Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter

Rudolph · 14.10.2011, 00:33

Hallo,

seit gerade eben sind alle Icons verschwunden und der Desktophintergrund ist schwarz. Kurz davor meldete AntiVir ein Virus (?), welches ich entfernen lies. Es kommt auch die Nachricht, dass meine Festplatte bschädigt wäre. Erst waren noch einige Icons zu sehen, nach einen Neustart jedoch keine mehr. Nun wollte ich die Anweisungen befolgen und die entsprechenden Programme downloaden und deren Logs posten. Allerdings kommt nach ein paar Minuten ca. 20x die Meldung, dass meine Festplatte beschädigt ist, Firefox wird geschlossen und der PC fährt automatisch herunter. Ist es auch irgendwie möglich, ohne diese Logs eine Lösung zu finden? (Schreibe das gerade von einem anderen Computer)

Gruß,
Rudolph

cosinus · 16.10.2011, 13:58

Zitat:

Kurz davor meldete AntiVir ein Virus (?), welches ich entfernen lies.

Logs von AntiVir bitte alle nachreichen wenn möglich

Rudolph · 16.10.2011, 16:00

Hoffe, es ist das Richtige (?):

Code:

ATTFilter

Die Datei 'C:\Users\***\AppData\Local\Temp\plugtmp-31\plugin-dvgnkldlyziugu.pdf'
enthielt einen Virus oder unerwünschtes Programm 'EXP/Pidief.hdi' [exploit].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003.
Die Datei konnte nicht gelöscht werden!
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5274d02b.qua' verschoben!

cosinus · 16.10.2011, 16:43

Versuch mal bitte MBAM+ESET:

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Rudolph · 16.10.2011, 21:21

Malwarebytes:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7959

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 7.0.6001.18000

16.10.2011 18:43:39
mbam-log-2011-10-16 (18-43-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|)
Durchsuchte Objekte: 298307
Laufzeit: 44 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\POhWwySvraH.exe (Trojan.FakeAlert) -> Value: POhWwySvraH.exe -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\pohwwysvrah.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

ESET Online Scanner:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=fd993390a536834bbdf6076b89901e74
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-16 05:07:44
# local_time=2011-10-16 07:07:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1797 16775166 100 94 1141712 55321707 1206063 0
# compatibility_mode=5892 16776638 100 100 36730631 156317579 0 0
# compatibility_mode=8192 67108863 100 0 295 295 0 0
# scanned=340
# found=0
# cleaned=0
# scan_time=14
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=fd993390a536834bbdf6076b89901e74
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-16 05:15:52
# local_time=2011-10-16 07:15:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1797 16775166 100 94 1141847 55321842 1206198 0
# compatibility_mode=5892 16776638 100 100 36730766 156317714 0 0
# compatibility_mode=8192 67108863 100 0 430 430 0 0
# scanned=340
# found=0
# cleaned=0
# scan_time=367
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=fd993390a536834bbdf6076b89901e74
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-16 08:05:27
# local_time=2011-10-16 10:05:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1797 16775166 100 94 1142582 55322577 1206933 0
# compatibility_mode=5892 16776638 100 100 36731501 156318449 0 0
# compatibility_mode=8192 67108863 100 0 1165 1165 0 0
# scanned=139961
# found=3
# cleaned=0
# scan_time=9806
C:\$Recycle.Bin\S-1-5-21-3919767661-183490883-1508167686-1003\$RVKQ1NS.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
C:\Users\***\AppData\Local\Temp\plugtmp-31\plugin-dvgnkldlyziugu.pdf	JS/Exploit.Pdfka.OYH trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43993770-39c24085	a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean)	00000000000000000000000000000000	I

cosinus · 17.10.2011, 16:24

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Rudolph · 17.10.2011, 17:17

OTL:

Code:

ATTFilter

OTL logfile created on: 17.10.2011 17:49:31 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,96 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 79,93% Memory free
2,13 Gb Paging File | 1,91 Gb Available in Paging File | 89,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,65 Gb Total Space | 187,98 Gb Free Space | 84,81% Space Free | Partition Type: NTFS
Drive E: | 2,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Q: | 9,77 Gb Total Space | 3,01 Gb Free Space | 30,79% Space Free | Partition Type: NTFS
Drive S: | 1,46 Gb Total Space | 0,65 Gb Free Space | 44,47% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.17 17:46:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007.06.18 17:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (SessionLauncher)
SRV - [2011.10.13 12:39:17 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.29 21:10:19 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 23:18:55 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.18 14:11:40 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008.08.26 13:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008.08.08 12:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2008.08.07 13:23:18 | 000,238,880 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008.08.07 13:23:16 | 000,116,000 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008.05.24 17:17:54 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008.05.24 16:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008.04.30 20:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 20:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.25 09:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2008.04.25 09:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2008.04.25 09:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008.04.25 09:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008.04.25 09:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.03.14 03:08:38 | 000,054,560 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.05.24 14:33:32 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.08.29 21:10:24 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.08.29 21:10:24 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.11.20 20:38:34 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2008.08.20 16:55:34 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008.08.07 11:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.06.30 20:26:46 | 000,974,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2008.06.29 23:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008.05.24 16:28:22 | 000,048,192 | ---- | M] (Lenovo) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008.05.21 17:35:24 | 000,220,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.05.12 11:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008.04.28 07:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.18 17:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.03.14 15:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.02.22 16:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008.01.21 04:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007.10.18 09:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.18 17:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007.06.18 17:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007.06.18 17:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007.06.18 17:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007.06.18 17:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007.06.18 17:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007.06.18 17:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007.06.18 17:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.02.08 21:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.02.08 21:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.05 09:27:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 19:15:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.25 12:50:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011.04.03 13:40:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.09.28 21:29:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1ean2xci.default\extensions
[2011.04.17 22:54:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.16 20:53:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.17 22:54:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1EAN2XCI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1EAN2XCI.DEFAULT\EXTENSIONS\MOZREPL@HYPERSTRUCT.NET.XPI
[2010.08.11 09:42:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.10.05 09:27:32 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.05 09:27:29 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.05 09:27:29 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.05 09:27:29 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.05 09:27:29 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.05 09:27:29 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.05 09:27:29 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWlIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CameraApplicationLauncher] C:\Programme\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe ()
O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10n_Plugin.exe (Adobe Systems, Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{006347A8-4F48-4EF4-8F2C-9309841E3BC9}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\SWTOOLS\Wallpaper\1600x1200-Canyon.jpg
O24 - Desktop BackupWallPaper: C:\SWTOOLS\Wallpaper\1600x1200-Canyon.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.16 14:57:50 | 000,000,154 | R--- | M] () - E:\autorun.cfg -- [ UDF ]
O32 - AutoRun File - [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2006.09.11 15:26:42 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008.06.03 00:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell - "" = AutoRun
O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.30 00:37:58 | 000,180,224 | -HS- | M] ()
O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 18:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.17 17:46:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe
[2011.10.16 23:24:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.10.16 19:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.10.16 17:51:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.10.16 17:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.16 17:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.16 17:51:19 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.16 17:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.10 14:26:22 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Sozi
[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2008.11.20 20:09:44 | 000,131,072 | ---- | C] ( ) -- C:\Windows\vm331Rmv.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.17 17:46:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL(1).exe
[2011.10.17 17:45:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.17 17:45:02 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys
[2011.10.16 23:24:04 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2011.10.16 18:46:51 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\nsnmqxq.sys
[2011.10.16 17:51:26 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.14 01:25:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.14 01:25:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.14 01:25:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.10 02:22:26 | 000,000,000 | -H-- | M] () -- C:\Users\Public\Documents\AcSvc.dmp
[2011.10.09 14:23:06 | 000,000,129 | -H-- | M] () -- C:\Users\***\jagex_runescape_preferences2.dat
[2011.10.09 14:23:06 | 000,000,035 | -H-- | M] () -- C:\Users\***\jagex_runescape_preferences.dat
[2011.10.06 23:15:40 | 000,626,588 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.06 23:15:40 | 000,594,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.06 23:15:40 | 000,125,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.06 23:15:40 | 000,103,084 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.06 22:52:40 | 000,011,264 | -H-- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2011.10.16 23:24:04 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2011.10.16 18:46:51 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\nsnmqxq.sys
[2011.10.16 17:51:26 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.16 16:32:16 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys
[2011.02.14 16:28:37 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.25 15:48:02 | 000,011,264 | -H-- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2008.11.21 04:41:52 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.11.21 04:41:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.21 04:38:19 | 000,016,896 | ---- | C] () -- C:\Windows\Eventclr.exe
[2008.11.20 20:32:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.11.20 20:32:36 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.11.20 20:32:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.11.20 20:32:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.11.20 20:32:36 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.11.20 20:32:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.11.20 20:30:08 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2008.11.20 20:30:08 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2008.11.20 20:19:21 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008.11.20 20:19:20 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008.11.20 20:19:19 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.11.20 20:09:44 | 000,001,291 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2008.11.20 20:03:44 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.08.26 13:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008.04.16 15:44:40 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 15:44:38 | 000,626,588 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 15:44:38 | 000,125,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 15:44:38 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.04.16 04:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,413,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,594,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,084 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011.02.13 13:46:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2011.06.16 15:35:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Bitcoin
[2011.07.13 19:34:36 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\BosMon
[2010.09.27 17:14:39 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Replay Media Catcher 4
[2011.08.26 17:28:56 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Ryoku
[2011.07.19 15:59:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Sports Interactive
[2011.08.30 22:03:14 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Syas
[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.08.09 13:43:23 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Trillian
[2011.06.12 23:59:28 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\uTorrent
[2011.10.14 01:25:42 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.02.13 13:46:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2010.08.21 23:12:11 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2010.09.15 18:48:24 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Avira
[2011.06.16 15:35:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Bitcoin
[2011.07.13 19:34:36 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\BosMon
[2010.08.08 23:53:06 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Identities
[2010.08.08 23:54:48 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2011.10.16 17:51:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011.04.05 15:38:54 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2011.04.03 13:41:06 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2010.09.27 17:14:39 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Replay Media Catcher 4
[2011.07.09 15:17:07 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Roxio
[2011.08.26 17:28:56 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Ryoku
[2010.08.30 19:27:34 | 000,000,000 | RH-D | M] -- C:\Users\***\AppData\Roaming\SecuROM
[2011.07.19 15:59:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Sports Interactive
[2011.08.30 22:03:14 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Syas
[2010.08.09 13:45:10 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.08.09 13:43:23 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Trillian
[2011.06.12 23:59:28 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\uTorrent
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

cosinus · 17.10.2011, 17:36

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.16 14:57:50 | 000,000,154 | R--- | M] () - E:\autorun.cfg -- [ UDF ]
O32 - AutoRun File - [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2006.09.11 15:26:42 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008.06.03 00:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell - "" = AutoRun
O33 - MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008.07.30 00:37:58 | 000,180,224 | -HS- | M] ()
O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008.07.21 18:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.10.05 16:53:16 | 000,214,344 | R--- | M] (Sports Interactive)
[2011.10.17 17:45:02 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys
[2011.10.16 18:46:51 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\nsnmqxq.sys
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Rudolph · 17.10.2011, 17:50

OTL-Fix:

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. E:\autorun.cfg scheduled to be moved on reboot.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Q:\AUTORUN.INF moved successfully.
S:\AUTORUN.INF moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7a8d8d7-b76e-11dd-b9d1-001eec9bc825}\ not found.
S:\LenovoSDrive.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8f91d3e-b72c-11dd-874c-806e6f6e6963}\ not found.
Q:\LenovoQDrive.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File C:\Windows\System32\temppf.sys not found.
C:\Windows\System32\drivers\nsnmqxq.sys moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 19124235 bytes
->Temporary Internet Files folder emptied: 55408340 bytes
->Java cache emptied: 41314756 bytes
->FireFox cache emptied: 48365748 bytes
->Flash cache emptied: 217773 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 113153943 bytes
RecycleBin emptied: 1142871808 bytes
 
Total Files Cleaned = 1.355,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 10172011_184004

cosinus · 17.10.2011, 17:52

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Rudolph · 17.10.2011, 18:12

TDSS-Killer:

Code:

ATTFilter

18:55:25.0866 1200	TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
18:55:26.0417 1200	============================================================
18:55:26.0417 1200	Current date / time: 2011/10/17 18:55:26.0417
18:55:26.0418 1200	SystemInfo:
18:55:26.0418 1200	
18:55:26.0418 1200	OS Version: 6.0.6001 ServicePack: 1.0
18:55:26.0418 1200	Product type: Workstation
18:55:26.0418 1200	ComputerName: ***-PC
18:55:26.0419 1200	UserName: ***
18:55:26.0419 1200	Windows directory: C:\Windows
18:55:26.0419 1200	System windows directory: C:\Windows
18:55:26.0419 1200	Processor architecture: Intel x86
18:55:26.0419 1200	Number of processors: 2
18:55:26.0419 1200	Page size: 0x1000
18:55:26.0419 1200	Boot type: Safe boot with network
18:55:26.0419 1200	============================================================
18:55:26.0965 1200	Initialize success
18:56:23.0533 1120	============================================================
18:56:23.0533 1120	Scan started
18:56:23.0533 1120	Mode: Manual; SigCheck; TDLFS; 
18:56:23.0533 1120	============================================================
18:56:24.0032 1120	ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
18:56:24.0344 1120	ACPI - ok
18:56:24.0484 1120	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:56:24.0562 1120	adp94xx - ok
18:56:24.0640 1120	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:56:24.0687 1120	adpahci - ok
18:56:24.0734 1120	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:56:24.0781 1120	adpu160m - ok
18:56:24.0828 1120	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:56:24.0859 1120	adpu320 - ok
18:56:24.0968 1120	AFD             (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
18:56:25.0062 1120	AFD - ok
18:56:25.0124 1120	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:56:25.0155 1120	agp440 - ok
18:56:25.0202 1120	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:56:25.0233 1120	aic78xx - ok
18:56:25.0311 1120	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:56:25.0342 1120	aliide - ok
18:56:25.0389 1120	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:56:25.0420 1120	amdagp - ok
18:56:25.0498 1120	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:56:25.0514 1120	amdide - ok
18:56:25.0576 1120	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:56:25.0779 1120	AmdK7 - ok
18:56:25.0842 1120	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:56:25.0935 1120	AmdK8 - ok
18:56:26.0076 1120	ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:56:26.0154 1120	ApfiltrService - ok
18:56:26.0232 1120	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:56:26.0263 1120	arc - ok
18:56:26.0341 1120	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:56:26.0372 1120	arcsas - ok
18:56:26.0434 1120	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:26.0544 1120	AsyncMac - ok
18:56:26.0590 1120	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
18:56:26.0622 1120	atapi - ok
18:56:26.0731 1120	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
18:56:26.0762 1120	avgntflt - ok
18:56:26.0824 1120	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
18:56:26.0856 1120	avipbb - ok
18:56:26.0918 1120	b57nd60x        (f17463eddb3b6a988f939ff403e067c3) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:56:27.0027 1120	b57nd60x - ok
18:56:27.0105 1120	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:56:27.0199 1120	Beep - ok
18:56:27.0292 1120	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:56:27.0386 1120	blbdrive - ok
18:56:27.0448 1120	bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
18:56:27.0511 1120	bowser - ok
18:56:27.0573 1120	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:56:27.0729 1120	BrFiltLo - ok
18:56:27.0760 1120	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:56:27.0854 1120	BrFiltUp - ok
18:56:27.0932 1120	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:56:28.0275 1120	Brserid - ok
18:56:28.0384 1120	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:56:28.0556 1120	BrSerWdm - ok
18:56:28.0603 1120	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:56:28.0759 1120	BrUsbMdm - ok
18:56:28.0806 1120	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:56:28.0977 1120	BrUsbSer - ok
18:56:29.0040 1120	BthEnum         (ae19cfbbba41800f3d5343e21d2ca09f) C:\Windows\system32\DRIVERS\BthEnum.sys
18:56:29.0133 1120	BthEnum - ok
18:56:29.0211 1120	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:56:29.0367 1120	BTHMODEM - ok
18:56:29.0414 1120	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
18:56:29.0539 1120	BthPan - ok
18:56:29.0601 1120	BTHPORT         (75f19df0bc62992d05fdd8a32d968531) C:\Windows\system32\Drivers\BTHport.sys
18:56:29.0679 1120	BTHPORT - ok
18:56:29.0742 1120	BTHUSB          (4ce2a25c5936bc515357d60fee73f221) C:\Windows\system32\Drivers\BTHUSB.sys
18:56:29.0788 1120	BTHUSB - ok
18:56:29.0851 1120	btwaudio        (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
18:56:29.0882 1120	btwaudio - ok
18:56:29.0944 1120	btwavdt         (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
18:56:29.0960 1120	btwavdt - ok
18:56:30.0069 1120	btwl2cap        (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:56:30.0085 1120	btwl2cap - ok
18:56:30.0147 1120	btwrchid        (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:56:30.0163 1120	btwrchid - ok
18:56:30.0225 1120	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:56:30.0334 1120	cdfs - ok
18:56:30.0397 1120	cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
18:56:30.0490 1120	cdrom - ok
18:56:30.0537 1120	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:56:30.0631 1120	circlass - ok
18:56:30.0678 1120	CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
18:56:30.0756 1120	CLFS - ok
18:56:30.0865 1120	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:56:30.0958 1120	CmBatt - ok
18:56:31.0005 1120	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:56:31.0036 1120	cmdide - ok
18:56:31.0114 1120	CnxtHdAudService (8b7a0ce6613f991359ff95212900396c) C:\Windows\system32\drivers\CHDRT32.sys
18:56:31.0192 1120	CnxtHdAudService - ok
18:56:31.0224 1120	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:56:31.0255 1120	Compbatt - ok
18:56:31.0302 1120	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:56:31.0317 1120	crcdisk - ok
18:56:31.0380 1120	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:56:31.0473 1120	Crusoe - ok
18:56:31.0567 1120	DfsC            (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
18:56:31.0645 1120	DfsC - ok
18:56:31.0770 1120	disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
18:56:31.0785 1120	disk - ok
18:56:31.0879 1120	DLABMFSM        (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\Windows\system32\DLA\DLABMFSM.SYS
18:56:31.0910 1120	DLABMFSM - ok
18:56:31.0957 1120	DLABOIOM        (ad4cb3d783634c90a9d0ce360933a63c) C:\Windows\system32\DLA\DLABOIOM.SYS
18:56:31.0972 1120	DLABOIOM - ok
18:56:32.0035 1120	DLACDBHM        (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS
18:56:32.0050 1120	DLACDBHM - ok
18:56:32.0113 1120	DLADResM        (dae193b1ddc6914f56b767a4f1406351) C:\Windows\system32\DLA\DLADResM.SYS
18:56:32.0144 1120	DLADResM - ok
18:56:32.0206 1120	DLAIFS_M        (6a82f77c4a6f5235bf352f0028e2ef52) C:\Windows\system32\DLA\DLAIFS_M.SYS
18:56:32.0238 1120	DLAIFS_M - ok
18:56:32.0284 1120	DLAOPIOM        (0e6052c0ada37504896a847231a3907d) C:\Windows\system32\DLA\DLAOPIOM.SYS
18:56:32.0300 1120	DLAOPIOM - ok
18:56:32.0362 1120	DLAPoolM        (29670bb4e2b973c5b55a76107d4910b2) C:\Windows\system32\DLA\DLAPoolM.SYS
18:56:32.0378 1120	DLAPoolM - ok
18:56:32.0456 1120	DLARTL_M        (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS
18:56:32.0472 1120	DLARTL_M - ok
18:56:32.0518 1120	DLAUDFAM        (6b087732b86c1d866d69dbbe463ea90a) C:\Windows\system32\DLA\DLAUDFAM.SYS
18:56:32.0550 1120	DLAUDFAM - ok
18:56:32.0612 1120	DLAUDF_M        (bbeecb95f2841ae4a3e3690d46d7153d) C:\Windows\system32\DLA\DLAUDF_M.SYS
18:56:32.0628 1120	DLAUDF_M - ok
18:56:32.0768 1120	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:56:32.0846 1120	drmkaud - ok
18:56:32.0893 1120	DRVMCDB         (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS
18:56:32.0924 1120	DRVMCDB - ok
18:56:32.0955 1120	DRVNDDM         (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS
18:56:32.0971 1120	DRVNDDM - ok
18:56:33.0049 1120	DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
18:56:33.0174 1120	DXGKrnl - ok
18:56:33.0220 1120	e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
18:56:33.0330 1120	e1express - ok
18:56:33.0376 1120	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:56:33.0486 1120	E1G60 - ok
18:56:33.0564 1120	Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
18:56:33.0595 1120	Ecache - ok
18:56:33.0720 1120	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:56:33.0782 1120	elxstor - ok
18:56:33.0860 1120	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:56:33.0969 1120	ErrDev - ok
18:56:34.0094 1120	exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
18:56:34.0188 1120	exfat - ok
18:56:34.0250 1120	fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
18:56:34.0344 1120	fastfat - ok
18:56:34.0406 1120	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:56:34.0500 1120	fdc - ok
18:56:34.0593 1120	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:56:34.0624 1120	FileInfo - ok
18:56:34.0671 1120	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:56:34.0765 1120	Filetrace - ok
18:56:34.0827 1120	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:56:34.0952 1120	flpydisk - ok
18:56:35.0014 1120	FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
18:56:35.0061 1120	FltMgr - ok
18:56:35.0186 1120	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:56:35.0248 1120	Fs_Rec - ok
18:56:35.0295 1120	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:56:35.0326 1120	gagp30kx - ok
18:56:35.0404 1120	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:56:35.0576 1120	HdAudAddService - ok
18:56:35.0638 1120	HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:56:35.0716 1120	HDAudBus - ok
18:56:35.0763 1120	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:56:35.0935 1120	HidBth - ok
18:56:35.0966 1120	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:56:36.0122 1120	HidIr - ok
18:56:36.0216 1120	HidUsb          (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
18:56:36.0294 1120	HidUsb - ok
18:56:36.0340 1120	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:56:36.0387 1120	HpCISSs - ok
18:56:36.0465 1120	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:56:36.0574 1120	HSFHWAZL - ok
18:56:36.0684 1120	HSF_DPV         (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:56:36.0808 1120	HSF_DPV - ok
18:56:36.0886 1120	HSXHWAZL        (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:56:36.0949 1120	HSXHWAZL - ok
18:56:37.0027 1120	HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
18:56:37.0136 1120	HTTP - ok
18:56:37.0183 1120	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:56:37.0214 1120	i2omp - ok
18:56:37.0292 1120	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:56:37.0370 1120	i8042prt - ok
18:56:37.0448 1120	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:56:37.0495 1120	iaStorV - ok
18:56:37.0963 1120	igfx            (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:56:38.0774 1120	igfx - ok
18:56:38.0883 1120	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:56:38.0914 1120	iirsp - ok
18:56:39.0039 1120	IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys
18:56:39.0102 1120	IntcHdmiAddService - ok
18:56:39.0180 1120	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:56:39.0211 1120	intelide - ok
18:56:39.0273 1120	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:56:39.0382 1120	intelppm - ok
18:56:39.0460 1120	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:39.0554 1120	IpFilterDriver - ok
18:56:39.0585 1120	IpInIp - ok
18:56:39.0663 1120	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:56:39.0757 1120	IPMIDRV - ok
18:56:39.0804 1120	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:56:39.0913 1120	IPNAT - ok
18:56:39.0944 1120	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:56:40.0038 1120	IRENUM - ok
18:56:40.0069 1120	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:56:40.0100 1120	isapnp - ok
18:56:40.0162 1120	iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
18:56:40.0209 1120	iScsiPrt - ok
18:56:40.0240 1120	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:56:40.0272 1120	iteatapi - ok
18:56:40.0334 1120	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:56:40.0365 1120	iteraid - ok
18:56:40.0459 1120	JMCR            (a69a1b991824b98f744913555f665893) C:\Windows\system32\DRIVERS\jmcr.sys
18:56:40.0521 1120	JMCR - ok
18:56:40.0568 1120	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:56:40.0599 1120	kbdclass - ok
18:56:40.0646 1120	kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
18:56:40.0740 1120	kbdhid - ok
18:56:40.0833 1120	KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
18:56:40.0911 1120	KSecDD - ok
18:56:41.0020 1120	lenovo.smi      (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys
18:56:41.0036 1120	lenovo.smi - ok
18:56:41.0130 1120	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:56:41.0223 1120	lltdio - ok
18:56:41.0317 1120	LPCFilter       (31f74d5d47eea83e5e89447586917774) C:\Windows\system32\DRIVERS\LPCFilter.sys
18:56:41.0332 1120	LPCFilter - ok
18:56:41.0410 1120	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:56:41.0442 1120	LSI_FC - ok
18:56:41.0488 1120	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:56:41.0520 1120	LSI_SAS - ok
18:56:41.0582 1120	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:56:41.0613 1120	LSI_SCSI - ok
18:56:41.0660 1120	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:56:41.0754 1120	luafv - ok
18:56:41.0832 1120	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:56:41.0863 1120	mdmxsdk - ok
18:56:41.0910 1120	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:56:41.0941 1120	megasas - ok
18:56:42.0019 1120	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:56:42.0081 1120	MegaSR - ok
18:56:42.0128 1120	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:56:42.0222 1120	Modem - ok
18:56:42.0284 1120	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:56:42.0378 1120	monitor - ok
18:56:42.0424 1120	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:56:42.0440 1120	mouclass - ok
18:56:42.0487 1120	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:56:42.0580 1120	mouhid - ok
18:56:42.0612 1120	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:56:42.0643 1120	MountMgr - ok
18:56:42.0705 1120	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:56:42.0752 1120	mpio - ok
18:56:42.0783 1120	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:56:42.0877 1120	mpsdrv - ok
18:56:42.0939 1120	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:56:42.0970 1120	Mraid35x - ok
18:56:43.0017 1120	MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
18:56:43.0095 1120	MRxDAV - ok
18:56:43.0142 1120	mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:56:43.0220 1120	mrxsmb - ok
18:56:43.0298 1120	mrxsmb10        (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:56:43.0360 1120	mrxsmb10 - ok
18:56:43.0392 1120	mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:56:43.0438 1120	mrxsmb20 - ok
18:56:43.0516 1120	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
18:56:43.0548 1120	msahci - ok
18:56:43.0610 1120	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:56:43.0641 1120	msdsm - ok
18:56:43.0750 1120	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:56:43.0828 1120	Msfs - ok
18:56:43.0906 1120	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:56:43.0938 1120	msisadrv - ok
18:56:44.0031 1120	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:56:44.0125 1120	MSKSSRV - ok
18:56:44.0172 1120	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:56:44.0250 1120	MSPCLOCK - ok
18:56:44.0296 1120	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:56:44.0390 1120	MSPQM - ok
18:56:44.0437 1120	MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
18:56:44.0468 1120	MsRPC - ok
18:56:44.0530 1120	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:56:44.0562 1120	mssmbios - ok
18:56:44.0608 1120	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:56:44.0702 1120	MSTEE - ok
18:56:44.0749 1120	Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
18:56:44.0780 1120	Mup - ok
18:56:44.0827 1120	NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
18:56:44.0905 1120	NativeWifiP - ok
18:56:44.0983 1120	NDIS            (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
18:56:45.0045 1120	NDIS - ok
18:56:45.0108 1120	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:56:45.0186 1120	NdisTapi - ok
18:56:45.0232 1120	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:56:45.0326 1120	Ndisuio - ok
18:56:45.0404 1120	NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
18:56:45.0482 1120	NdisWan - ok
18:56:45.0529 1120	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:56:45.0607 1120	NDProxy - ok
18:56:45.0669 1120	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:56:45.0763 1120	NetBIOS - ok
18:56:45.0810 1120	netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
18:56:45.0919 1120	netbt - ok
18:56:46.0231 1120	NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
18:56:46.0543 1120	NETw5v32 - ok
18:56:46.0621 1120	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:56:46.0652 1120	nfrd960 - ok
18:56:46.0730 1120	Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
18:56:46.0824 1120	Npfs - ok
18:56:46.0870 1120	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:56:46.0980 1120	nsiproxy - ok
18:56:47.0058 1120	Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
18:56:47.0182 1120	Ntfs - ok
18:56:47.0245 1120	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:56:47.0432 1120	ntrigdigi - ok
18:56:47.0494 1120	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:56:47.0572 1120	Null - ok
18:56:47.0619 1120	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:56:47.0666 1120	nvraid - ok
18:56:47.0728 1120	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:56:47.0760 1120	nvstor - ok
18:56:47.0806 1120	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:56:47.0853 1120	nv_agp - ok
18:56:47.0884 1120	NwlnkFlt - ok
18:56:47.0931 1120	NwlnkFwd - ok
18:56:47.0994 1120	ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
18:56:48.0072 1120	ohci1394 - ok
18:56:48.0181 1120	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:56:48.0368 1120	Parport - ok
18:56:48.0430 1120	partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
18:56:48.0477 1120	partmgr - ok
18:56:48.0524 1120	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:56:48.0696 1120	Parvdm - ok
18:56:48.0742 1120	pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
18:56:48.0774 1120	pci - ok
18:56:48.0820 1120	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
18:56:48.0852 1120	pciide - ok
18:56:48.0914 1120	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
18:56:48.0945 1120	pcmcia - ok
18:56:49.0023 1120	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:56:49.0257 1120	PEAUTH - ok
18:56:49.0460 1120	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:56:49.0554 1120	PptpMiniport - ok
18:56:49.0616 1120	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:56:49.0710 1120	Processor - ok
18:56:49.0834 1120	psadd           (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys
18:56:49.0866 1120	psadd - ok
18:56:49.0912 1120	PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
18:56:49.0975 1120	PSched - ok
18:56:50.0022 1120	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
18:56:50.0037 1120	PxHelp20 - ok
18:56:50.0162 1120	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:56:50.0302 1120	ql2300 - ok
18:56:50.0349 1120	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:56:50.0396 1120	ql40xx - ok
18:56:50.0474 1120	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:56:50.0536 1120	QWAVEdrv - ok
18:56:50.0583 1120	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:56:50.0677 1120	RasAcd - ok
18:56:50.0755 1120	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:56:50.0833 1120	Rasl2tp - ok
18:56:50.0880 1120	RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
18:56:50.0958 1120	RasPppoe - ok
18:56:51.0020 1120	RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
18:56:51.0098 1120	RasSstp - ok
18:56:51.0176 1120	rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
18:56:51.0270 1120	rdbss - ok
18:56:51.0316 1120	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:56:51.0426 1120	RDPCDD - ok
18:56:51.0535 1120	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:56:51.0628 1120	rdpdr - ok
18:56:51.0675 1120	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:56:51.0769 1120	RDPENCDD - ok
18:56:51.0847 1120	RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
18:56:51.0956 1120	RDPWD - ok
18:56:52.0065 1120	RFCOMM          (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys
18:56:52.0112 1120	RFCOMM - ok
18:56:52.0299 1120	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:56:52.0393 1120	rspndr - ok
18:56:52.0455 1120	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:56:52.0486 1120	sbp2port - ok
18:56:52.0596 1120	sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
18:56:52.0689 1120	sdbus - ok
18:56:52.0767 1120	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:56:52.0923 1120	secdrv - ok
18:56:53.0017 1120	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:56:53.0173 1120	Serenum - ok
18:56:53.0220 1120	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:56:53.0391 1120	Serial - ok
18:56:53.0438 1120	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:56:53.0516 1120	sermouse - ok
18:56:53.0641 1120	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:56:53.0703 1120	sffdisk - ok
18:56:53.0750 1120	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:56:53.0844 1120	sffp_mmc - ok
18:56:53.0890 1120	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:56:54.0000 1120	sffp_sd - ok
18:56:54.0046 1120	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:56:54.0218 1120	sfloppy - ok
18:56:54.0265 1120	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:56:54.0296 1120	sisagp - ok
18:56:54.0343 1120	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:56:54.0374 1120	SiSRaid2 - ok
18:56:54.0421 1120	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:56:54.0452 1120	SiSRaid4 - ok
18:56:54.0514 1120	Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
18:56:54.0624 1120	Smb - ok
18:56:54.0717 1120	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:56:54.0748 1120	spldr - ok
18:56:54.0858 1120	srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
18:56:54.0951 1120	srv - ok
18:56:54.0998 1120	srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
18:56:55.0076 1120	srv2 - ok
18:56:55.0123 1120	srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
18:56:55.0185 1120	srvnet - ok
18:56:55.0279 1120	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:56:55.0294 1120	ssmdrv - ok
18:56:55.0466 1120	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:56:55.0513 1120	swenum - ok
18:56:55.0575 1120	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:56:55.0606 1120	Symc8xx - ok
18:56:55.0653 1120	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:56:55.0684 1120	Sym_hi - ok
18:56:55.0716 1120	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:56:55.0747 1120	Sym_u3 - ok
18:56:55.0903 1120	Tcpip           (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
18:56:56.0028 1120	Tcpip - ok
18:56:56.0121 1120	Tcpip6          (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
18:56:56.0215 1120	Tcpip6 - ok
18:56:56.0262 1120	tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
18:56:56.0355 1120	tcpipreg - ok
18:56:56.0449 1120	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:56:56.0542 1120	TDPIPE - ok
18:56:56.0589 1120	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:56:56.0698 1120	TDTCP - ok
18:56:56.0745 1120	tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
18:56:56.0870 1120	tdx - ok
18:56:56.0932 1120	TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
18:56:56.0964 1120	TermDD - ok
18:56:57.0073 1120	TPM             (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
18:56:57.0104 1120	TPM - ok
18:56:57.0213 1120	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:56:57.0307 1120	tssecsrv - ok
18:56:57.0369 1120	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:56:57.0432 1120	tunmp - ok
18:56:57.0494 1120	tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
18:56:57.0541 1120	tunnel - ok
18:56:57.0681 1120	tvtfilter       (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys
18:56:57.0712 1120	tvtfilter ( UnsignedFile.Multi.Generic ) - warning
18:56:57.0712 1120	tvtfilter - detected UnsignedFile.Multi.Generic (1)
18:56:57.0775 1120	TVTI2C          (7e66dda1ef146bfc3a6e36e08e036602) C:\Windows\system32\DRIVERS\Tvti2c.sys
18:56:57.0790 1120	TVTI2C - ok
18:56:57.0853 1120	tvtumon         (2d1ec233c89416ba8187c9d7d49a075a) C:\Windows\system32\DRIVERS\tvtumon.sys
18:56:57.0884 1120	tvtumon - ok
18:56:57.0962 1120	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:56:57.0993 1120	uagp35 - ok
18:56:58.0040 1120	udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
18:56:58.0134 1120	udfs - ok
18:56:58.0243 1120	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:56:58.0258 1120	uliagpkx - ok
18:56:58.0321 1120	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:56:58.0352 1120	uliahci - ok
18:56:58.0430 1120	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:56:58.0461 1120	UlSata - ok
18:56:58.0508 1120	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:56:58.0539 1120	ulsata2 - ok
18:56:58.0586 1120	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:56:58.0664 1120	umbus - ok
18:56:58.0758 1120	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:56:58.0836 1120	usbccgp - ok
18:56:58.0867 1120	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:56:59.0023 1120	usbcir - ok
18:56:59.0101 1120	usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
18:56:59.0194 1120	usbehci - ok
18:56:59.0272 1120	usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
18:56:59.0366 1120	usbhub - ok
18:56:59.0428 1120	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:56:59.0584 1120	usbohci - ok
18:56:59.0631 1120	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
18:56:59.0772 1120	usbprint - ok
18:56:59.0818 1120	USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:56:59.0928 1120	USBSTOR - ok
18:56:59.0974 1120	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:57:00.0037 1120	usbuhci - ok
18:57:00.0115 1120	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:57:00.0208 1120	usbvideo - ok
18:57:00.0271 1120	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:57:00.0380 1120	vga - ok
18:57:00.0442 1120	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:57:00.0536 1120	VgaSave - ok
18:57:00.0614 1120	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:57:00.0630 1120	viaagp - ok
18:57:00.0708 1120	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:57:00.0786 1120	ViaC7 - ok
18:57:00.0848 1120	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:57:00.0879 1120	viaide - ok
18:57:00.0973 1120	vm331avs        (b9dfda5510fffb6c8b825271e3e3d2e0) C:\Windows\system32\Drivers\vm331avs.sys
18:57:01.0098 1120	vm331avs - ok
18:57:01.0144 1120	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:57:01.0176 1120	volmgr - ok
18:57:01.0254 1120	volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
18:57:01.0300 1120	volmgrx - ok
18:57:01.0363 1120	volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
18:57:01.0425 1120	volsnap - ok
18:57:01.0472 1120	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:57:01.0503 1120	vsmraid - ok
18:57:01.0612 1120	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:57:01.0784 1120	WacomPen - ok
18:57:01.0815 1120	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:57:01.0909 1120	Wanarp - ok
18:57:01.0956 1120	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:57:02.0018 1120	Wanarpv6 - ok
18:57:02.0080 1120	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:57:02.0112 1120	Wd - ok
18:57:02.0174 1120	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:57:02.0252 1120	Wdf01000 - ok
18:57:02.0408 1120	WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
18:57:02.0439 1120	WimFltr - ok
18:57:02.0533 1120	winachsf        (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:57:02.0626 1120	winachsf - ok
18:57:02.0798 1120	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:57:02.0876 1120	WmiAcpi - ok
18:57:03.0016 1120	WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
18:57:03.0094 1120	WpdUsb - ok
18:57:03.0172 1120	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:57:03.0266 1120	ws2ifsl - ok
18:57:03.0360 1120	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:57:03.0469 1120	WUDFRd - ok
18:57:03.0547 1120	XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
18:57:03.0594 1120	XAudio - ok
18:57:03.0703 1120	MBR (0x1B8)     (b9b95b7ae4b744c06c8006057e1ee836) \Device\Harddisk0\DR0
18:57:03.0890 1120	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:57:03.0890 1120	\Device\Harddisk0\DR0 - detected TDSS File System (1)
18:57:03.0937 1120	Boot (0x1200)   (705ce3082de2322caef83935af64c5c2) \Device\Harddisk0\DR0\Partition0
18:57:03.0937 1120	\Device\Harddisk0\DR0\Partition0 - ok
18:57:03.0968 1120	Boot (0x1200)   (7e83e0ecbf0c7168ed5f81d8a5b59f5e) \Device\Harddisk0\DR0\Partition1
18:57:03.0968 1120	\Device\Harddisk0\DR0\Partition1 - ok
18:57:04.0015 1120	Boot (0x1200)   (ce5ad19d41b24f57d6a6da81efba7ca4) \Device\Harddisk0\DR0\Partition2
18:57:04.0015 1120	\Device\Harddisk0\DR0\Partition2 - ok
18:57:04.0015 1120	============================================================
18:57:04.0015 1120	Scan finished
18:57:04.0015 1120	============================================================
18:57:04.0062 1352	Detected object count: 2
18:57:04.0062 1352	Actual detected object count: 2
18:57:14.0077 1352	tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:14.0077 1352	tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:57:14.0077 1352	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:57:14.0077 1352	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus · 17.10.2011, 18:20

Zitat:

18:57:14.0077 1352 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:57:14.0077 1352 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Diese Einträge bitte unbedingt mit dem TDSS-Killer entfernen

Rudolph · 17.10.2011, 18:28

Ist gelöscht.

cosinus · 17.10.2011, 19:17

Mach bitte dann ein neues Log mit dem TDSS-Killer und poste es.

Rudolph · 17.10.2011, 19:38

TDSS-Killer:

Code:

ATTFilter

20:36:05.0014 1468	TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
20:36:05.0669 1468	============================================================
20:36:05.0669 1468	Current date / time: 2011/10/17 20:36:05.0669
20:36:05.0669 1468	SystemInfo:
20:36:05.0669 1468	
20:36:05.0669 1468	OS Version: 6.0.6001 ServicePack: 1.0
20:36:05.0669 1468	Product type: Workstation
20:36:05.0669 1468	ComputerName: ***-PC
20:36:05.0669 1468	UserName: ***
20:36:05.0669 1468	Windows directory: C:\Windows
20:36:05.0669 1468	System windows directory: C:\Windows
20:36:05.0669 1468	Processor architecture: Intel x86
20:36:05.0669 1468	Number of processors: 2
20:36:05.0669 1468	Page size: 0x1000
20:36:05.0669 1468	Boot type: Safe boot with network
20:36:05.0669 1468	============================================================
20:36:06.0215 1468	Initialize success
20:36:11.0004 1308	============================================================
20:36:11.0004 1308	Scan started
20:36:11.0004 1308	Mode: Manual; SigCheck; TDLFS; 
20:36:11.0004 1308	============================================================
20:36:11.0472 1308	ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
20:36:11.0753 1308	ACPI - ok
20:36:11.0909 1308	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:36:11.0971 1308	adp94xx - ok
20:36:12.0049 1308	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:36:12.0112 1308	adpahci - ok
20:36:12.0174 1308	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:36:12.0205 1308	adpu160m - ok
20:36:12.0268 1308	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:36:12.0299 1308	adpu320 - ok
20:36:12.0408 1308	AFD             (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
20:36:12.0533 1308	AFD - ok
20:36:12.0595 1308	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:36:12.0627 1308	agp440 - ok
20:36:12.0673 1308	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:36:12.0705 1308	aic78xx - ok
20:36:12.0798 1308	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:36:12.0814 1308	aliide - ok
20:36:12.0876 1308	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:36:12.0907 1308	amdagp - ok
20:36:12.0970 1308	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:36:12.0985 1308	amdide - ok
20:36:13.0063 1308	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:36:13.0282 1308	AmdK7 - ok
20:36:13.0329 1308	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:36:13.0422 1308	AmdK8 - ok
20:36:13.0531 1308	ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:36:13.0609 1308	ApfiltrService - ok
20:36:13.0672 1308	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:36:13.0703 1308	arc - ok
20:36:13.0781 1308	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:36:13.0812 1308	arcsas - ok
20:36:13.0875 1308	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:36:13.0984 1308	AsyncMac - ok
20:36:14.0031 1308	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
20:36:14.0062 1308	atapi - ok
20:36:14.0187 1308	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
20:36:14.0218 1308	avgntflt - ok
20:36:14.0343 1308	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
20:36:14.0389 1308	avipbb - ok
20:36:14.0467 1308	b57nd60x        (f17463eddb3b6a988f939ff403e067c3) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:36:14.0561 1308	b57nd60x - ok
20:36:14.0655 1308	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:36:14.0748 1308	Beep - ok
20:36:14.0826 1308	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:36:14.0920 1308	blbdrive - ok
20:36:14.0998 1308	bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
20:36:15.0060 1308	bowser - ok
20:36:15.0138 1308	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:36:15.0310 1308	BrFiltLo - ok
20:36:15.0341 1308	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:36:15.0435 1308	BrFiltUp - ok
20:36:15.0528 1308	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:36:15.0871 1308	Brserid - ok
20:36:15.0965 1308	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:36:16.0152 1308	BrSerWdm - ok
20:36:16.0261 1308	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:36:16.0402 1308	BrUsbMdm - ok
20:36:16.0480 1308	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:36:16.0651 1308	BrUsbSer - ok
20:36:16.0714 1308	BthEnum         (ae19cfbbba41800f3d5343e21d2ca09f) C:\Windows\system32\DRIVERS\BthEnum.sys
20:36:16.0823 1308	BthEnum - ok
20:36:16.0901 1308	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:36:17.0073 1308	BTHMODEM - ok
20:36:17.0119 1308	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:36:17.0244 1308	BthPan - ok
20:36:17.0338 1308	BTHPORT         (75f19df0bc62992d05fdd8a32d968531) C:\Windows\system32\Drivers\BTHport.sys
20:36:17.0431 1308	BTHPORT - ok
20:36:17.0494 1308	BTHUSB          (4ce2a25c5936bc515357d60fee73f221) C:\Windows\system32\Drivers\BTHUSB.sys
20:36:17.0541 1308	BTHUSB - ok
20:36:17.0650 1308	btwaudio        (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
20:36:17.0681 1308	btwaudio - ok
20:36:17.0728 1308	btwavdt         (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
20:36:17.0759 1308	btwavdt - ok
20:36:17.0837 1308	btwl2cap        (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:36:17.0853 1308	btwl2cap - ok
20:36:17.0915 1308	btwrchid        (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
20:36:17.0931 1308	btwrchid - ok
20:36:17.0993 1308	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:36:18.0087 1308	cdfs - ok
20:36:18.0149 1308	cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
20:36:18.0258 1308	cdrom - ok
20:36:18.0305 1308	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:36:18.0399 1308	circlass - ok
20:36:18.0445 1308	CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
20:36:18.0508 1308	CLFS - ok
20:36:18.0648 1308	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:36:18.0742 1308	CmBatt - ok
20:36:18.0804 1308	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:36:18.0835 1308	cmdide - ok
20:36:18.0898 1308	CnxtHdAudService (8b7a0ce6613f991359ff95212900396c) C:\Windows\system32\drivers\CHDRT32.sys
20:36:18.0960 1308	CnxtHdAudService - ok
20:36:19.0007 1308	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:36:19.0038 1308	Compbatt - ok
20:36:19.0069 1308	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:36:19.0101 1308	crcdisk - ok
20:36:19.0163 1308	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:36:19.0257 1308	Crusoe - ok
20:36:19.0381 1308	DfsC            (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
20:36:19.0506 1308	DfsC - ok
20:36:19.0662 1308	disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
20:36:19.0709 1308	disk - ok
20:36:19.0818 1308	DLABMFSM        (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\Windows\system32\DLA\DLABMFSM.SYS
20:36:19.0849 1308	DLABMFSM - ok
20:36:19.0896 1308	DLABOIOM        (ad4cb3d783634c90a9d0ce360933a63c) C:\Windows\system32\DLA\DLABOIOM.SYS
20:36:19.0912 1308	DLABOIOM - ok
20:36:19.0974 1308	DLACDBHM        (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS
20:36:19.0990 1308	DLACDBHM - ok
20:36:20.0052 1308	DLADResM        (dae193b1ddc6914f56b767a4f1406351) C:\Windows\system32\DLA\DLADResM.SYS
20:36:20.0068 1308	DLADResM - ok
20:36:20.0130 1308	DLAIFS_M        (6a82f77c4a6f5235bf352f0028e2ef52) C:\Windows\system32\DLA\DLAIFS_M.SYS
20:36:20.0161 1308	DLAIFS_M - ok
20:36:20.0208 1308	DLAOPIOM        (0e6052c0ada37504896a847231a3907d) C:\Windows\system32\DLA\DLAOPIOM.SYS
20:36:20.0239 1308	DLAOPIOM - ok
20:36:20.0302 1308	DLAPoolM        (29670bb4e2b973c5b55a76107d4910b2) C:\Windows\system32\DLA\DLAPoolM.SYS
20:36:20.0317 1308	DLAPoolM - ok
20:36:20.0364 1308	DLARTL_M        (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS
20:36:20.0380 1308	DLARTL_M - ok
20:36:20.0458 1308	DLAUDFAM        (6b087732b86c1d866d69dbbe463ea90a) C:\Windows\system32\DLA\DLAUDFAM.SYS
20:36:20.0473 1308	DLAUDFAM - ok
20:36:20.0536 1308	DLAUDF_M        (bbeecb95f2841ae4a3e3690d46d7153d) C:\Windows\system32\DLA\DLAUDF_M.SYS
20:36:20.0567 1308	DLAUDF_M - ok
20:36:20.0692 1308	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:36:20.0770 1308	drmkaud - ok
20:36:20.0848 1308	DRVMCDB         (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS
20:36:20.0879 1308	DRVMCDB - ok
20:36:20.0926 1308	DRVNDDM         (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS
20:36:20.0957 1308	DRVNDDM - ok
20:36:21.0051 1308	DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
20:36:21.0160 1308	DXGKrnl - ok
20:36:21.0238 1308	e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
20:36:21.0331 1308	e1express - ok
20:36:21.0394 1308	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:36:21.0487 1308	E1G60 - ok
20:36:21.0565 1308	Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
20:36:21.0612 1308	Ecache - ok
20:36:21.0737 1308	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:36:21.0799 1308	elxstor - ok
20:36:21.0877 1308	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:36:21.0987 1308	ErrDev - ok
20:36:22.0080 1308	exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
20:36:22.0189 1308	exfat - ok
20:36:22.0252 1308	fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
20:36:22.0361 1308	fastfat - ok
20:36:22.0408 1308	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:36:22.0501 1308	fdc - ok
20:36:22.0611 1308	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:36:22.0642 1308	FileInfo - ok
20:36:22.0689 1308	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:36:22.0798 1308	Filetrace - ok
20:36:22.0829 1308	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:36:22.0954 1308	flpydisk - ok
20:36:23.0032 1308	FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
20:36:23.0063 1308	FltMgr - ok
20:36:23.0157 1308	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:36:23.0219 1308	Fs_Rec - ok
20:36:23.0281 1308	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:36:23.0313 1308	gagp30kx - ok
20:36:23.0391 1308	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:36:23.0578 1308	HdAudAddService - ok
20:36:23.0640 1308	HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:36:23.0718 1308	HDAudBus - ok
20:36:23.0765 1308	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:36:23.0937 1308	HidBth - ok
20:36:23.0968 1308	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:36:24.0139 1308	HidIr - ok
20:36:24.0233 1308	HidUsb          (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
20:36:24.0327 1308	HidUsb - ok
20:36:24.0405 1308	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:36:24.0436 1308	HpCISSs - ok
20:36:24.0498 1308	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:36:24.0670 1308	HSFHWAZL - ok
20:36:24.0795 1308	HSF_DPV         (fadd7095163cb3cb4073793ebb50fe75) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:36:24.0935 1308	HSF_DPV - ok
20:36:25.0013 1308	HSXHWAZL        (058783bedd17615d1fece09f77960436) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:36:25.0060 1308	HSXHWAZL - ok
20:36:25.0138 1308	HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
20:36:25.0247 1308	HTTP - ok
20:36:25.0309 1308	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:36:25.0341 1308	i2omp - ok
20:36:25.0387 1308	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:36:25.0481 1308	i8042prt - ok
20:36:25.0543 1308	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:36:25.0590 1308	iaStorV - ok
20:36:26.0043 1308	igfx            (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:36:26.0885 1308	igfx - ok
20:36:26.0932 1308	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:36:26.0963 1308	iirsp - ok
20:36:27.0057 1308	IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys
20:36:27.0135 1308	IntcHdmiAddService - ok
20:36:27.0181 1308	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:36:27.0213 1308	intelide - ok
20:36:27.0259 1308	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:36:27.0353 1308	intelppm - ok
20:36:27.0431 1308	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:36:27.0525 1308	IpFilterDriver - ok
20:36:27.0587 1308	IpInIp - ok
20:36:27.0634 1308	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:36:27.0727 1308	IPMIDRV - ok
20:36:27.0759 1308	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:36:27.0868 1308	IPNAT - ok
20:36:27.0930 1308	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:36:28.0024 1308	IRENUM - ok
20:36:28.0055 1308	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:36:28.0102 1308	isapnp - ok
20:36:28.0164 1308	iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
20:36:28.0195 1308	iScsiPrt - ok
20:36:28.0242 1308	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:36:28.0273 1308	iteatapi - ok
20:36:28.0320 1308	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:36:28.0351 1308	iteraid - ok
20:36:28.0445 1308	JMCR            (a69a1b991824b98f744913555f665893) C:\Windows\system32\DRIVERS\jmcr.sys
20:36:28.0523 1308	JMCR - ok
20:36:28.0585 1308	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:36:28.0601 1308	kbdclass - ok
20:36:28.0663 1308	kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
20:36:28.0741 1308	kbdhid - ok
20:36:28.0819 1308	KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
20:36:28.0897 1308	KSecDD - ok
20:36:29.0038 1308	lenovo.smi      (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys
20:36:29.0069 1308	lenovo.smi - ok
20:36:29.0116 1308	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:36:29.0225 1308	lltdio - ok
20:36:29.0303 1308	LPCFilter       (31f74d5d47eea83e5e89447586917774) C:\Windows\system32\DRIVERS\LPCFilter.sys
20:36:29.0334 1308	LPCFilter - ok
20:36:29.0397 1308	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:36:29.0428 1308	LSI_FC - ok
20:36:29.0475 1308	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:36:29.0521 1308	LSI_SAS - ok
20:36:29.0584 1308	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:36:29.0615 1308	LSI_SCSI - ok
20:36:29.0677 1308	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:36:29.0787 1308	luafv - ok
20:36:29.0849 1308	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:36:29.0880 1308	mdmxsdk - ok
20:36:29.0927 1308	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:36:29.0958 1308	megasas - ok
20:36:30.0067 1308	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:36:30.0130 1308	MegaSR - ok
20:36:30.0208 1308	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:36:30.0301 1308	Modem - ok
20:36:30.0364 1308	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:36:30.0457 1308	monitor - ok
20:36:30.0520 1308	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:36:30.0551 1308	mouclass - ok
20:36:30.0613 1308	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:36:30.0691 1308	mouhid - ok
20:36:30.0723 1308	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:36:30.0754 1308	MountMgr - ok
20:36:30.0816 1308	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:36:30.0847 1308	mpio - ok
20:36:30.0894 1308	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:36:31.0003 1308	mpsdrv - ok
20:36:31.0066 1308	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:36:31.0097 1308	Mraid35x - ok
20:36:31.0144 1308	MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
20:36:31.0206 1308	MRxDAV - ok
20:36:31.0269 1308	mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:36:31.0331 1308	mrxsmb - ok
20:36:31.0409 1308	mrxsmb10        (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:36:31.0471 1308	mrxsmb10 - ok
20:36:31.0503 1308	mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:36:31.0565 1308	mrxsmb20 - ok
20:36:31.0643 1308	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
20:36:31.0659 1308	msahci - ok
20:36:31.0737 1308	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:36:31.0768 1308	msdsm - ok
20:36:31.0877 1308	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:36:31.0971 1308	Msfs - ok
20:36:32.0033 1308	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:36:32.0064 1308	msisadrv - ok
20:36:32.0189 1308	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:36:32.0283 1308	MSKSSRV - ok
20:36:32.0361 1308	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:36:32.0439 1308	MSPCLOCK - ok
20:36:32.0501 1308	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:36:32.0579 1308	MSPQM - ok
20:36:32.0626 1308	MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
20:36:32.0673 1308	MsRPC - ok
20:36:32.0735 1308	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:36:32.0766 1308	mssmbios - ok
20:36:32.0829 1308	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:36:32.0922 1308	MSTEE - ok
20:36:32.0969 1308	Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
20:36:33.0000 1308	Mup - ok
20:36:33.0078 1308	NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
20:36:33.0141 1308	NativeWifiP - ok
20:36:33.0203 1308	NDIS            (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
20:36:33.0281 1308	NDIS - ok
20:36:33.0328 1308	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:36:33.0406 1308	NdisTapi - ok
20:36:33.0453 1308	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:36:33.0531 1308	Ndisuio - ok
20:36:33.0593 1308	NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
20:36:33.0671 1308	NdisWan - ok
20:36:33.0718 1308	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:36:33.0796 1308	NDProxy - ok
20:36:33.0858 1308	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:36:33.0952 1308	NetBIOS - ok
20:36:33.0999 1308	netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
20:36:34.0108 1308	netbt - ok
20:36:34.0420 1308	NETw5v32        (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
20:36:34.0747 1308	NETw5v32 - ok
20:36:34.0825 1308	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:36:34.0857 1308	nfrd960 - ok
20:36:34.0935 1308	Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
20:36:35.0028 1308	Npfs - ok
20:36:35.0075 1308	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:36:35.0184 1308	nsiproxy - ok
20:36:35.0309 1308	Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
20:36:35.0449 1308	Ntfs - ok
20:36:35.0496 1308	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:36:35.0652 1308	ntrigdigi - ok
20:36:35.0699 1308	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:36:35.0793 1308	Null - ok
20:36:35.0855 1308	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:36:35.0886 1308	nvraid - ok
20:36:35.0949 1308	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:36:35.0980 1308	nvstor - ok
20:36:36.0027 1308	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:36:36.0058 1308	nv_agp - ok
20:36:36.0089 1308	NwlnkFlt - ok
20:36:36.0136 1308	NwlnkFwd - ok
20:36:36.0198 1308	ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
20:36:36.0323 1308	ohci1394 - ok
20:36:36.0417 1308	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:36:36.0588 1308	Parport - ok
20:36:36.0635 1308	partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
20:36:36.0666 1308	partmgr - ok
20:36:36.0713 1308	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:36:36.0869 1308	Parvdm - ok
20:36:36.0931 1308	pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
20:36:36.0978 1308	pci - ok
20:36:37.0009 1308	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:36:37.0041 1308	pciide - ok
20:36:37.0119 1308	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
20:36:37.0165 1308	pcmcia - ok
20:36:37.0243 1308	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:36:37.0477 1308	PEAUTH - ok
20:36:37.0727 1308	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:36:37.0821 1308	PptpMiniport - ok
20:36:37.0867 1308	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:36:37.0961 1308	Processor - ok
20:36:38.0070 1308	psadd           (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys
20:36:38.0086 1308	psadd - ok
20:36:38.0148 1308	PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
20:36:38.0226 1308	PSched - ok
20:36:38.0273 1308	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
20:36:38.0289 1308	PxHelp20 - ok
20:36:38.0398 1308	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:36:38.0538 1308	ql2300 - ok
20:36:38.0601 1308	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:36:38.0632 1308	ql40xx - ok
20:36:38.0694 1308	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:36:38.0757 1308	QWAVEdrv - ok
20:36:38.0803 1308	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:36:38.0897 1308	RasAcd - ok
20:36:38.0959 1308	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:36:39.0053 1308	Rasl2tp - ok
20:36:39.0100 1308	RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
20:36:39.0193 1308	RasPppoe - ok
20:36:39.0240 1308	RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
20:36:39.0334 1308	RasSstp - ok
20:36:39.0381 1308	rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
20:36:39.0490 1308	rdbss - ok
20:36:39.0537 1308	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:36:39.0630 1308	RDPCDD - ok
20:36:39.0724 1308	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:36:39.0817 1308	rdpdr - ok
20:36:39.0864 1308	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:36:39.0958 1308	RDPENCDD - ok
20:36:40.0036 1308	RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
20:36:40.0129 1308	RDPWD - ok
20:36:40.0207 1308	RFCOMM          (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys
20:36:40.0254 1308	RFCOMM - ok
20:36:40.0410 1308	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:36:40.0488 1308	rspndr - ok
20:36:40.0582 1308	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:36:40.0613 1308	sbp2port - ok
20:36:40.0738 1308	sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
20:36:40.0831 1308	sdbus - ok
20:36:40.0894 1308	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:36:41.0050 1308	secdrv - ok
20:36:41.0112 1308	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:36:41.0268 1308	Serenum - ok
20:36:41.0299 1308	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:36:41.0471 1308	Serial - ok
20:36:41.0533 1308	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:36:41.0611 1308	sermouse - ok
20:36:41.0721 1308	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:36:41.0783 1308	sffdisk - ok
20:36:41.0830 1308	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:36:41.0923 1308	sffp_mmc - ok
20:36:41.0970 1308	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:36:42.0064 1308	sffp_sd - ok
20:36:42.0111 1308	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:36:42.0267 1308	sfloppy - ok
20:36:42.0345 1308	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:36:42.0376 1308	sisagp - ok
20:36:42.0423 1308	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:36:42.0454 1308	SiSRaid2 - ok
20:36:42.0501 1308	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:36:42.0532 1308	SiSRaid4 - ok
20:36:42.0610 1308	Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
20:36:42.0719 1308	Smb - ok
20:36:42.0828 1308	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:36:42.0859 1308	spldr - ok
20:36:42.0937 1308	srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
20:36:43.0047 1308	srv - ok
20:36:43.0093 1308	srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
20:36:43.0171 1308	srv2 - ok
20:36:43.0218 1308	srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
20:36:43.0281 1308	srvnet - ok
20:36:43.0374 1308	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
20:36:43.0390 1308	ssmdrv - ok
20:36:43.0577 1308	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:36:43.0608 1308	swenum - ok
20:36:43.0686 1308	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:36:43.0717 1308	Symc8xx - ok
20:36:43.0764 1308	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:36:43.0795 1308	Sym_hi - ok
20:36:43.0842 1308	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:36:43.0873 1308	Sym_u3 - ok
20:36:44.0029 1308	Tcpip           (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
20:36:44.0170 1308	Tcpip - ok
20:36:44.0232 1308	Tcpip6          (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
20:36:44.0326 1308	Tcpip6 - ok
20:36:44.0373 1308	tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
20:36:44.0482 1308	tcpipreg - ok
20:36:44.0560 1308	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:36:44.0638 1308	TDPIPE - ok
20:36:44.0669 1308	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:36:44.0778 1308	TDTCP - ok
20:36:44.0825 1308	tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
20:36:44.0934 1308	tdx - ok
20:36:44.0997 1308	TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
20:36:45.0028 1308	TermDD - ok
20:36:45.0168 1308	TPM             (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
20:36:45.0199 1308	TPM - ok
20:36:45.0309 1308	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:36:45.0402 1308	tssecsrv - ok
20:36:45.0465 1308	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:36:45.0527 1308	tunmp - ok
20:36:45.0574 1308	tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
20:36:45.0636 1308	tunnel - ok
20:36:45.0745 1308	tvtfilter       (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys
20:36:45.0777 1308	tvtfilter ( UnsignedFile.Multi.Generic ) - warning
20:36:45.0777 1308	tvtfilter - detected UnsignedFile.Multi.Generic (1)
20:36:45.0855 1308	TVTI2C          (7e66dda1ef146bfc3a6e36e08e036602) C:\Windows\system32\DRIVERS\Tvti2c.sys
20:36:45.0870 1308	TVTI2C - ok
20:36:45.0948 1308	tvtumon         (2d1ec233c89416ba8187c9d7d49a075a) C:\Windows\system32\DRIVERS\tvtumon.sys
20:36:45.0964 1308	tvtumon - ok
20:36:46.0057 1308	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:36:46.0089 1308	uagp35 - ok
20:36:46.0151 1308	udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
20:36:46.0260 1308	udfs - ok
20:36:46.0338 1308	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:36:46.0369 1308	uliagpkx - ok
20:36:46.0432 1308	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:36:46.0479 1308	uliahci - ok
20:36:46.0525 1308	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:36:46.0572 1308	UlSata - ok
20:36:46.0619 1308	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:36:46.0666 1308	ulsata2 - ok
20:36:46.0697 1308	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:36:46.0791 1308	umbus - ok
20:36:46.0853 1308	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:36:46.0931 1308	usbccgp - ok
20:36:46.0962 1308	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:36:47.0118 1308	usbcir - ok
20:36:47.0165 1308	usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
20:36:47.0274 1308	usbehci - ok
20:36:47.0305 1308	usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
20:36:47.0399 1308	usbhub - ok
20:36:47.0446 1308	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:36:47.0602 1308	usbohci - ok
20:36:47.0649 1308	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
20:36:47.0789 1308	usbprint - ok
20:36:47.0867 1308	USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:36:47.0961 1308	USBSTOR - ok
20:36:48.0023 1308	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:36:48.0101 1308	usbuhci - ok
20:36:48.0163 1308	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:36:48.0257 1308	usbvideo - ok
20:36:48.0335 1308	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:36:48.0444 1308	vga - ok
20:36:48.0491 1308	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:36:48.0585 1308	VgaSave - ok
20:36:48.0663 1308	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:36:48.0694 1308	viaagp - ok
20:36:48.0756 1308	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:36:48.0850 1308	ViaC7 - ok
20:36:48.0881 1308	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:36:48.0912 1308	viaide - ok
20:36:49.0021 1308	vm331avs        (b9dfda5510fffb6c8b825271e3e3d2e0) C:\Windows\system32\Drivers\vm331avs.sys
20:36:49.0146 1308	vm331avs - ok
20:36:49.0193 1308	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:36:49.0224 1308	volmgr - ok
20:36:49.0287 1308	volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
20:36:49.0349 1308	volmgrx - ok
20:36:49.0411 1308	volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
20:36:49.0458 1308	volsnap - ok
20:36:49.0521 1308	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:36:49.0567 1308	vsmraid - ok
20:36:49.0677 1308	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:36:49.0833 1308	WacomPen - ok
20:36:49.0895 1308	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:36:49.0973 1308	Wanarp - ok
20:36:50.0020 1308	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:36:50.0082 1308	Wanarpv6 - ok
20:36:50.0160 1308	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:36:50.0191 1308	Wd - ok
20:36:50.0254 1308	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:36:50.0332 1308	Wdf01000 - ok
20:36:50.0488 1308	WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
20:36:50.0519 1308	WimFltr - ok
20:36:50.0628 1308	winachsf        (bb9cbaf6ac20452b245c324f1f50ee81) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:36:50.0722 1308	winachsf - ok
20:36:50.0878 1308	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:36:50.0956 1308	WmiAcpi - ok
20:36:51.0096 1308	WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
20:36:51.0174 1308	WpdUsb - ok
20:36:51.0252 1308	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:36:51.0346 1308	ws2ifsl - ok
20:36:51.0439 1308	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:36:51.0549 1308	WUDFRd - ok
20:36:51.0642 1308	XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
20:36:51.0689 1308	XAudio - ok
20:36:51.0798 1308	MBR (0x1B8)     (b9b95b7ae4b744c06c8006057e1ee836) \Device\Harddisk0\DR0
20:36:51.0985 1308	\Device\Harddisk0\DR0 - ok
20:36:52.0032 1308	Boot (0x1200)   (705ce3082de2322caef83935af64c5c2) \Device\Harddisk0\DR0\Partition0
20:36:52.0032 1308	\Device\Harddisk0\DR0\Partition0 - ok
20:36:52.0079 1308	Boot (0x1200)   (7e83e0ecbf0c7168ed5f81d8a5b59f5e) \Device\Harddisk0\DR0\Partition1
20:36:52.0079 1308	\Device\Harddisk0\DR0\Partition1 - ok
20:36:52.0126 1308	Boot (0x1200)   (ce5ad19d41b24f57d6a6da81efba7ca4) \Device\Harddisk0\DR0\Partition2
20:36:52.0126 1308	\Device\Harddisk0\DR0\Partition2 - ok
20:36:52.0126 1308	============================================================
20:36:52.0126 1308	Scan finished
20:36:52.0126 1308	============================================================
20:36:52.0188 1856	Detected object count: 1
20:36:52.0188 1856	Actual detected object count: 1
20:36:57.0009 1856	tvtfilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:57.0009 1856	tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

17.10.2011, 19:17	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter Mach bitte dann ein neues Log mit dem TDSS-Killer und poste es. __________________ Logfiles bitte immer in CODE-Tags posten

Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter

Plagegeister aller Art und deren Bekämpfung: Icons auf Desktop entfernt / Desktophintergrund schwarz / PC fährt nach einiger Zeit herunter