| |
| |||||||
Log-Analyse und Auswertung: Dringend Hilfe gesucht!! Virus "BOO/TDss.D" auf dem Bootsektor, Masterbootsektor HD0Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.10.2011, 01:37
| #1 |
| |  Dringend Hilfe gesucht!! Virus Hallo, ich verzweifele hier seit Stunden an einem Virus. Ich war im Internet und auf einmal fragt mein Pc ob ich ein Programm auf meinen Pc zugreifen lassen möchte. Ich kannte es nicht und habe zwei Mal auf Nein gedrückt. Es ging nicht weg und dann bin ich beim dritten Mal aus versehena auf "Ja" gekommen und dann war der Virus auf meinem Pc.  Avira hat sich auch direkt eingeschaltet und den Virus gemeldet. Er trägt den Namen: "BOO/TDss.D" und befindet sich auf dem Bootsektor. Ich hoffe, ich habe alles richtig befolgt. Bitte sonst schreiben. Hier meine Auszüge: 1. TDSSKiller: Code:
ATTFilter 01:22:32.0124 4456 TDSS rootkit removing tool 2.6.5.0 Oct 5 2011 20:52:46
01:22:34.0125 4456 ============================================================
01:22:34.0125 4456 Current date / time: 2011/10/06 01:22:34.0125
01:22:34.0125 4456 SystemInfo:
01:22:34.0125 4456
01:22:34.0125 4456 OS Version: 6.1.7600 ServicePack: 0.0
01:22:34.0125 4456 Product type: Workstation
01:22:34.0125 4456 ComputerName: STEPHIE-VAIO
01:22:34.0126 4456 UserName: Stephie
01:22:34.0126 4456 Windows directory: C:\Windows
01:22:34.0126 4456 System windows directory: C:\Windows
01:22:34.0126 4456 Running under WOW64
01:22:34.0126 4456 Processor architecture: Intel x64
01:22:34.0126 4456 Number of processors: 4
01:22:34.0126 4456 Page size: 0x1000
01:22:34.0126 4456 Boot type: Normal boot
01:22:34.0126 4456 ============================================================
01:22:34.0322 4456 Initialize success
01:23:14.0826 5420 ============================================================
01:23:14.0826 5420 Scan started
01:23:14.0826 5420 Mode: Manual;
01:23:14.0826 5420 ============================================================
01:23:15.0098 5420 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
01:23:15.0103 5420 1394ohci - ok
01:23:15.0133 5420 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
01:23:15.0139 5420 ACPI - ok
01:23:15.0163 5420 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
01:23:15.0164 5420 AcpiPmi - ok
01:23:15.0219 5420 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:23:15.0229 5420 adp94xx - ok
01:23:15.0271 5420 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:23:15.0278 5420 adpahci - ok
01:23:15.0321 5420 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:23:15.0325 5420 adpu320 - ok
01:23:15.0396 5420 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
01:23:15.0405 5420 AFD - ok
01:23:15.0433 5420 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:23:15.0435 5420 agp440 - ok
01:23:15.0468 5420 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:23:15.0470 5420 aliide - ok
01:23:15.0503 5420 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:23:15.0504 5420 amdide - ok
01:23:15.0531 5420 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:23:15.0533 5420 AmdK8 - ok
01:23:15.0579 5420 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:23:15.0581 5420 AmdPPM - ok
01:23:15.0619 5420 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
01:23:15.0622 5420 amdsata - ok
01:23:15.0667 5420 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:23:15.0671 5420 amdsbs - ok
01:23:15.0690 5420 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
01:23:15.0691 5420 amdxata - ok
01:23:15.0731 5420 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
01:23:15.0736 5420 ApfiltrService - ok
01:23:15.0764 5420 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
01:23:15.0767 5420 AppID - ok
01:23:15.0833 5420 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:23:15.0836 5420 arc - ok
01:23:15.0861 5420 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:23:15.0863 5420 arcsas - ok
01:23:15.0901 5420 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:23:15.0902 5420 ArcSoftKsUFilter - ok
01:23:15.0932 5420 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:23:15.0934 5420 AsyncMac - ok
01:23:15.0957 5420 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:23:15.0959 5420 atapi - ok
01:23:16.0027 5420 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
01:23:16.0052 5420 athr - ok
01:23:16.0188 5420 atikmdag (eaea2ce49de0cca80beb9134107e5dd7) C:\Windows\system32\DRIVERS\atikmdag.sys
01:23:16.0321 5420 atikmdag - ok
01:23:16.0436 5420 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
01:23:16.0439 5420 avgntflt - ok
01:23:16.0456 5420 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
01:23:16.0458 5420 avipbb - ok
01:23:16.0494 5420 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:23:16.0502 5420 b06bdrv - ok
01:23:16.0531 5420 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:23:16.0536 5420 b57nd60a - ok
01:23:16.0559 5420 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:23:16.0561 5420 Beep - ok
01:23:16.0583 5420 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
01:23:16.0585 5420 blbdrive - ok
01:23:16.0668 5420 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
01:23:16.0670 5420 bowser - ok
01:23:16.0702 5420 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:23:16.0704 5420 BrFiltLo - ok
01:23:16.0739 5420 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:23:16.0741 5420 BrFiltUp - ok
01:23:16.0796 5420 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:23:16.0801 5420 Brserid - ok
01:23:16.0827 5420 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:23:16.0828 5420 BrSerWdm - ok
01:23:16.0855 5420 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:23:16.0857 5420 BrUsbMdm - ok
01:23:16.0879 5420 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:23:16.0880 5420 BrUsbSer - ok
01:23:16.0935 5420 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
01:23:16.0937 5420 BthEnum - ok
01:23:16.0969 5420 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
01:23:16.0971 5420 BTHMODEM - ok
01:23:17.0001 5420 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
01:23:17.0004 5420 BthPan - ok
01:23:17.0067 5420 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
01:23:17.0079 5420 BTHPORT - ok
01:23:17.0120 5420 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
01:23:17.0123 5420 BTHUSB - ok
01:23:17.0163 5420 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
01:23:17.0169 5420 btwampfl - ok
01:23:17.0188 5420 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
01:23:17.0191 5420 btwaudio - ok
01:23:17.0228 5420 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\Impcd.sys
01:23:19.0768 5420 Impcd - ok
01:23:19.0844 5420 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
01:23:19.0882 5420 IntcAzAudAddService - ok
01:23:19.0921 5420 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
01:23:19.0927 5420 IntcDAud - ok
01:23:19.0960 5420 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:23:19.0962 5420 intelide - ok
01:23:19.0989 5420 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
01:23:19.0991 5420 intelppm - ok
01:23:20.0020 5420 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:23:20.0022 5420 IpFilterDriver - ok
01:23:20.0056 5420 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
01:23:20.0059 5420 IPMIDRV - ok
01:23:20.0074 5420 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:23:20.0077 5420 IPNAT - ok
01:23:20.0106 5420 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:23:20.0108 5420 IRENUM - ok
01:23:20.0135 5420 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:23:20.0136 5420 isapnp - ok
01:23:20.0162 5420 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
01:23:20.0166 5420 iScsiPrt - ok
01:23:20.0194 5420 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:23:20.0196 5420 kbdclass - ok
01:23:20.0225 5420 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
01:23:20.0226 5420 kbdhid - ok
01:23:20.0261 5420 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
01:23:20.0264 5420 KSecDD - ok
01:23:20.0285 5420 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
01:23:20.0289 5420 KSecPkg - ok
01:23:20.0310 5420 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:23:20.0312 5420 ksthunk - ok
01:23:20.0345 5420 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:23:20.0346 5420 lltdio - ok
01:23:20.0388 5420 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
01:23:20.0391 5420 LSI_FC - ok
01:23:20.0413 5420 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
01:23:20.0415 5420 LSI_SAS - ok
01:23:20.0450 5420 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
01:23:20.0452 5420 LSI_SAS2 - ok
01:23:20.0479 5420 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
01:23:20.0481 5420 LSI_SCSI - ok
01:23:20.0510 5420 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:23:20.0513 5420 luafv - ok
01:23:20.0558 5420 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
01:23:20.0559 5420 megasas - ok
01:23:20.0588 5420 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
01:23:20.0593 5420 MegaSR - ok
01:23:20.0627 5420 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:23:20.0629 5420 Modem - ok
01:23:20.0648 5420 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:23:20.0650 5420 monitor - ok
01:23:20.0667 5420 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:23:20.0668 5420 mouclass - ok
01:23:20.0693 5420 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
01:23:20.0695 5420 mouhid - ok
01:23:20.0722 5420 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
01:23:20.0724 5420 mountmgr - ok
01:23:20.0773 5420 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
01:23:20.0777 5420 mpio - ok
01:23:20.0805 5420 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:23:20.0808 5420 mpsdrv - ok
01:23:20.0840 5420 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
01:23:20.0843 5420 MRxDAV - ok
01:23:20.0882 5420 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:23:20.0885 5420 mrxsmb - ok
01:23:20.0936 5420 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:23:20.0943 5420 mrxsmb10 - ok
01:23:20.0983 5420 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:23:20.0986 5420 mrxsmb20 - ok
01:23:21.0014 5420 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
01:23:21.0016 5420 msahci - ok
01:23:21.0061 5420 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
01:23:21.0064 5420 msdsm - ok
01:23:21.0102 5420 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:23:21.0103 5420 Msfs - ok
01:23:21.0127 5420 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:23:21.0129 5420 mshidkmdf - ok
01:23:21.0175 5420 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:23:21.0176 5420 msisadrv - ok
01:23:21.0214 5420 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:23:21.0216 5420 MSKSSRV - ok
01:23:21.0239 5420 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:23:21.0241 5420 MSPCLOCK - ok
01:23:21.0259 5420 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:23:21.0260 5420 MSPQM - ok
01:23:21.0292 5420 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
01:23:21.0298 5420 MsRPC - ok
01:23:21.0325 5420 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:23:21.0327 5420 mssmbios - ok
01:23:21.0346 5420 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:23:21.0348 5420 MSTEE - ok
01:23:21.0375 5420 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
01:23:21.0376 5420 MTConfig - ok
01:23:21.0401 5420 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:23:21.0403 5420 Mup - ok
01:23:21.0443 5420 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:23:21.0448 5420 NativeWifiP - ok
01:23:21.0486 5420 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
01:23:21.0501 5420 NDIS - ok
01:23:21.0526 5420 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:23:21.0528 5420 NdisCap - ok
01:23:21.0557 5420 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:23:21.0558 5420 NdisTapi - ok
01:23:21.0578 5420 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
01:23:21.0580 5420 Ndisuio - ok
01:23:21.0611 5420 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
01:23:21.0615 5420 NdisWan - ok
01:23:21.0627 5420 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
01:23:21.0629 5420 NDProxy - ok
01:23:21.0654 5420 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:23:21.0655 5420 NetBIOS - ok
01:23:21.0677 5420 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
01:23:21.0681 5420 NetBT - ok
01:23:21.0734 5420 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
01:23:21.0736 5420 nfrd960 - ok
01:23:21.0796 5420 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:23:21.0797 5420 Npfs - ok
01:23:21.0822 5420 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:23:21.0823 5420 nsiproxy - ok
01:23:21.0907 5420 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
01:23:21.0940 5420 Ntfs - ok
01:23:21.0961 5420 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:23:21.0963 5420 Null - ok
01:23:22.0017 5420 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
01:23:22.0020 5420 nvraid - ok
01:23:22.0051 5420 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
01:23:22.0054 5420 nvstor - ok
01:23:22.0098 5420 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:23:22.0101 5420 nv_agp - ok
01:23:22.0138 5420 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:23:22.0140 5420 ohci1394 - ok
01:23:22.0196 5420 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
01:23:22.0199 5420 Parport - ok
01:23:22.0229 5420 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
01:23:22.0231 5420 partmgr - ok
01:23:22.0258 5420 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
01:23:22.0261 5420 pci - ok
01:23:22.0291 5420 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:23:22.0292 5420 pciide - ok
01:23:22.0327 5420 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
01:23:22.0331 5420 pcmcia - ok
01:23:22.0376 5420 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:23:22.0378 5420 pcw - ok
01:23:22.0415 5420 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:23:22.0425 5420 PEAUTH - ok
01:23:22.0479 5420 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
01:23:22.0482 5420 PptpMiniport - ok
01:23:22.0516 5420 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
01:23:22.0518 5420 Processor - ok
01:23:22.0558 5420 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
01:23:22.0561 5420 Psched - ok
01:23:22.0599 5420 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
01:23:22.0601 5420 PxHlpa64 - ok
01:23:22.0676 5420 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
01:23:22.0706 5420 ql2300 - ok
01:23:22.0746 5420 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
01:23:22.0749 5420 ql40xx - ok
01:23:22.0791 5420 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:23:22.0793 5420 QWAVEdrv - ok
01:23:22.0815 5420 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:23:22.0817 5420 RasAcd - ok
01:23:22.0845 5420 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:23:22.0847 5420 RasAgileVpn - ok
01:23:22.0885 5420 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:23:22.0887 5420 Rasl2tp - ok
01:23:22.0907 5420 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:23:22.0910 5420 RasPppoe - ok
01:23:22.0934 5420 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:23:22.0936 5420 RasSstp - ok
01:23:22.0967 5420 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
01:23:22.0972 5420 rdbss - ok
01:23:23.0007 5420 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
01:23:23.0008 5420 rdpbus - ok
01:23:23.0037 5420 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:23:23.0038 5420 RDPCDD - ok
01:23:23.0065 5420 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:23:23.0066 5420 RDPENCDD - ok
01:23:23.0083 5420 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:23:23.0084 5420 RDPREFMP - ok
01:23:23.0114 5420 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
01:23:23.0118 5420 RDPWD - ok
01:23:23.0156 5420 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
01:23:23.0161 5420 rdyboost - ok
01:23:23.0190 5420 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
01:23:23.0193 5420 RFCOMM - ok
01:23:23.0229 5420 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
\drivers\stexstor.sys
01:23:24.0083 5420 stexstor - ok
01:23:24.0108 5420 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:23:24.0110 5420 swenum - ok
01:23:24.0192 5420 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
01:23:24.0219 5420 Tcpip - ok
01:23:24.0261 5420 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
01:23:24.0272 5420 TCPIP6 - ok
01:23:24.0317 5420 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
01:23:24.0319 5420 tcpipreg - ok
01:23:24.0349 5420 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:23:24.0350 5420 TDPIPE - ok
01:23:24.0367 5420 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
01:23:24.0368 5420 TDTCP - ok
01:23:24.0395 5420 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
01:23:24.0397 5420 tdx - ok
01:23:24.0435 5420 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
01:23:24.0437 5420 TermDD - ok
01:23:24.0473 5420 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:23:24.0475 5420 tssecsrv - ok
01:23:24.0499 5420 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
01:23:24.0502 5420 tunnel - ok
01:23:24.0528 5420 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:23:24.0530 5420 uagp35 - ok
01:23:24.0567 5420 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
01:23:24.0573 5420 udfs - ok
01:23:24.0610 5420 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:23:24.0612 5420 uliagpkx - ok
01:23:24.0655 5420 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
01:23:24.0658 5420 umbus - ok
01:23:24.0694 5420 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
01:23:24.0696 5420 UmPass - ok
01:23:24.0763 5420 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:23:24.0765 5420 USBAAPL64 - ok
01:23:24.0813 5420 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
01:23:24.0815 5420 usbccgp - ok
01:23:24.0857 5420 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:23:24.0860 5420 usbcir - ok
01:23:24.0887 5420 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
01:23:24.0889 5420 usbehci - ok
01:23:24.0919 5420 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
01:23:24.0925 5420 usbhub - ok
01:23:24.0966 5420 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
01:23:24.0967 5420 usbohci - ok
01:23:25.0013 5420 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
01:23:25.0014 5420 usbprint - ok
01:23:25.0056 5420 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:23:25.0058 5420 USBSTOR - ok
01:23:25.0106 5420 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
01:23:25.0107 5420 usbuhci - ok
01:23:25.0155 5420 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
01:23:25.0160 5420 usbvideo - ok
01:23:25.0245 5420 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:23:25.0246 5420 vdrvroot - ok
01:23:25.0279 5420 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:23:25.0280 5420 vga - ok
01:23:25.0309 5420 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:23:25.0310 5420 VgaSave - ok
01:23:25.0362 5420 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
01:23:25.0367 5420 vhdmp - ok
01:23:25.0389 5420 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:23:25.0391 5420 viaide - ok
01:23:25.0417 5420 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
01:23:25.0420 5420 volmgr - ok
01:23:25.0459 5420 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
01:23:25.0466 5420 volmgrx - ok
01:23:25.0492 5420 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
01:23:25.0498 5420 volsnap - ok
01:23:25.0527 5420 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:23:25.0531 5420 vsmraid - ok
01:23:25.0577 5420 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:23:25.0578 5420 vwifibus - ok
01:23:25.0602 5420 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:23:25.0604 5420 vwififlt - ok
01:23:25.0648 5420 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:23:25.0650 5420 WacomPen - ok
01:23:25.0680 5420 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:23:25.0682 5420 WANARP - ok
01:23:25.0687 5420 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:23:25.0689 5420 Wanarpv6 - ok
01:23:25.0734 5420 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:23:25.0735 5420 Wd - ok
01:23:25.0781 5420 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:23:25.0793 5420 Wdf01000 - ok
01:23:25.0845 5420 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:23:25.0847 5420 WfpLwf - ok
01:23:25.0876 5420 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:23:25.0878 5420 WIMMount - ok
01:23:25.0928 5420 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:23:25.0929 5420 WmiAcpi - ok
01:23:25.0975 5420 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:23:25.0977 5420 ws2ifsl - ok
01:23:26.0004 5420 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
01:23:26.0007 5420 WudfPf - ok
01:23:26.0029 5420 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:23:26.0032 5420 WUDFRd - ok
01:23:26.0078 5420 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
01:23:26.0085 5420 yukonw7 - ok
01:23:26.0107 5420 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:23:26.0127 5420 \Device\Harddisk0\DR0 - ok
01:23:26.0130 5420 Boot (0x1200) (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
01:23:26.0131 5420 \Device\Harddisk0\DR0\Partition0 - ok
01:23:26.0142 5420 Boot (0x1200) (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
01:23:26.0144 5420 \Device\Harddisk0\DR0\Partition1 - ok
01:23:26.0144 5420 ============================================================
01:23:26.0144 5420 Scan finished
01:23:26.0144 5420 ============================================================
01:23:26.0154 5244 Detected object count: 0
01:23:26.0154 5244 Actual detected object count: 0
01:23:40.0439 5392 ============================================================
01:23:40.0441 5392 Scan started
01:23:40.0441 5392 Mode: Manual; SigCheck; TDLFS;
01:23:40.0441 5392 ============================================================
01:23:40.0591 5392 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
01:23:40.0728 5392 1394ohci - ok
01:23:40.0770 5392 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
01:23:40.0793 5392 ACPI - ok
01:23:40.0812 5392 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
01:23:40.0871 5392 AcpiPmi - ok
01:23:40.0911 5392 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:23:40.0931 5392 adp94xx - ok
01:23:40.0974 5392 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:23:40.0989 5392 adpahci - ok
01:23:41.0023 5392 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:23:41.0036 5392 adpu320 - ok
01:23:41.0101 5392 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
01:23:41.0169 5392 AFD - ok
01:23:41.0193 5392 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:23:41.0209 5392 agp440 - ok
01:23:41.0240 5392 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:23:41.0254 5392 aliide - ok
01:23:41.0274 5392 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:23:41.0283 5392 amdide - ok
01:23:41.0324 5392 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:23:41.0368 5392 AmdK8 - ok
01:23:41.0394 5392 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:23:41.0424 5392 AmdPPM - ok
01:23:41.0468 5392 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
01:23:41.0482 5392 amdsata - ok
01:23:41.0516 5392 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:23:41.0528 5392 amdsbs - ok
01:23:41.0550 5392 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
01:23:41.0560 5392 amdxata - ok
01:23:41.0590 5392 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
01:23:41.0654 5392 ApfiltrService - ok
01:23:41.0680 5392 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
01:23:41.0823 5392 AppID - ok
01:23:41.0871 5392 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:23:41.0881 5392 arc - ok
01:23:41.0910 5392 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:23:41.0921 5392 arcsas - ok
01:23:41.0961 5392 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:23:41.0969 5392 ArcSoftKsUFilter - ok
01:23:42.0008 5392 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:23:42.0173 5392 AsyncMac - ok
01:23:42.0206 5392 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:23:42.0215 5392 atapi - ok
01:23:42.0281 5392 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
01:23:42.0346 5392 athr - ok
01:23:42.0499 5392 atikmdag (eaea2ce49de0cca80beb9134107e5dd7) C:\Windows\system32\DRIVERS\atikmdag.sys
01:23:42.0631 5392 atikmdag - ok
01:23:42.0752 5392 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
01:23:42.0765 5392 avgntflt - ok
01:23:42.0782 5392 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
01:23:42.0794 5392 avipbb - ok
01:23:42.0833 5392 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:23:42.0893 5392 b06bdrv - ok
01:23:42.0925 5392 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:23:42.0969 5392 b57nd60a - ok
01:23:42.0997 5392 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:23:43.0055 5392 Beep - ok
01:23:43.0087 5392 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
01:23:43.0108 5392 blbdrive - ok
01:23:43.0161 5392 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
01:23:43.0217 5392 bowser - ok
01:23:43.0251 5392 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:23:43.0283 5392 BrFiltLo - ok
01:23:43.0311 5392 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:23:43.0333 5392 BrFiltUp - ok
01:23:43.0389 5392 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:23:43.0445 5392 Brserid - ok
01:23:43.0464 5392 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:23:43.0500 5392 BrSerWdm - ok
01:23:43.0527 5392 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:23:43.0560 5392 BrUsbMdm - ok
01:23:43.0583 5392 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:23:43.0607 5392 BrUsbSer - ok
01:23:43.0650 5392 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
01:23:43.0698 5392 BthEnum - ok
01:23:43.0718 5392 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
01:23:43.0755 5392 BTHMODEM - ok
01:23:43.0784 5392 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
01:23:43.0815 5392 BthPan - ok
01:23:43.0858 5392 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
01:23:43.0913 5392 BTHPORT - ok
01:23:43.0969 5392 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
01:23:43.0987 5392 BTHUSB - ok
01:23:44.0023 5392 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
01:23:44.0040 5392 btwampfl - ok
01:23:44.0059 5392 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
01:23:44.0067 5392 btwaudio - ok
01:23:44.0099 5392 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
01:23:44.0107 5392 btwavdt - ok
01:23:44.0129 5392 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
01:23:44.0136 5392 btwl2cap - ok
01:23:44.0174 5392 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
01:23:44.0187 5392 btwrchid - ok
01:23:44.0214 5392 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:23:44.0280 5392 cdfs - ok
01:23:44.0323 5392 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
01:23:44.0352 5392 cdrom - ok
01:23:44.0374 5392 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
01:23:44.0390 5392 circlass - ok
01:23:44.0430 5392 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:23:44.0446 5392 CLFS - ok
01:23:44.0476 5392 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
01:23:44.0505 5392 CmBatt - ok
01:23:44.0544 5392 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:23:44.0555 5392 cmdide - ok
01:23:44.0604 5392 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
01:23:44.0667 5392 CNG - ok
01:23:44.0695 5392 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
01:23:44.0708 5392 Compbatt - ok
01:23:44.0735 5392 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
01:23:44.0755 5392 CompositeBus - ok
01:23:44.0795 5392 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
01:23:44.0814 5392 crcdisk - ok
01:23:44.0877 5392 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
01:23:44.0933 5392 DfsC - ok
01:23:44.0971 5392 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:23:45.0044 5392 discache - ok
01:23:45.0069 5392 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
01:23:45.0078 5392 Disk - ok
01:23:45.0109 5392 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:23:45.0132 5392 drmkaud - ok
01:23:45.0174 5392 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
01:23:45.0198 5392 DXGKrnl - ok
01:23:45.0293 5392 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
01:23:45.0354 5392 ebdrv - ok
01:23:45.0460 5392 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
01:23:45.0489 5392 elxstor - ok
01:23:45.0520 5392 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:23:45.0550 5392 ErrDev - ok
01:23:45.0584 5392 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:23:45.0627 5392 exfat - ok
01:23:45.0657 5392 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:23:45.0711 5392 fastfat - ok
01:23:45.0743 5392 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
01:23:45.0781 5392 fdc - ok
01:23:45.0808 5392 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:23:45.0818 5392 FileInfo - ok
01:23:45.0838 5392 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:23:45.0881 5392 Filetrace - ok
01:23:45.0909 5392 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
01:23:45.0920 5392 flpydisk - ok
01:23:45.0952 5392 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
01:23:45.0965 5392 FltMgr - ok
01:23:45.0981 5392 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:23:45.0991 5392 FsDepends - ok
01:23:46.0013 5392 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
01:23:46.0022 5392 Fs_Rec - ok
01:23:46.0075 5392 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:23:46.0105 5392 fvevol - ok
01:23:46.0139 5392 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
01:23:46.0152 5392 gagp30kx - ok
01:23:46.0201 5392 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:23:46.0207 5392 GEARAspiWDM - ok
01:23:46.0233 5392 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:23:46.0310 5392 hcw85cir - ok
01:23:46.0336 5392 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
01:23:46.0372 5392 HdAudAddService - ok
01:23:46.0395 5392 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
01:23:46.0436 5392 HDAudBus - ok
01:23:46.0475 5392 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
01:23:46.0483 5392 HECIx64 - ok
01:23:46.0518 5392 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
01:23:46.0541 5392 HidBatt - ok
01:23:46.0573 5392 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
01:23:46.0604 5392 HidBth - ok
01:23:46.0631 5392 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
01:23:46.0664 5392 HidIr - ok
01:23:46.0699 5392 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys
01:23:46.0723 5392 HidUsb - ok
01:23:46.0762 5392 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
01:23:46.0771 5392 HpSAMD - ok
01:23:46.0805 5392 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
01:23:46.0854 5392 HTTP - ok
01:23:46.0878 5392 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
01:23:46.0888 5392 hwpolicy - ok
01:23:46.0926 5392 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:23:46.0952 5392 i8042prt - ok
01:23:47.0008 5392 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
01:23:47.0038 5392 iaStor - ok
01:23:47.0097 5392 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
01:23:47.0126 5392 iaStorV - ok
01:23:47.0359 5392 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
01:23:47.0492 5392 igfx ( UnsignedFile.Multi.Generic ) - warning
01:23:47.0492 5392 igfx - detected UnsignedFile.Multi.Generic (1)
01:23:47.0581 5392 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
01:23:47.0596 5392 iirsp - ok
01:23:47.0624 5392 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
01:23:47.0684 5392 Impcd - ok
01:23:47.0761 5392 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
01:23:47.0807 5392 IntcAzAudAddService - ok
01:23:47.0847 5392 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
01:23:47.0866 5392 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
01:23:47.0866 5392 IntcDAud - detected UnsignedFile.Multi.Generic (1)
01:23:47.0897 5392 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
\drivers\tdpipe.sys
01:23:55.0381 5392 TDPIPE - ok
01:23:55.0393 5392 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
01:23:55.0429 5392 TDTCP - ok
01:23:55.0463 5392 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
01:23:55.0500 5392 tdx - ok
01:23:55.0537 5392 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
01:23:55.0547 5392 TermDD - ok
01:23:55.0586 5392 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:23:55.0632 5392 tssecsrv - ok
01:23:55.0655 5392 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
01:23:55.0701 5392 tunnel - ok
01:23:55.0729 5392 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:23:55.0738 5392 uagp35 - ok
01:23:55.0767 5392 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
01:23:55.0830 5392 udfs - ok
01:23:55.0867 5392 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:23:55.0880 5392 uliagpkx - ok
01:23:55.0923 5392 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
01:23:55.0949 5392 umbus - ok
01:23:55.0974 5392 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
01:23:55.0989 5392 UmPass - ok
01:23:56.0031 5392 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:23:56.0066 5392 USBAAPL64 - ok
01:23:56.0114 5392 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
01:23:56.0170 5392 usbccgp - ok
01:23:56.0204 5392 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:23:56.0239 5392 usbcir - ok
01:23:56.0267 5392 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
01:23:56.0289 5392 usbehci - ok
01:23:56.0321 5392 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
01:23:56.0347 5392 usbhub - ok
01:23:56.0390 5392 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
01:23:56.0414 5392 usbohci - ok
01:23:56.0448 5392 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
01:23:56.0472 5392 usbprint - ok
01:23:56.0513 5392 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:23:56.0558 5392 USBSTOR - ok
01:23:56.0608 5392 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
01:23:56.0641 5392 usbuhci - ok
01:23:56.0691 5392 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
01:23:56.0759 5392 usbvideo - ok
01:23:56.0825 5392 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:23:56.0841 5392 vdrvroot - ok
01:23:56.0870 5392 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:23:56.0892 5392 vga - ok
01:23:56.0922 5392 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:23:56.0976 5392 VgaSave - ok
01:23:57.0020 5392 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
01:23:57.0045 5392 vhdmp - ok
01:23:57.0069 5392 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:23:57.0081 5392 viaide - ok
01:23:57.0108 5392 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
01:23:57.0122 5392 volmgr - ok
01:23:57.0150 5392 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
01:23:57.0164 5392 volmgrx - ok
01:23:57.0194 5392 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
01:23:57.0208 5392 volsnap - ok
01:23:57.0240 5392 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:23:57.0252 5392 vsmraid - ok
01:23:57.0290 5392 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:23:57.0307 5392 vwifibus - ok
01:23:57.0326 5392 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:23:57.0355 5392 vwififlt - ok
01:23:57.0395 5392 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:23:57.0423 5392 WacomPen - ok
01:23:57.0449 5392 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:23:57.0495 5392 WANARP - ok
01:23:57.0499 5392 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
01:23:57.0538 5392 Wanarpv6 - ok
01:23:57.0581 5392 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:23:57.0601 5392 Wd - ok
01:23:57.0638 5392 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:23:57.0658 5392 Wdf01000 - ok
01:23:57.0692 5392 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:23:57.0729 5392 WfpLwf - ok
01:23:57.0756 5392 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:23:57.0765 5392 WIMMount - ok
01:23:57.0819 5392 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:23:57.0852 5392 WmiAcpi - ok
01:23:57.0888 5392 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:23:57.0929 5392 ws2ifsl - ok
01:23:57.0962 5392 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
01:23:58.0015 5392 WudfPf - ok
01:23:58.0042 5392 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:23:58.0098 5392 WUDFRd - ok
01:23:58.0147 5392 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
01:23:58.0159 5392 yukonw7 - ok
01:23:58.0176 5392 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:23:58.0267 5392 \Device\Harddisk0\DR0 - ok
01:23:58.0272 5392 Boot (0x1200) (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
01:23:58.0273 5392 \Device\Harddisk0\DR0\Partition0 - ok
01:23:58.0311 5392 Boot (0x1200) (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
01:23:58.0313 5392 \Device\Harddisk0\DR0\Partition1 - ok
01:23:58.0313 5392 ============================================================
01:23:58.0313 5392 Scan finished
01:23:58.0313 5392 ============================================================
01:23:58.0326 5660 Detected object count: 2
01:23:58.0326 5660 Actual detected object count: 2
01:25:13.0434 5660 HKLM\SYSTEM\ControlSet001\services\igfx - will be deleted on reboot
01:25:13.0468 5660 HKLM\SYSTEM\ControlSet002\services\igfx - will be deleted on reboot
01:25:13.0487 5660 C:\Windows\system32\DRIVERS\igdkmd64.sys - will be deleted on reboot
01:25:13.0487 5660 igfx ( UnsignedFile.Multi.Generic ) - User select action: Delete
01:25:13.0491 5660 HKLM\SYSTEM\ControlSet001\services\IntcDAud - will be deleted on reboot
01:25:13.0492 5660 HKLM\SYSTEM\ControlSet002\services\IntcDAud - will be deleted on reboot
01:25:13.0494 5660 C:\Windows\system32\DRIVERS\IntcDAud.sys - will be deleted on reboot
01:25:13.0494 5660 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Delete
01:25:15.0624 5696 Deinitialize success
Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 7882
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
06.10.2011 00:47:03
mbam-log-2011-10-06 (00-47-03).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 358528
Laufzeit: 33 Minute(n), 29 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
3.1 OTL.txt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.10.2011 02:04:52 - Run 1 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Stephie\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 60,94% Memory free 7,71 Gb Paging File | 5,94 Gb Available in Paging File | 77,06% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,34 Gb Total Space | 355,21 Gb Free Space | 78,53% Space Free | Partition Type: NTFS Computer Name: STEPHIE-VAIO | User Name: Stephie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.10.06 01:59:21 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Stephie\Desktop\OTL.exe PRC - [2011.10.02 11:00:07 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.09.02 12:51:12 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2011.07.09 12:31:55 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.05.06 10:08:20 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2010.12.13 09:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010.06.01 03:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe ========== Modules (No Company Name) ========== MOD - [2011.10.02 11:00:07 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.09.19 19:16:23 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll MOD - [2011.09.19 19:16:22 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll MOD - [2011.09.19 19:16:20 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b6a8747fc31bd7eb902b39f884665b21\IAStorUtil.ni.dll MOD - [2011.09.19 19:16:17 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll MOD - [2011.09.19 19:16:11 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll MOD - [2011.09.19 19:15:20 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll MOD - [2011.09.19 19:15:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll MOD - [2011.09.19 19:15:15 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll MOD - [2011.09.19 19:15:11 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.05.16 07:14:53 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2010.07.28 23:09:49 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.07.28 23:09:45 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.04.20 10:50:52 | 001,021,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent) SRV:64bit: - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService) SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2010.06.24 22:06:19 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV:64bit: - [2010.06.09 15:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV:64bit: - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV:64bit: - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV:64bit: - [2010.06.08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV:64bit: - [2010.06.06 22:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2011.07.09 12:31:55 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.06 10:08:20 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.07.28 13:27:09 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.07.09 12:31:56 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.09 12:31:56 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.06.24 22:06:24 | 006,107,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2010.05.31 23:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.02 11:00:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.10 23:26:35 | 000,000,000 | ---D | M] [2011.03.15 18:42:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stephie\AppData\Roaming\mozilla\Extensions [2011.09.18 19:13:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stephie\AppData\Roaming\mozilla\Firefox\Profiles\gosderz2.default\extensions [2011.09.18 19:13:19 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Stephie\AppData\Roaming\mozilla\Firefox\Profiles\gosderz2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.03.15 18:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.10.02 11:00:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.05.16 17:53:41 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.05.16 17:53:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.05.16 17:53:41 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.05.16 17:53:41 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.05.16 17:53:41 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.05.16 17:53:41 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2011.10.06 01:15:01 | 000,000,000 | ---D | M] O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.10.06 01:59:17 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Stephie\Desktop\OTL.exe [2011.10.06 01:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.10.06 01:47:42 | 000,000,000 | ---D | C] -- C:\Users\Stephie\Documents\Simply Super Software [2011.10.06 01:47:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2011.10.06 01:47:37 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll [2011.10.06 01:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2011.10.06 01:47:36 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Simply Super Software [2011.10.06 01:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2011.10.06 01:14:27 | 000,000,000 | ---D | C] -- C:\Users\Stephie\Desktop\1 [2011.10.06 00:10:18 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Malwarebytes [2011.10.06 00:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.10.06 00:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.10.06 00:09:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.10.05 23:58:40 | 000,000,000 | ---D | C] -- C:\Users\Stephie\Neuer Ordner [2011.10.05 23:58:26 | 000,000,000 | ---D | C] -- C:\Users\Stephie\123 [2011.10.05 20:53:52 | 001,548,592 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Stephie\Desktop\TDSSKiller (2).exe [2011.10.01 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\skypePM [2011.10.01 18:12:02 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Skype [2011.09.25 15:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.09.25 15:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.09.17 12:53:20 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2011.09.17 12:53:20 | 000,000,000 | ---D | C] -- C:\Users\Stephie\Documents\FFOutput [2011.09.17 12:52:57 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2011.09.17 12:52:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime [2011.09.16 18:55:55 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Canneverbe Limited [2011.09.16 18:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2011.09.16 18:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2011.09.10 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Roaming\Apple Computer [2011.09.10 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Local\Apple Computer [2011.09.10 23:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.09.10 23:27:42 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2011.09.10 23:27:42 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2011.09.10 23:27:42 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2011.09.10 23:27:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.09.10 23:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.09.10 23:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.09.10 23:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.09.10 23:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.09.10 23:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.09.10 23:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.09.10 23:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.09.10 23:26:08 | 000,000,000 | ---D | C] -- C:\Users\Stephie\AppData\Local\Apple [2011.09.10 23:26:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.09.10 23:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2011.09.10 23:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011.09.10 23:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.09.10 23:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.09.10 23:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.09.10 22:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab [2011.09.10 22:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClipGrab [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.10.06 02:03:08 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.10.06 02:03:08 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.10.06 01:59:43 | 001,527,314 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.10.06 01:59:43 | 000,664,634 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.10.06 01:59:43 | 000,624,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.10.06 01:59:43 | 000,134,770 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.10.06 01:59:43 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.10.06 01:59:21 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Stephie\Desktop\OTL.exe [2011.10.06 01:55:16 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.10.06 01:55:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.10.06 01:55:03 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2011.10.06 01:33:39 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.06 01:22:10 | 001,548,592 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Stephie\Desktop\TDSSKiller (2).exe [2011.10.06 01:12:58 | 001,309,375 | ---- | M] () -- C:\Users\Stephie\Desktop\1.zip [2011.10.06 00:55:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.10.06 00:03:38 | 000,393,170 | ---- | M] () -- C:\test.xml [2011.10.06 00:02:13 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.10.05 00:16:16 | 000,001,103 | ---- | M] () -- C:\Users\Stephie\Dokumente - Verknüpfung.lnk [2011.10.01 18:17:50 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.09.25 15:45:40 | 000,000,206 | ---- | M] () -- C:\Users\Public\Documents\cc_20110925_154538.reg [2011.09.25 15:45:25 | 000,009,682 | ---- | M] () -- C:\Users\Public\Documents\cc_20110925_154522.reg [2011.09.25 15:45:08 | 000,025,662 | ---- | M] () -- C:\Users\Public\Documents\cc_20110925_154501.reg [2011.09.17 18:18:51 | 000,001,366 | ---- | M] () -- C:\Users\Stephie\Desktop\FFOutput - Verknüpfung.lnk [2011.09.17 12:52:57 | 000,001,198 | ---- | M] () -- C:\Users\Stephie\Desktop\Format Factory.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.10.06 01:47:37 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll [2011.10.06 01:47:37 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll [2011.10.06 01:47:37 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll [2011.10.06 01:47:36 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll [2011.10.06 01:33:39 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.06 01:12:55 | 001,309,375 | ---- | C] () -- C:\Users\Stephie\Desktop\1.zip [2011.10.06 00:02:13 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.10.05 00:16:16 | 000,001,103 | ---- | C] () -- C:\Users\Stephie\Dokumente - Verknüpfung.lnk [2011.10.01 18:17:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.09.25 15:45:39 | 000,000,206 | ---- | C] () -- C:\Users\Public\Documents\cc_20110925_154538.reg [2011.09.25 15:45:23 | 000,009,682 | ---- | C] () -- C:\Users\Public\Documents\cc_20110925_154522.reg [2011.09.25 15:45:04 | 000,025,662 | ---- | C] () -- C:\Users\Public\Documents\cc_20110925_154501.reg [2011.09.25 15:38:42 | 3106,480,128 | -HS- | C] () -- C:\hiberfil.sys [2011.09.17 18:18:51 | 000,001,366 | ---- | C] () -- C:\Users\Stephie\Desktop\FFOutput - Verknüpfung.lnk [2011.09.17 12:52:57 | 000,001,198 | ---- | C] () -- C:\Users\Stephie\Desktop\Format Factory.lnk [2011.08.07 20:17:48 | 001,554,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.25 17:59:57 | 000,007,597 | ---- | C] () -- C:\Users\Stephie\AppData\Local\Resmon.ResmonCfg [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.03.15 11:25:15 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\Auslogics [2011.09.16 18:55:55 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\Canneverbe Limited [2011.04.04 19:55:08 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\gtk-2.0 [2011.10.06 01:55:48 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\ICQ [2011.01.22 19:11:35 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\Simple Sudoku [2011.10.06 01:47:36 | 000,000,000 | ---D | M] -- C:\Users\Stephie\AppData\Roaming\Simply Super Software [2011.09.08 11:19:51 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Ich hoffe, ihr könnte mir helfen!!! Wenn ihr noch andere Informationen braucht, bitte bescheid geben! Vielen Dank schon mal. Viele Grüße, Stephie edit: Text zu OTL aus versehen doppelt gepostet, deswegen lösche ich diesen wieder Hat keiner eine Idee was ich noch machen könnte? |
|
11.10.2011, 15:35
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Dringend Hilfe gesucht!! Virus "BOO/TDss.D" auf dem Bootsektor, Masterbootsektor HD0 Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
| Themen zu Dringend Hilfe gesucht!! Virus "BOO/TDss.D" auf dem Bootsektor, Masterbootsektor HD0 |
| anti-malware, boo/tss.d, bootsektor, ccc, code, config, dateien, dringend, dringend hilfe gesucht, dxgkrnl, explorer, gesucht, harddisk, hilfe gesucht, intel, internet, malwarebytes, mas, namen, object, plug-in, programm, programme weg, progressive, rootkit, services, sigcheck, super, system32, tool, tunnel, unsignedfile.multi.generic, version, version=1.0, virus, webcheck |
Linear-Darstellung
