 pci - ok
11:17:36.0571 5688 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
11:17:36.0601 5688 pciide - ok
11:17:36.0649 5688 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:17:36.0683 5688 pcmcia - ok
11:17:36.0757 5688 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:17:36.0855 5688 PEAUTH - ok
11:17:36.0967 5688 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:17:36.0993 5688 PptpMiniport - ok
11:17:37.0031 5688 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:17:37.0037 5688 Processor - ok
11:17:37.0096 5688 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:17:37.0097 5688 PSched - ok
11:17:37.0178 5688 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:17:37.0192 5688 ql2300 - ok
11:17:37.0238 5688 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:17:37.0265 5688 ql40xx - ok
11:17:37.0309 5688 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:17:37.0314 5688 QWAVEdrv - ok
11:17:37.0355 5688 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:17:37.0377 5688 RasAcd - ok
11:17:37.0435 5688 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:37.0459 5688 Rasl2tp - ok
11:17:37.0521 5688 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:37.0534 5688 RasPppoe - ok
11:17:37.0579 5688 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:17:37.0591 5688 RasSstp - ok
11:17:37.0634 5688 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:17:37.0679 5688 rdbss - ok
11:17:37.0740 5688 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:37.0746 5688 RDPCDD - ok
11:17:37.0808 5688 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
11:17:37.0828 5688 rdpdr - ok
11:17:37.0850 5688 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:17:37.0870 5688 RDPENCDD - ok
11:17:37.0943 5688 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:17:37.0973 5688 RDPWD - ok
11:17:38.0037 5688 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
11:17:38.0047 5688 RFCOMM - ok
11:17:38.0094 5688 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
11:17:38.0095 5688 rimmptsk - ok
11:17:38.0121 5688 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
11:17:38.0122 5688 rimsptsk - ok
11:17:38.0147 5688 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
11:17:38.0178 5688 rismxdp - ok
11:17:38.0244 5688 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:17:38.0250 5688 rspndr - ok
11:17:38.0304 5688 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:17:38.0326 5688 sbp2port - ok
11:17:38.0395 5688 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
11:17:38.0426 5688 sdbus - ok
11:17:38.0467 5688 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:17:38.0476 5688 secdrv - ok
11:17:38.0539 5688 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:17:38.0561 5688 Serenum - ok
11:17:38.0599 5688 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:17:38.0629 5688 Serial - ok
11:17:38.0679 5688 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:17:38.0697 5688 sermouse - ok
11:17:38.0752 5688 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
11:17:38.0756 5688 sffdisk - ok
11:17:38.0789 5688 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:17:38.0792 5688 sffp_mmc - ok
11:17:38.0827 5688 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:17:38.0830 5688 sffp_sd - ok
11:17:38.0861 5688 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:17:38.0867 5688 sfloppy - ok
11:17:38.0904 5688 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:17:38.0928 5688 sisagp - ok
11:17:38.0968 5688 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:17:38.0999 5688 SiSRaid2 - ok
11:17:39.0034 5688 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:17:39.0043 5688 SiSRaid4 - ok
11:17:39.0094 5688 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:17:39.0103 5688 Smb - ok
11:17:39.0164 5688 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:17:39.0192 5688 spldr - ok
11:17:39.0272 5688 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:17:39.0281 5688 srv - ok
11:17:39.0331 5688 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:17:39.0363 5688 srv2 - ok
11:17:39.0412 5688 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:17:39.0439 5688 srvnet - ok
11:17:39.0483 5688 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:17:39.0484 5688 ssmdrv - ok
11:17:39.0550 5688 STHDA (8ee25fad17c309687eab8b963c05478a) C:\Windows\system32\drivers\stwrt.sys
11:17:39.0589 5688 STHDA - ok
11:17:39.0645 5688 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:17:39.0657 5688 swenum - ok
11:17:39.0721 5688 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:17:39.0748 5688 Symc8xx - ok
11:17:39.0793 5688 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:17:39.0801 5688 Sym_hi - ok
11:17:39.0842 5688 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:17:39.0876 5688 Sym_u3 - ok
11:17:39.0980 5688 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
11:17:40.0057 5688 Tcpip - ok
11:17:40.0118 5688 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
11:17:40.0132 5688 Tcpip6 - ok
11:17:40.0173 5688 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:17:40.0184 5688 tcpipreg - ok
11:17:40.0236 5688 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
11:17:40.0245 5688 TcUsb - ok
11:17:40.0295 5688 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:17:40.0302 5688 TDPIPE - ok
11:17:40.0330 5688 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:17:40.0359 5688 TDTCP - ok
11:17:40.0411 5688 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:17:40.0423 5688 tdx - ok
11:17:40.0460 5688 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:17:40.0475 5688 TermDD - ok
11:17:40.0553 5688 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:40.0581 5688 tssecsrv - ok
11:17:40.0633 5688 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:17:40.0642 5688 tunmp - ok
11:17:40.0702 5688 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:17:40.0705 5688 tunnel - ok
11:17:40.0766 5688 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:17:40.0803 5688 uagp35 - ok
11:17:40.0873 5688 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:17:40.0884 5688 udfs - ok
11:17:40.0931 5688 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:17:40.0955 5688 uliagpkx - ok
11:17:40.0994 5688 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:17:41.0003 5688 uliahci - ok
11:17:41.0044 5688 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:17:41.0071 5688 UlSata - ok
11:17:41.0103 5688 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:17:41.0130 5688 ulsata2 - ok
11:17:41.0184 5688 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:17:41.0204 5688 umbus - ok
11:17:41.0314 5688 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
11:17:41.0339 5688 USBAAPL - ok
11:17:41.0390 5688 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:41.0417 5688 usbccgp - ok
11:17:41.0477 5688 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:17:41.0495 5688 usbcir - ok
11:17:41.0572 5688 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:17:41.0595 5688 usbehci - ok
11:17:41.0650 5688 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:17:41.0653 5688 usbhub - ok
11:17:41.0691 5688 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:17:41.0701 5688 usbohci - ok
11:17:41.0766 5688 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:17:41.0795 5688 usbprint - ok
11:17:41.0851 5688 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:41.0863 5688 USBSTOR - ok
11:17:41.0908 5688 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:17:41.0916 5688 usbuhci - ok
11:17:41.0979 5688 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:17:41.0991 5688 usbvideo - ok
11:17:42.0095 5688 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:42.0105 5688 vga - ok
11:17:42.0164 5688 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:17:42.0175 5688 VgaSave - ok
11:17:42.0228 5688 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:17:42.0243 5688 viaagp - ok
11:17:42.0268 5688 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:17:42.0276 5688 ViaC7 - ok
11:17:42.0332 5688 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
11:17:42.0336 5688 viaide - ok
11:17:42.0378 5688 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:17:42.0405 5688 volmgr - ok
11:17:42.0523 5688 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:17:42.0533 5688 volmgrx - ok
11:17:42.0566 5688 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:17:42.0585 5688 volsnap - ok
11:17:42.0639 5688 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:17:42.0667 5688 vsmraid - ok
11:17:42.0712 5688 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:17:42.0736 5688 WacomPen - ok
11:17:42.0785 5688 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:17:42.0795 5688 Wanarp - ok
11:17:42.0815 5688 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:17:42.0818 5688 Wanarpv6 - ok
11:17:42.0871 5688 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:17:42.0902 5688 Wd - ok
11:17:42.0966 5688 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:17:43.0019 5688 Wdf01000 - ok
11:17:43.0147 5688 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:17:43.0155 5688 WmiAcpi - ok
11:17:43.0252 5688 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:17:43.0260 5688 WpdUsb - ok
11:17:43.0324 5688 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:17:43.0347 5688 ws2ifsl - ok
11:17:43.0436 5688 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:43.0467 5688 WUDFRd - ok
11:17:43.0532 5688 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:17:43.0554 5688 \Device\Harddisk0\DR0 - ok
11:17:43.0578 5688 Boot (0x1200) (15f93fe1162f4999da6fd0e9c41b9032) \Device\Harddisk0\DR0\Partition0
11:17:43.0581 5688 \Device\Harddisk0\DR0\Partition0 - ok
11:17:43.0587 5688 Boot (0x1200) (422677f3cbdd94234fdca15246ace583) \Device\Harddisk0\DR0\Partition1
11:17:43.0590 5688 \Device\Harddisk0\DR0\Partition1 - ok
11:17:43.0595 5688 ============================================================
11:17:43.0595 5688 Scan finished
11:17:43.0595 5688 ============================================================
11:17:43.0631 4896 Detected object count: 0
11:17:43.0631 4896 Actual detected object count: 0
11:19:56.0583 5188 ============================================================
11:19:56.0583 5188 Scan started
11:19:56.0583 5188 Mode: Manual;
11:19:56.0583 5188 ============================================================
11:19:56.0863 5188 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:19:56.0865 5188 ACPI - ok
11:19:56.0924 5188 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:19:56.0927 5188 adp94xx - ok
11:19:56.0980 5188 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:19:56.0983 5188 adpahci - ok
11:19:57.0014 5188 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:19:57.0015 5188 adpu160m - ok
11:19:57.0056 5188 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:19:57.0058 5188 adpu320 - ok
11:19:57.0115 5188 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:19:57.0118 5188 AFD - ok
11:19:57.0147 5188 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:19:57.0148 5188 agp440 - ok
11:19:57.0172 5188 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:19:57.0173 5188 aic78xx - ok
11:19:57.0212 5188 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
11:19:57.0213 5188 aliide - ok
11:19:57.0245 5188 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:19:57.0246 5188 amdagp - ok
11:19:57.0277 5188 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
11:19:57.0278 5188 amdide - ok
11:19:57.0318 5188 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:19:57.0319 5188 AmdK7 - ok
11:19:57.0369 5188 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:19:57.0370 5188 AmdK8 - ok
11:19:57.0405 5188 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:19:57.0406 5188 arc - ok
11:19:57.0430 5188 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:19:57.0431 5188 arcsas - ok
11:19:57.0487 5188 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:19:57.0487 5188 AsyncMac - ok
11:19:57.0535 5188 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:19:57.0535 5188 atapi - ok
11:19:57.0581 5188 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\Windows\system32\DRIVERS\atksgt.sys
11:19:57.0584 5188 atksgt - ok
11:19:57.0668 5188 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
11:19:57.0669 5188 avgio - ok
11:19:57.0713 5188 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
11:19:57.0714 5188 avgntflt - ok
11:19:57.0744 5188 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
11:19:57.0745 5188 avipbb - ok
11:19:57.0787 5188 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:19:57.0790 5188 b57nd60x - ok
11:19:57.0829 5188 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:19:57.0830 5188 Beep - ok
11:19:57.0849 5188 blbdrive - ok
11:19:57.0923 5188 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:19:57.0924 5188 bowser - ok
11:19:57.0968 5188 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:19:57.0968 5188 BrFiltLo - ok
11:19:58.0003 5188 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:19:58.0004 5188 BrFiltUp - ok
11:19:58.0032 5188 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:19:58.0033 5188 Brserid - ok
11:19:58.0069 5188 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:19:58.0070 5188 BrSerWdm - ok
11:19:58.0103 5188 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:19:58.0104 5188 BrUsbMdm - ok
11:19:58.0132 5188 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:19:58.0133 5188 BrUsbSer - ok
11:19:58.0175 5188 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
11:19:58.0177 5188 BthEnum - ok
11:19:58.0217 5188 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:19:58.0218 5188 BTHMODEM - ok
11:19:58.0263 5188 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:19:58.0265 5188 BthPan - ok
11:19:58.0331 5188 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
11:19:58.0339 5188 BTHPORT - ok
11:19:58.0391 5188 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
11:19:58.0392 5188 BTHUSB - ok
11:19:58.0441 5188 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:19:58.0443 5188 cdfs - ok
11:19:58.0490 5188 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:19:58.0492 5188 cdrom - ok
11:19:58.0548 5188 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:19:58.0549 5188 circlass - ok
11:19:58.0611 5188 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:19:58.0616 5188 CLFS - ok
11:19:58.0677 5188 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:19:58.0678 5188 CmBatt - ok
11:19:58.0716 5188 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
11:19:58.0717 5188 cmdide - ok
11:19:58.0778 5188 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:19:58.0780 5188 Compbatt - ok
11:19:58.0818 5188 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:19:58.0819 5188 crcdisk - ok
11:19:58.0865 5188 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:19:58.0867 5188 Crusoe - ok
11:19:58.0932 5188 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
11:19:58.0937 5188 CSC - ok
11:19:59.0011 5188 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:19:59.0013 5188 DfsC - ok
11:19:59.0069 5188 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:19:59.0071 5188 disk - ok
11:19:59.0131 5188 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:19:59.0132 5188 drmkaud - ok
11:19:59.0219 5188 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:19:59.0229 5188 DXGKrnl - ok
11:19:59.0290 5188 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:19:59.0292 5188 E1G60 - ok
11:19:59.0347 5188 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:19:59.0350 5188 Ecache - ok
11:19:59.0389 5188 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:19:59.0394 5188 elxstor - ok
11:19:59.0472 5188 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:19:59.0473 5188 exfat - ok
11:19:59.0524 5188 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:19:59.0525 5188 fastfat - ok
11:19:59.0566 5188 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:19:59.0567 5188 fdc - ok
11:19:59.0618 5188 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:19:59.0619 5188 FileInfo - ok
11:19:59.0691 5188 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:19:59.0692 5188 Filetrace - ok
11:19:59.0721 5188 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:19:59.0723 5188 flpydisk - ok
11:19:59.0773 5188 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:19:59.0776 5188 FltMgr - ok
11:19:59.0803 5188 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:19:59.0804 5188 Fs_Rec - ok
11:19:59.0845 5188 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:19:59.0846 5188 gagp30kx - ok
11:19:59.0886 5188 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:19:59.0887 5188 GEARAspiWDM - ok
11:19:59.0936 5188 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
11:19:59.0938 5188 HdAudAddService - ok
11:19:59.0995 5188 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:20:00.0004 5188 HDAudBus - ok
11:20:00.0044 5188 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:20:00.0046 5188 HidBth - ok
11:20:00.0090 5188 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:20:00.0091 5188 HidIr - ok
11:20:00.0141 5188 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:20:00.0142 5188 HidUsb - ok
11:20:00.0191 5188 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:20:00.0193 5188 HpCISSs - ok
11:20:00.0254 5188 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:20:00.0260 5188 HTTP - ok
11:20:00.0293 5188 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:20:00.0295 5188 i2omp - ok
11:20:00.0341 5188 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:20:00.0343 5188 i8042prt - ok
11:20:00.0379 5188 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:20:00.0383 5188 iaStorV - ok
11:20:00.0419 5188 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:20:00.0420 5188 iirsp - ok
11:20:00.0480 5188 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:20:00.0481 5188 intelide - ok
11:20:00.0518 5188 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:20:00.0519 5188 intelppm - ok
11:20:00.0590 5188 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:20:00.0592 5188 IpFilterDriver - ok
11:20:00.0633 5188 IpInIp - ok
11:20:00.0697 5188 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:20:00.0699 5188 IPMIDRV - ok
11:20:00.0767 5188 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:20:00.0769 5188 IPNAT - ok
11:20:00.0837 5188 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:20:00.0838 5188 IRENUM - ok
11:20:00.0886 5188 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:20:00.0887 5188 isapnp - ok
11:20:00.0941 5188 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:20:00.0944 5188 iScsiPrt - ok
11:20:00.0991 5188 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:20:00.0992 5188 iteatapi - ok
11:20:01.0022 5188 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:20:01.0023 5188 iteraid - ok
11:20:01.0086 5188 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:20:01.0087 5188 kbdclass - ok
11:20:01.0132 5188 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:20:01.0134 5188 kbdhid - ok
11:20:01.0200 5188 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
11:20:01.0207 5188 KSecDD - ok
11:20:01.0261 5188 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\Windows\system32\DRIVERS\lirsgt.sys
11:20:01.0262 5188 lirsgt - ok
11:20:01.0313 5188 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:20:01.0317 5188 lltdio - ok
11:20:01.0388 5188 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:20:01.0389 5188 LSI_FC - ok
11:20:01.0419 5188 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:20:01.0421 5188 LSI_SAS - ok
11:20:01.0453 5188 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:20:01.0455 5188 LSI_SCSI - ok
11:20:01.0499 5188 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:20:01.0501 5188 luafv - ok
11:20:01.0567 5188 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
11:20:01.0568 5188 MBAMProtector - ok
11:20:01.0630 5188 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:20:01.0631 5188 megasas - ok
11:20:01.0703 5188 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:20:01.0705 5188 Modem - ok
11:20:01.0766 5188 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:20:01.0768 5188 monitor - ok
11:20:01.0824 5188 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:20:01.0826 5188 mouclass - ok
11:20:01.0869 5188 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:20:01.0871 5188 mouhid - ok
11:20:01.0922 5188 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:20:01.0925 5188 MountMgr - ok
11:20:01.0968 5188 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:20:01.0969 5188 mpio - ok
11:20:02.0016 5188 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:20:02.0018 5188 mpsdrv - ok
11:20:02.0072 5188 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:20:02.0073 5188 Mraid35x - ok
11:20:02.0115 5188 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:20:02.0118 5188 MRxDAV - ok
11:20:02.0161 5188 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:20:02.0163 5188 mrxsmb - ok
11:20:02.0209 5188 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:20:02.0213 5188 mrxsmb10 - ok
11:20:02.0248 5188 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:20:02.0250 5188 mrxsmb20 - ok
11:20:02.0293 5188 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
11:20:02.0294 5188 msahci - ok
11:20:02.0354 5188 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:20:02.0357 5188 msdsm - ok
11:20:02.0435 5188 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:20:02.0436 5188 Msfs - ok
11:20:02.0465 5188 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:20:02.0466 5188 msisadrv - ok
11:20:02.0530 5188 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:20:02.0532 5188 MSKSSRV - ok
11:20:02.0592 5188 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:20:02.0593 5188 MSPCLOCK - ok
11:20:02.0655 5188 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:20:02.0657 5188 MSPQM - ok
11:20:02.0725 5188 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:20:02.0728 5188 MsRPC - ok
11:20:02.0784 5188 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:20:02.0785 5188 mssmbios - ok
11:20:02.0809 5188 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:20:02.0811 5188 MSTEE - ok
11:20:02.0838 5188 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:20:02.0840 5188 Mup - ok
11:20:02.0894 5188 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:20:02.0896 5188 NativeWifiP - ok
11:20:02.0935 5188 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:20:02.0939 5188 NDIS - ok
11:20:02.0978 5188 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:20:02.0979 5188 NdisTapi - ok
11:20:03.0019 5188 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:20:03.0020 5188 Ndisuio - ok
11:20:03.0049 5188 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:20:03.0050 5188 NdisWan - ok
11:20:03.0086 5188 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:20:03.0087 5188 NDProxy - ok
11:20:03.0115 5188 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:20:03.0116 5188 NetBIOS - ok
11:20:03.0169 5188 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:20:03.0171 5188 netbt - ok
11:20:03.0298 5188 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
11:20:03.0329 5188 NETw4v32 - ok
11:20:03.0392 5188 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:20:03.0394 5188 nfrd960 - ok
11:20:03.0451 5188 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:20:03.0453 5188 Npfs - ok
11:20:03.0501 5188 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:20:03.0504 5188 nsiproxy - ok
11:20:03.0577 5188 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:20:03.0584 5188 Ntfs - ok
11:20:03.0633 5188 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:20:03.0633 5188 ntrigdigi - ok
11:20:03.0673 5188 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:20:03.0674 5188 Null - ok
11:20:03.0982 5188 nvlddmkm (eee630ffc85b7f3f0dfad33c59967dd4) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:20:04.0063 5188 nvlddmkm - ok
11:20:04.0182 5188 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
11:20:04.0182 5188 nvraid - ok
11:20:04.0224 5188 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
11:20:04.0224 5188 nvstor - ok
11:20:04.0263 5188 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:20:04.0264 5188 nv_agp - ok
11:20:04.0280 5188 NwlnkFlt - ok
11:20:04.0297 5188 NwlnkFwd - ok
11:20:04.0348 5188 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
11:20:04.0351 5188 OEM02Dev - ok
11:20:04.0374 5188 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
11:20:04.0374 5188 OEM02Vfx - ok
11:20:04.0420 5188 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:20:04.0421 5188 ohci1394 - ok
11:20:04.0464 5188 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:20:04.0465 5188 Parport - ok
11:20:04.0507 5188 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:20:04.0508 5188 partmgr - ok
11:20:04.0543 5188 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:20:04.0544 5188 Parvdm - ok
11:20:04.0586 5188 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:20:04.0589 5188 pci - ok
11:20:04.0650 5188 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
11:20:04.0651 5188 pciide - ok
11:20:04.0694 5188 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:20:04.0695 5188 pcmcia - ok
11:20:04.0752 5188 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:20:04.0758 5188 PEAUTH - ok
11:20:04.0835 5188 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:20:04.0836 5188 PptpMiniport - ok
11:20:04.0877 5188 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:20:04.0879 5188 Processor - ok
11:20:04.0930 5188 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:20:04.0932 5188 PSched - ok
11:20:05.0002 5188 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:20:05.0011 5188 ql2300 - ok
11:20:05.0061 5188 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:20:05.0062 5188 ql40xx - ok
11:20:05.0110 5188 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:20:05.0111 5188 QWAVEdrv - ok
11:20:05.0155 5188 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:20:05.0156 5188 RasAcd - ok
11:20:05.0202 5188 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:20:05.0204 5188 Rasl2tp - ok
11:20:05.0255 5188 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:20:05.0257 5188 RasPppoe - ok
11:20:05.0301 5188 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:20:05.0303 5188 RasSstp - ok
11:20:05.0345 5188 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:20:05.0348 5188 rdbss - ok
11:20:05.0384 5188 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:20:05.0386 5188 RDPCDD - ok
11:20:05.0430 5188 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
11:20:05.0433 5188 rdpdr - ok
11:20:05.0452 5188 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:20:05.0454 5188 RDPENCDD - ok
11:20:05.0488 5188 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:20:05.0491 5188 RDPWD - ok
11:20:05.0549 5188 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
11:20:05.0551 5188 RFCOMM - ok
11:20:05.0595 5188 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
11:20:05.0596 5188 rimmptsk - ok
11:20:05.0644 5188 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
11:20:05.0645 5188 rimsptsk - ok
11:20:05.0670 5188 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
11:20:05.0671 5188 rismxdp - ok
11:20:05.0733 5188 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:20:05.0734 5188 rspndr - ok
11:20:05.0782 5188 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:20:05.0783 5188 sbp2port - ok
11:20:05.0850 5188 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
11:20:05.0852 5188 sdbus - ok
11:20:05.0878 5188 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:20:05.0879 5188 secdrv - ok
11:20:05.0928 5188 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:20:05.0929 5188 Serenum - ok
11:20:05.0965 5188 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:20:05.0967 5188 Serial - ok
11:20:06.0024 5188 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:20:06.0025 5188 sermouse - ok
11:20:06.0085 5188 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
11:20:06.0086 5188 sffdisk - ok
11:20:06.0122 5188 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:20:06.0123 5188 sffp_mmc - ok
11:20:06.0161 5188 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:20:06.0162 5188 sffp_sd - ok
11:20:06.0194 5188 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:20:06.0195 5188 sfloppy - ok
11:20:06.0238 5188 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:20:06.0239 5188 sisagp - ok
11:20:06.0268 5188 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:20:06.0270 5188 SiSRaid2 - ok
11:20:06.0301 5188 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:20:06.0302 5188 SiSRaid4 - ok
11:20:06.0361 5188 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:20:06.0364 5188 Smb - ok
11:20:06.0431 5188 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:20:06.0433 5188 spldr - ok
11:20:06.0530 5188 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:20:06.0535 5188 srv - ok
11:20:06.0588 5188 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:20:06.0591 5188 srv2 - ok
11:20:06.0668 5188 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:20:06.0672 5188 srvnet - ok
11:20:06.0717 5188 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:20:06.0719 5188 ssmdrv - ok
11:20:06.0784 5188 STHDA (8ee25fad17c309687eab8b963c05478a) C:\Windows\system32\drivers\stwrt.sys
11:20:06.0789 5188 STHDA - ok
11:20:06.0879 5188 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:20:06.0880 5188 swenum - ok
11:20:06.0943 5188 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:20:06.0945 5188 Symc8xx - ok
11:20:06.0982 5188 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:20:06.0984 5188 Sym_hi - ok
11:20:07.0031 5188 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:20:07.0032 5188 Sym_u3 - ok
11:20:07.0135 5188 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
11:20:07.0149 5188 Tcpip - ok
11:20:07.0213 5188 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
11:20:07.0226 5188 Tcpip6 - ok
11:20:07.0273 5188 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:20:07.0275 5188 tcpipreg - ok
11:20:07.0325 5188 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
11:20:07.0327 5188 TcUsb - ok
11:20:07.0395 5188 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:20:07.0397 5188 TDPIPE - ok
11:20:07.0430 5188 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:20:07.0433 5188 TDTCP - ok
11:20:07.0488 5188 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:20:07.0491 5188 tdx - ok
11:20:07.0538 5188 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:20:07.0540 5188 TermDD - ok
11:20:07.0620 5188 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:20:07.0622 5188 tssecsrv - ok
11:20:07.0677 5188 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:20:07.0680 5188 tunmp - ok
11:20:07.0724 5188 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:20:07.0726 5188 tunnel - ok
11:20:07.0786 5188 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:20:07.0788 5188 uagp35 - ok
11:20:07.0852 5188 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:20:07.0856 5188 udfs - ok
11:20:07.0909 5188 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:20:07.0913 5188 uliagpkx - ok
11:20:07.0961 5188 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:20:07.0965 5188 uliahci - ok
11:20:08.0011 5188 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:20:08.0013 5188 UlSata - ok
11:20:08.0059 5188 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:20:08.0061 5188 ulsata2 - ok
11:20:08.0118 5188 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:20:08.0120 5188 umbus - ok
11:20:08.0213 5188 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
11:20:08.0215 5188 USBAAPL - ok
11:20:08.0256 5188 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:20:08.0258 5188 usbccgp - ok
11:20:08.0299 5188 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:20:08.0301 5188 usbcir - ok
11:20:08.0349 5188 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:20:08.0350 5188 usbehci - ok
11:20:08.0404 5188 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:20:08.0407 5188 usbhub - ok
11:20:08.0446 5188 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:20:08.0448 5188 usbohci - ok
11:20:08.0521 5188 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:20:08.0522 5188 usbprint - ok
11:20:08.0572 5188 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:20:08.0574 5188 USBSTOR - ok
11:20:08.0641 5188 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:20:08.0642 5188 usbuhci - ok
11:20:08.0723 5188 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:20:08.0726 5188 usbvideo - ok
11:20:08.0774 5188 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:20:08.0776 5188 vga - ok
11:20:08.0830 5188 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:20:08.0832 5188 VgaSave - ok
11:20:08.0883 5188 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:20:08.0885 5188 viaagp - ok
11:20:08.0924 5188 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:20:08.0926 5188 ViaC7 - ok
11:20:08.0987 5188 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
11:20:08.0989 5188 viaide - ok
11:20:09.0044 5188 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:20:09.0046 5188 volmgr - ok
11:20:09.0102 5188 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:20:09.0107 5188 volmgrx - ok
11:20:09.0146 5188 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:20:09.0150 5188 volsnap - ok
11:20:09.0194 5188 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:20:09.0196 5188 vsmraid - ok
11:20:09.0244 5188 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:20:09.0246 5188 WacomPen - ok
11:20:09.0294 5188 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:20:09.0296 5188 Wanarp - ok
11:20:09.0304 5188 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:20:09.0309 5188 Wanarpv6 - ok
11:20:09.0359 5188 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:20:09.0360 5188 Wd - ok
11:20:09.0421 5188 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:20:09.0429 5188 Wdf01000 - ok
11:20:09.0512 5188 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:20:09.0512 5188 WmiAcpi - ok
11:20:09.0584 5188 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:20:09.0585 5188 WpdUsb - ok
11:20:09.0667 5188 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:20:09.0668 5188 ws2ifsl - ok
11:20:09.0723 5188 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:20:09.0725 5188 WUDFRd - ok
11:20:09.0753 5188 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:20:09.0775 5188 \Device\Harddisk0\DR0 - ok
11:20:09.0788 5188 Boot (0x1200) (15f93fe1162f4999da6fd0e9c41b9032) \Device\Harddisk0\DR0\Partition0
11:20:09.0789 5188 \Device\Harddisk0\DR0\Partition0 - ok
11:20:09.0794 5188 Boot (0x1200) (422677f3cbdd94234fdca15246ace583) \Device\Harddisk0\DR0\Partition1
11:20:09.0795 5188 \Device\Harddisk0\DR0\Partition1 - ok
11:20:09.0796 5188 ============================================================
11:20:09.0796 5188 Scan finished
11:20:09.0796 5188 ============================================================
11:20:09.0803 5716 Detected object count: 0
11:20:09.0803 5716 Actual detected object count: 0

Alt 24.09.2011, 12:09   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
nochmal: http://www.searchqu.com/413 - Standard

nochmal: http://www.searchqu.com/413



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu nochmal: http://www.searchqu.com/413
als startseite, anti-malware, appdata, bösartige, dateien, explorer, files, gefunde, installiere, installieren, local, log-datei, malwarebytes, minute, objekte, program, seite, service, spyware.onlinegames, startseite, temp, troja, trojan.clicker, users, version, verzeichnisse



Ähnliche Themen: nochmal: http://www.searchqu.com/413


  1. Vista - Malwarebytes findet http://www.searchqu.com/406 und PUP.Optional.Searchqu.A
    Log-Analyse und Auswertung - 16.09.2013 (5)
  2. und nochmal searchqu
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (14)
  3. http://www.searchqu.com/406
    Log-Analyse und Auswertung - 10.01.2012 (24)
  4. http://www.searchqu.com/420 - Problem!
    Plagegeister aller Art und deren Bekämpfung - 22.12.2011 (5)
  5. http://www.searchqu.com/410 als Startseite - Frust!
    Log-Analyse und Auswertung - 13.12.2011 (10)
  6. http://www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 05.12.2011 (30)
  7. http://www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (14)
  8. http://www.searchqu.com/410
    Log-Analyse und Auswertung - 20.11.2011 (36)
  9. wie kann ich (http://www.searchqu.com/410) löschen
    Log-Analyse und Auswertung - 20.11.2011 (2)
  10. http://www.searchqu.com/406 kann ich nicht loswerden......
    Log-Analyse und Auswertung - 22.09.2011 (2)
  11. http://www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 01.08.2011 (60)
  12. http://www.searchqu.com/406 als Startseite bekomme es nicht weg
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (1)
  13. http://www.searchqu.com/406
    Log-Analyse und Auswertung - 07.07.2011 (8)
  14. Virus: http://www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (9)
  15. Startseite wird immer mit http://www.searchqu.com/406 gestartet
    Plagegeister aller Art und deren Bekämpfung - 18.06.2011 (5)
  16. Möglicherweise Trojaner? http://www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 09.06.2011 (26)
  17. http://www.searchqu.com - ändert die Startseite .
    Log-Analyse und Auswertung - 04.05.2011 (1)

Zum Thema nochmal: http://www.searchqu.com/413 - Hallo zusammen. Ich habe die o.g. Seite als Startseite und bekomme Sie nicht weg. Habe hier gelesen, dass ich Malwarebytes installieren und durchlaufen lassen soll. Hab ich gemacht. Hier die - nochmal: http://www.searchqu.com/413...
Archiv
Du betrachtest: nochmal: http://www.searchqu.com/413 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.