Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner! System wurde aus Sicherheitsgründen gesperrt.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.12.2011, 17:07   #1
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hallo Ich habe mir heute den Trojaner eingefangen, der die Meldung bringt „System wurde aus Sicherheitsgründen gesperrt.“

Nach einem Start im Abgesichertenmodus konnte ich „Hihgjack this“ ausführen und das Log an einem anderen PC auswerten.
Die exe-Datei, die sich beim Start öffnete konnte ich somit identifizieren und löschen.
Es war eine iexploer.exe unter C:\Users\...\AppData\Roaming\Microsoft\Internet Explorer

Nach dem löschen der Datei funktioniert mein Rechner wieder. Ich würde jetzt nur gerne wissen ob das Problem komplett behoben wurde. Außerdem bekomme ich bei dem Starten (a9us der Traskleiste) einiger Programme wie zum Bsp. Firefox oder Word den Fehler, das die Dateipfade verschoben wurde.

Ich habe ein Windows 7 64-Bit System. Logfiles befinden sich im Anhang.

Achja defogger habe ich als Admin ausgeführt. Dieser wollte keinen Neustart und hat sonst auch nichts gemacht.
S&D und Malwarebytes Anti-Malware haben nichts mehr auf dem PC gefunden. Antivir auch nicht aber das hatte schon im abgesichertem Modus nichts gefunden, als der Trojaner noch da war.



Code:
ATTFilter
OTL logfile created on: 27.12.2011 17:41:13 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Siggi\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,89% Memory free
7,99 Gb Paging File | 6,08 Gb Available in Paging File | 76,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 38,10 Gb Free Space | 31,98% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 329,75 Gb Free Space | 70,80% Space Free | Partition Type: NTFS
Drive E: | 58,59 Gb Total Space | 58,50 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive F: | 220,86 Gb Total Space | 170,05 Gb Free Space | 76,99% Space Free | Partition Type: NTFS
Drive H: | 7,47 Gb Total Space | 6,86 Gb Free Space | 91,73% Space Free | Partition Type: FAT32
 
Computer Name: SIGGI-PC | User Name: Siggi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Siggi\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\TS3\ts3client_win32.exe (TeamSpeak Systems GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\Programme\TS3\plugins\clientquery_plugin.dll ()
MOD - D:\Programme\TS3\soundbackends\windowsaudiosession_win32.dll ()
MOD - D:\Programme\TS3\soundbackends\directsound_win32.dll ()
MOD - D:\Programme\TS3\plugins\appscanner_plugin.dll ()
MOD - D:\Programme\TS3\QtGui4.dll ()
MOD - D:\Programme\TS3\QtCore4.dll ()
MOD - D:\Programme\TS3\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll ()
MOD - D:\Programme\TS3\imageformats\_old_qjpeg4.dll ()
MOD - D:\Programme\TS3\imageformats\_old_qgif4.dll ()
MOD - C:\Windows\DAODx.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (Magic Tune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver2) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 01 33 4A 37 BF CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Reader10\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
 
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.04.23 15:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Firefox\Profiles\yv5k50de.default\extensions
[2011.12.27 14:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.02 11:36:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.02 12:41:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.15 14:45:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 15:23:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.27 11:25:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.07 11:16:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.07 11:16:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.07 11:16:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.07 11:16:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.07 11:16:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.12.27 17:20:16 | 000,439,956 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 15125 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - HKCU..\Run: [iexploer.exe] C:\Users\Siggi\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O12 - Plugin for: .cdx - C:\Program Files (x86)\Internet Explorer\PLUGINS\Npcdp32.dll (CambridgeSoft.Com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{549DBD61-C3E1-430C-AD3B-DBB6BA87D162}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.27 16:51:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Siggi\Desktop\OTL.exe
[2011.12.27 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B328F867-5265-4669-8E3E-608B49A6D7EC}
[2011.12.27 13:25:11 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5F25E6FC-1504-41BF-9B08-75C791069222}
[2011.12.26 13:34:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{76502099-7A10-4B7E-8A05-44F48802A1A1}
[2011.12.25 13:24:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0E2CD1CA-3189-4210-9553-5CFC52C45480}
[2011.12.25 13:24:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{094C389D-BFFD-4D66-891E-8EDC56FAB003}
[2011.12.24 12:30:59 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{E8488BDE-FCF6-4361-9AE1-A75EC6A3592F}
[2011.12.24 00:34:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{58E1AC49-BB7A-457E-8DC2-B369D3F1C77B}
[2011.12.23 21:55:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DC4B2874-5B18-4F9C-84C6-77040A826E90}
[2011.12.23 16:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E94D341-2F61-42F9-95D3-0CA2406058B4}
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BinarySense
[2011.12.23 11:22:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CEDE75BC-1BF9-4D0B-99DD-5F0E0EE7171E}
[2011.12.23 11:21:43 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{264A42BD-7FAB-4CAF-BEEB-6581E73A0E4D}
[2011.12.22 15:16:00 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{C7203CA9-DEFB-4A2F-BFD9-421DF24C1A11}
[2011.12.22 15:15:38 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{89378933-57A8-492A-85D4-D1C7C3819D25}
[2011.12.22 11:36:45 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{FEAB741E-40C5-4205-8339-D3CE31B3C182}
[2011.12.21 19:04:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBA437C6-0C4D-48B4-BCF1-CEC5285EB99B}
[2011.12.21 19:03:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{80867720-C5B9-4A25-BFE5-6AF4624709E1}
[2011.12.20 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0C3D28B7-CB7C-42A1-BA9A-222010480EE6}
[2011.12.20 17:44:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEEE537-730C-4DF8-9502-7F2BF9904D58}
[2011.12.19 17:28:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{570B13B9-E91F-4DFB-87EA-5E08C26D1F39}
[2011.12.19 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5EF65840-CD8A-43A2-AFDA-523A39904A7B}
[2011.12.18 13:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{54FF3DD8-6B17-4FE1-8DA4-95B44D03DD16}
[2011.12.18 13:10:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEBEC6E-4E00-4DB0-84DF-70D9147B5A55}
[2011.12.17 11:52:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{398C19CB-3B92-436E-8A03-E06A028E863B}
[2011.12.17 11:52:30 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A3A11522-3862-4DFC-9FB3-78F146D3987A}
[2011.12.16 18:14:50 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CC5E390D-26C7-4358-A886-372798FCE332}
[2011.12.16 18:14:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{199B749F-7756-487A-8278-1985855CF8A1}
[2011.12.15 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F6C01BDA-EDEB-4139-B72E-5064D83D568C}
[2011.12.15 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D9B8F578-113F-4667-A123-906C71E0D3B2}
[2011.12.14 18:55:31 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBE00D8C-198E-435B-A910-CEB09FA8E0F4}
[2011.12.14 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F4C1E7D9-7875-4641-8638-6B0022242544}
[2011.12.14 18:04:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8381431F-2926-4002-8117-C0BBD2AE04DE}
[2011.12.14 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A630CC3F-B8B8-4C68-A3C4-0E124FA8EE40}
[2011.12.13 20:40:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AFABC5BB-7715-4D39-AE32-90967BAFA398}
[2011.12.13 18:24:54 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F2A24672-1BE6-4A87-A9ED-E8245E95436B}
[2011.12.12 22:34:07 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DFE55DBB-C4F2-4786-89A6-069471C180BE}
[2011.12.12 19:23:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{47231922-97E7-48FB-B016-634D2E0BA8A6}
[2011.12.12 18:33:01 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{EF42163C-EA3F-4F3A-AE7A-BBFBE784CF56}
[2011.12.11 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{008BD398-4823-48C5-9474-FCF702CBF847}
[2011.12.11 13:06:36 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{045A4CBA-072E-4317-9C8F-0EE288A9D7C4}
[2011.12.10 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BEB0104-920A-4DD7-9A42-8C30B63737C3}
[2011.12.10 14:07:22 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B59B20B9-28BA-4533-87F5-17589F945BBC}
[2011.12.09 13:25:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0F7830BA-5E7D-4036-BE56-F41080B26352}
[2011.12.09 13:24:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BDA098B2-66A2-4E18-A9A3-5C13F3C65FFC}
[2011.12.09 01:48:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DACAD6F3-BB09-45A4-A791-0B094255113C}
[2011.12.08 12:52:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B5D8C887-3A0F-4775-8ED6-57B658622193}
[2011.12.08 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{629C6F96-C382-40EB-B347-6EA44A4C354D}
[2011.12.07 12:58:53 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4A4A2C1A-6C8B-4ED2-BFF3-6E1EDF7A3C88}
[2011.12.06 12:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.06 12:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.12.06 12:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.12.06 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F1800ADC-E24A-47C7-84B7-8A7F8254CD28}
[2011.12.06 12:34:26 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B308B0FE-80CA-4D07-ADB7-3F5D4801D61A}
[2011.12.05 12:32:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2B7C27F0-7751-4D90-91A5-6B8A1DB76537}
[2011.12.05 12:32:19 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BB44C220-DE19-40F1-B09B-22559D0EC202}
[2011.12.04 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4177CEB6-685B-4CC5-B5DE-98C17599CC99}
[2011.12.03 18:47:32 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\Star Wars - The Old Republic
[2011.12.03 18:46:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\HeroBlade Logs
[2011.12.03 18:02:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{26C92C44-8AED-421D-9399-D778D2C47590}
[2011.12.03 18:02:05 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BD14D84-7794-4420-8DFE-025684D83F24}
[2011.12.03 15:32:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8A8B6D67-458A-4445-A872-577CB430EB1E}
[2011.12.03 12:49:56 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E722424-1373-4124-85B8-957F2B7FE695}
[2011.12.02 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{07057D14-E0A0-4912-A978-0EF57705289D}
[2011.12.02 20:07:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D90226D1-A30D-41EC-9481-12F9B8FD6A63}
[2011.12.01 23:14:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A6C2020C-BCC0-4049-8010-C33F60EF4876}
[2011.12.01 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B78A5BE7-986F-4594-AF1A-3192548202DE}
[2011.11.30 11:26:09 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{42E7C10E-A073-4C05-BC5E-07A352E1DC5B}
[2011.11.30 11:25:58 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{1A9629BB-3343-49FA-AD14-0F572F09C17B}
[2011.11.30 11:23:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AE452F27-33CA-480E-9EB4-0FD598752926}
[2011.11.30 11:23:37 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{73C546C9-B984-4C31-9F93-05F9622F9783}
[2011.11.29 11:08:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2976766A-EAE8-4BB5-ABA7-E59C1B350C56}
[2011.11.29 11:08:42 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{59237F6F-3F79-407E-806D-8A1675A0CF0A}
[2011.11.27 22:50:04 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{96BB8EED-93C0-4C8B-B562-C3D0C9E1ADAB}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.27 17:40:22 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 17:40:22 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 17:40:17 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.27 17:40:17 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.27 17:40:17 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.27 17:40:17 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.27 17:40:17 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.27 17:38:35 | 000,000,000 | ---- | M] () -- C:\Users\Siggi\defogger_reenable
[2011.12.27 17:34:34 | 000,000,721 | ---- | M] () -- C:\Users\Siggi\Desktop\World of Warcraft.lnk
[2011.12.27 17:33:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.27 17:33:10 | 3219,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.27 17:20:16 | 000,439,956 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.27 17:18:58 | 000,050,477 | ---- | M] () -- C:\Users\Siggi\Desktop\Defogger.exe
[2011.12.27 16:58:53 | 000,008,012 | ---- | M] () -- C:\Users\Siggi\Desktop\Extras.rar
[2011.12.27 16:58:49 | 000,011,105 | ---- | M] () -- C:\Users\Siggi\Desktop\OTL.rar
[2011.12.27 16:52:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Siggi\Desktop\OTL.exe
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.13 00:05:51 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.06 21:03:54 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2011.12.06 21:03:19 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.29 02:07:07 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.27 17:38:35 | 000,000,000 | ---- | C] () -- C:\Users\Siggi\defogger_reenable
[2011.12.27 17:38:00 | 000,050,477 | ---- | C] () -- C:\Users\Siggi\Desktop\Defogger.exe
[2011.12.27 16:58:53 | 000,008,012 | ---- | C] () -- C:\Users\Siggi\Desktop\Extras.rar
[2011.12.27 16:58:49 | 000,011,105 | ---- | C] () -- C:\Users\Siggi\Desktop\OTL.rar
[2011.11.24 15:20:38 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.11.24 14:40:52 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.24 14:40:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.27 22:37:10 | 000,007,597 | ---- | C] () -- C:\Users\Siggi\AppData\Local\Resmon.ResmonCfg
[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.03 11:53:16 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.05 23:01:06 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.09.05 23:01:06 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.09.05 23:01:06 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.06.17 18:01:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.04.02 19:32:39 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011.02.27 15:18:33 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.01.10 11:59:27 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.13 11:53:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.10 17:15:41 | 000,259,302 | ---- | C] () -- C:\Windows\hpwins19.dat
[2010.12.10 17:15:41 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
[2010.12.06 20:25:44 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.03 20:58:54 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2010.12.01 20:18:02 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.12.01 20:18:02 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.12.01 20:18:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.12.01 20:18:01 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.12.01 18:33:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.01 18:26:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.12.01 18:26:12 | 000,031,469 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.09.14 16:17:00 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.03.30 07:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe
 
========== LOP Check ==========
 
[2010.12.01 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Canneverbe Limited
[2011.09.09 22:53:46 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Hi-Rez Studios
[2011.10.19 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ICQ
[2010.12.01 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Leadertech
[2011.05.27 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\LolClient
[2010.12.02 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\OpenOffice.org
[2011.10.26 17:19:13 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Origin
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Thunderbird
[2011.03.22 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\TuneUp Software
[2011.11.23 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ubisoft
[2011.03.24 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\wargaming.net
[2010.12.16 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Windows Live Writer
[2011.09.28 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WordToPDF
[2011.11.29 16:32:15 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4FC01C57

< End of report >
         

Alt 28.12.2011, 03:53   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 28.12.2011, 20:49   #3
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Die Scans sind ausgeführt und von Malwarebytes habe ich noch ein Log von gestern… natürlich hatte ich vergessen das manuelle Update zu machen und somit wurde erst heute der Eintrag in der Registry entfernt.


Malwarebytes von gestern, kurz nach dem Trojaner (ohne manuelles Update)
Code:
ATTFilter
 Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 911122703

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

27.12.2011 18:40:02
mbam-log-2011-12-27 (18-40-02).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 335562
Laufzeit: 15 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files (x86)\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

Malwarebytes von heute, nach manuellem Update
Code:
ATTFilter
 Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.28.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Siggi :: SIGGI-PC [Administrator]

28.12.2011 12:18:49
mbam-log-2011-12-28 (12-18-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 336023
Laufzeit: 18 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|iexploer.exe (Trojan.Agent) -> Daten: C:\Users\Siggi\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Malwarebytes von heute, nach dem entfernen des Registryeintrags
Code:
ATTFilter
 Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.28.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Siggi :: SIGGI-PC [Administrator]

28.12.2011 12:52:59
mbam-log-2011-12-28 (12-52-59).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 303337
Laufzeit: 8 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Log von ESET, den musste ich 5 mal starten, ist immer wieder nach 20 bis 30 min abgebrochen aber am ende durch gelaufen

Code:
ATTFilter
 ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 12:04:59
# local_time=2011-12-28 01:04:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 957148 61605878 253064 0
# compatibility_mode=5893 16776573 100 94 3843 76702507 0 0
# compatibility_mode=8192 67108863 100 0 3730 3730 0 0
# scanned=148395
# found=0
# cleaned=0
# scan_time=1242
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 03:33:12
# local_time=2011-12-28 04:33:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 968211 61616941 264127 0
# compatibility_mode=5893 16776574 100 94 14906 76713570 0 0
# compatibility_mode=8192 67108863 100 0 14793 14793 0 0
# scanned=61981
# found=0
# cleaned=0
# scan_time=2671
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 03:48:56
# local_time=2011-12-28 04:48:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 971810 61620540 267726 0
# compatibility_mode=5893 16776573 100 94 7113 76717169 0 0
# compatibility_mode=8192 67108863 100 0 18392 18392 0 0
# scanned=1748
# found=0
# cleaned=0
# scan_time=17
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 03:53:52
# local_time=2011-12-28 04:53:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 971846 61620576 267762 0
# compatibility_mode=5893 16776573 100 94 7149 76717205 0 0
# compatibility_mode=8192 67108863 100 0 18428 18428 0 0
# scanned=13729
# found=0
# cleaned=0
# scan_time=276
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 07:00:37
# local_time=2011-12-28 08:00:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 982317 61631047 278233 0
# compatibility_mode=5893 16776573 100 94 17620 76727676 0 0
# compatibility_mode=8192 67108863 100 0 28899 28899 0 0
# scanned=20981
# found=0
# cleaned=0
# scan_time=1010
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3f6dbc6aae92dc4893fb118255d3dd69
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 08:46:37
# local_time=2011-12-28 09:46:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 983434 61632164 279350 0
# compatibility_mode=5893 16776573 100 94 18737 76728793 0 0
# compatibility_mode=8192 67108863 100 0 30016 30016 0 0
# scanned=176173
# found=0
# cleaned=0
# scan_time=6254
         
__________________

Alt 28.12.2011, 22:34   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 00:36   #5
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hier das Log vom OTL scan mit der Config

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.12.2011 01:27:09 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = D:\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,76% Memory free
7,99 Gb Paging File | 6,19 Gb Available in Paging File | 77,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 37,32 Gb Free Space | 31,32% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 328,41 Gb Free Space | 70,51% Space Free | Partition Type: NTFS
Drive E: | 58,59 Gb Total Space | 58,50 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive F: | 220,86 Gb Total Space | 170,05 Gb Free Space | 76,99% Space Free | Partition Type: NTFS
 
Computer Name: SIGGI-PC | User Name: Siggi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll ()
MOD - C:\Windows\DAODx.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (Magic Tune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver2) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 01 33 4A 37 BF CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Reader10\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
 
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.04.23 15:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Firefox\Profiles\yv5k50de.default\extensions
[2011.12.28 18:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.02 11:36:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.02 12:41:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.15 14:45:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 15:23:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.27 11:25:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.07 11:16:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.07 11:16:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.07 11:16:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.07 11:16:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.07 11:16:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.12.27 17:20:16 | 000,439,956 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 15125 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O12 - Plugin for: .cdx - C:\Program Files (x86)\Internet Explorer\PLUGINS\Npcdp32.dll (CambridgeSoft.Com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{549DBD61-C3E1-430C-AD3B-DBB6BA87D162}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.28 12:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.12.28 12:41:44 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Siggi\Desktop\esetsmartinstaller_enu.exe
[2011.12.28 12:17:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{984390CB-A92B-4D0E-AAFE-68677AE6C0A3}
[2011.12.28 12:16:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{676B0CB6-98BA-4F0E-B510-8BA268732F49}
[2011.12.27 18:19:59 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Roaming\Malwarebytes
[2011.12.27 18:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.27 18:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.27 18:19:50 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.27 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B328F867-5265-4669-8E3E-608B49A6D7EC}
[2011.12.27 13:25:11 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5F25E6FC-1504-41BF-9B08-75C791069222}
[2011.12.26 13:34:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{76502099-7A10-4B7E-8A05-44F48802A1A1}
[2011.12.25 13:24:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0E2CD1CA-3189-4210-9553-5CFC52C45480}
[2011.12.25 13:24:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{094C389D-BFFD-4D66-891E-8EDC56FAB003}
[2011.12.24 12:30:59 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{E8488BDE-FCF6-4361-9AE1-A75EC6A3592F}
[2011.12.24 00:34:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{58E1AC49-BB7A-457E-8DC2-B369D3F1C77B}
[2011.12.23 21:55:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DC4B2874-5B18-4F9C-84C6-77040A826E90}
[2011.12.23 16:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E94D341-2F61-42F9-95D3-0CA2406058B4}
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BinarySense
[2011.12.23 11:22:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CEDE75BC-1BF9-4D0B-99DD-5F0E0EE7171E}
[2011.12.23 11:21:43 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{264A42BD-7FAB-4CAF-BEEB-6581E73A0E4D}
[2011.12.22 15:16:00 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{C7203CA9-DEFB-4A2F-BFD9-421DF24C1A11}
[2011.12.22 15:15:38 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{89378933-57A8-492A-85D4-D1C7C3819D25}
[2011.12.22 11:36:45 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{FEAB741E-40C5-4205-8339-D3CE31B3C182}
[2011.12.21 19:04:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBA437C6-0C4D-48B4-BCF1-CEC5285EB99B}
[2011.12.21 19:03:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{80867720-C5B9-4A25-BFE5-6AF4624709E1}
[2011.12.20 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0C3D28B7-CB7C-42A1-BA9A-222010480EE6}
[2011.12.20 17:44:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEEE537-730C-4DF8-9502-7F2BF9904D58}
[2011.12.19 17:28:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{570B13B9-E91F-4DFB-87EA-5E08C26D1F39}
[2011.12.19 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5EF65840-CD8A-43A2-AFDA-523A39904A7B}
[2011.12.18 13:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{54FF3DD8-6B17-4FE1-8DA4-95B44D03DD16}
[2011.12.18 13:10:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEBEC6E-4E00-4DB0-84DF-70D9147B5A55}
[2011.12.17 11:52:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{398C19CB-3B92-436E-8A03-E06A028E863B}
[2011.12.17 11:52:30 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A3A11522-3862-4DFC-9FB3-78F146D3987A}
[2011.12.16 18:14:50 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CC5E390D-26C7-4358-A886-372798FCE332}
[2011.12.16 18:14:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{199B749F-7756-487A-8278-1985855CF8A1}
[2011.12.15 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F6C01BDA-EDEB-4139-B72E-5064D83D568C}
[2011.12.15 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D9B8F578-113F-4667-A123-906C71E0D3B2}
[2011.12.14 18:55:31 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBE00D8C-198E-435B-A910-CEB09FA8E0F4}
[2011.12.14 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F4C1E7D9-7875-4641-8638-6B0022242544}
[2011.12.14 18:04:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8381431F-2926-4002-8117-C0BBD2AE04DE}
[2011.12.14 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A630CC3F-B8B8-4C68-A3C4-0E124FA8EE40}
[2011.12.13 20:40:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AFABC5BB-7715-4D39-AE32-90967BAFA398}
[2011.12.13 18:24:54 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F2A24672-1BE6-4A87-A9ED-E8245E95436B}
[2011.12.12 22:34:07 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DFE55DBB-C4F2-4786-89A6-069471C180BE}
[2011.12.12 19:23:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{47231922-97E7-48FB-B016-634D2E0BA8A6}
[2011.12.12 18:33:01 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{EF42163C-EA3F-4F3A-AE7A-BBFBE784CF56}
[2011.12.11 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{008BD398-4823-48C5-9474-FCF702CBF847}
[2011.12.11 13:06:36 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{045A4CBA-072E-4317-9C8F-0EE288A9D7C4}
[2011.12.10 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BEB0104-920A-4DD7-9A42-8C30B63737C3}
[2011.12.10 14:07:22 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B59B20B9-28BA-4533-87F5-17589F945BBC}
[2011.12.09 13:25:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0F7830BA-5E7D-4036-BE56-F41080B26352}
[2011.12.09 13:24:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BDA098B2-66A2-4E18-A9A3-5C13F3C65FFC}
[2011.12.09 01:48:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DACAD6F3-BB09-45A4-A791-0B094255113C}
[2011.12.08 12:52:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B5D8C887-3A0F-4775-8ED6-57B658622193}
[2011.12.08 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{629C6F96-C382-40EB-B347-6EA44A4C354D}
[2011.12.07 12:58:53 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4A4A2C1A-6C8B-4ED2-BFF3-6E1EDF7A3C88}
[2011.12.06 12:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.06 12:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.12.06 12:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.12.06 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F1800ADC-E24A-47C7-84B7-8A7F8254CD28}
[2011.12.06 12:34:26 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B308B0FE-80CA-4D07-ADB7-3F5D4801D61A}
[2011.12.05 12:32:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2B7C27F0-7751-4D90-91A5-6B8A1DB76537}
[2011.12.05 12:32:19 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BB44C220-DE19-40F1-B09B-22559D0EC202}
[2011.12.04 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4177CEB6-685B-4CC5-B5DE-98C17599CC99}
[2011.12.03 18:47:32 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\Star Wars - The Old Republic
[2011.12.03 18:46:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\HeroBlade Logs
[2011.12.03 18:02:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{26C92C44-8AED-421D-9399-D778D2C47590}
[2011.12.03 18:02:05 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BD14D84-7794-4420-8DFE-025684D83F24}
[2011.12.03 15:32:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8A8B6D67-458A-4445-A872-577CB430EB1E}
[2011.12.03 12:49:56 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E722424-1373-4124-85B8-957F2B7FE695}
[2011.12.02 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{07057D14-E0A0-4912-A978-0EF57705289D}
[2011.12.02 20:07:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D90226D1-A30D-41EC-9481-12F9B8FD6A63}
[2011.12.01 23:14:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A6C2020C-BCC0-4049-8010-C33F60EF4876}
[2011.12.01 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B78A5BE7-986F-4594-AF1A-3192548202DE}
[2011.11.30 11:26:09 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{42E7C10E-A073-4C05-BC5E-07A352E1DC5B}
[2011.11.30 11:25:58 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{1A9629BB-3343-49FA-AD14-0F572F09C17B}
[2011.11.30 11:23:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AE452F27-33CA-480E-9EB4-0FD598752926}
[2011.11.30 11:23:37 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{73C546C9-B984-4C31-9F93-05F9622F9783}
[2011.11.29 11:08:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2976766A-EAE8-4BB5-ABA7-E59C1B350C56}
[2011.11.29 11:08:42 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{59237F6F-3F79-407E-806D-8A1675A0CF0A}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.28 23:31:27 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 23:31:27 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 23:29:10 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.28 23:29:10 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.28 23:29:10 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.28 23:29:10 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.28 23:29:10 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.28 23:24:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.28 23:24:14 | 3219,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.28 21:57:03 | 000,000,721 | ---- | M] () -- C:\Users\Siggi\Desktop\World of Warcraft.lnk
[2011.12.28 12:41:48 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Siggi\Desktop\esetsmartinstaller_enu.exe
[2011.12.28 12:18:19 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.27 17:38:35 | 000,000,000 | ---- | M] () -- C:\Users\Siggi\defogger_reenable
[2011.12.27 17:20:16 | 000,439,956 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.13 00:05:51 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.06 21:03:54 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2011.12.06 21:03:19 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.29 02:07:07 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.28 12:18:19 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.27 17:38:35 | 000,000,000 | ---- | C] () -- C:\Users\Siggi\defogger_reenable
[2011.11.24 15:20:38 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.11.24 14:40:52 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.24 14:40:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.27 22:37:10 | 000,007,597 | ---- | C] () -- C:\Users\Siggi\AppData\Local\Resmon.ResmonCfg
[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.03 11:53:16 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.05 23:01:06 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.09.05 23:01:06 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.09.05 23:01:06 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.06.17 18:01:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.04.02 19:32:39 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011.02.27 15:18:33 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.01.10 11:59:27 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.13 11:53:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.10 17:15:41 | 000,259,302 | ---- | C] () -- C:\Windows\hpwins19.dat
[2010.12.10 17:15:41 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
[2010.12.06 20:25:44 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.03 20:58:54 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2010.12.01 20:18:02 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.12.01 20:18:02 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.12.01 20:18:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.12.01 20:18:01 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.12.01 18:33:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.01 18:26:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.12.01 18:26:12 | 000,031,469 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.09.14 16:17:00 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.03.30 07:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe
 
========== LOP Check ==========
 
[2010.12.01 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Canneverbe Limited
[2011.09.09 22:53:46 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Hi-Rez Studios
[2011.10.19 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ICQ
[2010.12.01 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Leadertech
[2011.05.27 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\LolClient
[2010.12.02 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\OpenOffice.org
[2011.10.26 17:19:13 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Origin
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Thunderbird
[2011.03.22 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\TuneUp Software
[2011.11.23 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ubisoft
[2011.03.24 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\wargaming.net
[2010.12.16 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Windows Live Writer
[2011.09.28 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WordToPDF
[2011.11.29 16:32:15 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.02 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Adobe
[2010.12.06 20:36:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Apple Computer
[2010.12.01 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ATI
[2010.12.01 23:51:01 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Avira
[2010.12.01 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Canneverbe Limited
[2011.01.28 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\DivX
[2011.09.09 22:53:46 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Hi-Rez Studios
[2010.12.10 17:21:53 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\HP
[2011.10.19 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ICQ
[2010.12.01 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Identities
[2011.04.21 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\InstallShield
[2010.12.01 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Leadertech
[2010.12.01 22:36:41 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Logishrd
[2010.12.01 22:37:27 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Logitech
[2011.05.27 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\LolClient
[2010.12.01 20:20:50 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Macromedia
[2011.12.27 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Media Center Programs
[2011.12.27 17:16:57 | 000,000,000 | --SD | M] -- C:\Users\Siggi\AppData\Roaming\Microsoft
[2011.05.28 10:38:18 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\mIRC
[2010.12.01 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Mozilla
[2010.12.02 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\OpenOffice.org
[2011.10.26 17:19:13 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Origin
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Thunderbird
[2011.03.22 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\TuneUp Software
[2011.11.23 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ubisoft
[2011.04.02 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ventrilo
[2011.09.16 15:40:59 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\vlc
[2011.03.24 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\wargaming.net
[2010.12.16 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Windows Live Writer
[2010.12.03 20:57:18 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WinRAR
[2011.09.28 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WordToPDF
 
< %APPDATA%\*.exe /s >
[2010.12.01 22:37:25 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.12.01 23:19:28 | 000,046,488 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\ARPPRODUCTICON.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\NewShortcut1_63DEE96284054F8694636FE381A5574C.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\NewShortcut2_F1AD8C9A37F84A18ADCD99FB67588A13.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\UsersGuide_CAFE62D54E534DE1A75D0E8D057FA709.exe
[2011.10.31 16:59:44 | 000,007,902 | R--- | M] () -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}\ARPIcon.exe
[2011.10.31 16:59:44 | 000,069,632 | R--- | M] () -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}\_F2475BE884FE_4D10_8135_47C85E4D7080.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4FC01C57

< End of report >
         
--- --- ---


Alt 29.12.2011, 00:49   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4FC01C57
:Files
C:\Users\Siggi\AppData\Local\{*
C:\Windows\system32\consrv.dll
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
--> Trojaner! System wurde aus Sicherheitsgründen gesperrt.

Alt 29.12.2011, 12:07   #7
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Der PC hat neugestartet und läuft.
Hier das OTL-log

Code:
ATTFilter
 All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\ not found.
File E:\.\Bin\ASSETUP.exe not found.
ADS C:\ProgramData\TEMP:4FC01C57 deleted successfully.
========== FILES ==========
C:\Users\Siggi\AppData\Local\{00495A2F-8EE4-487F-9568-01A7440EF219} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0085E033-F3CE-49B2-A0E8-5ED5533927F2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{008B320B-E338-4C8C-9537-254A9C011E15} folder moved successfully.
C:\Users\Siggi\AppData\Local\{008BD398-4823-48C5-9474-FCF702CBF847} folder moved successfully.
C:\Users\Siggi\AppData\Local\{00ADF552-9A63-40DA-B4EA-5D8A86A07AD6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{00DBAF14-6FA6-44E8-B665-C5A3F0C305BA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0126DCFA-E059-48D2-B952-419E06376DD4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0142AB51-7186-4CC9-8B66-934462B00D9C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{01AE334A-2F19-4D3E-952D-E5ACE2E76DF7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0204E0C7-8368-4E0B-8970-956C756DD3EE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0246F239-9301-4F4E-B1A3-83C885750B88} folder moved successfully.
C:\Users\Siggi\AppData\Local\{02B91A69-E959-4D1B-A2D2-E6A0DA849AA7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{02DE9E51-CD96-43DE-A15D-2C67DBE4F4F4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0339B963-E2EE-4B58-982C-751C62DD859D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0429378C-CBE4-438E-883C-E9879FC9F6B1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{045A4CBA-072E-4317-9C8F-0EE288A9D7C4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{04A9A93D-08A2-4BE1-B90A-B94D4F1FDDEE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{04B19BD5-FC6A-42DA-A9E9-FCB92B2391C7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{04D02731-D397-420D-B8E5-5D7F6F5C4F3B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0581E55A-4D51-4249-A6C3-53A82041F23D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{059512D0-A768-4B01-AFE6-6475E3DA98BD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{05A0799D-D17C-455C-8CFE-DA45DA9BD89E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{05A6A999-EDAE-4CC5-9F10-5BA55A31F037} folder moved successfully.
C:\Users\Siggi\AppData\Local\{05B2A97E-AFE9-48B9-9561-88FCA740AB0E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{062964A7-3EAE-4F2E-9658-79307672FAF1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{06351B15-CAF5-404E-9DA1-29AF6CFE638E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{067CF334-53CD-4CC7-8C10-B3E8EB740AB2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{06A12D5A-85DE-4420-BCD0-545D2D3C7F05} folder moved successfully.
C:\Users\Siggi\AppData\Local\{06F3C5CB-1547-4E19-A2DF-02DD0AA5E473} folder moved successfully.
C:\Users\Siggi\AppData\Local\{07057D14-E0A0-4912-A978-0EF57705289D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{071D9545-5AFD-457A-9598-A2E5E9EF60AA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0775E194-283C-4985-8249-7584DA520791} folder moved successfully.
C:\Users\Siggi\AppData\Local\{08B585C3-B1D2-41D9-B899-BFFB9B69588F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{094C389D-BFFD-4D66-891E-8EDC56FAB003} folder moved successfully.
C:\Users\Siggi\AppData\Local\{09523AA8-FB1A-4260-A711-1658BD0F3505} folder moved successfully.
C:\Users\Siggi\AppData\Local\{09550125-C35A-4DE1-B9D5-A3367D5B0A18} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0A7A2842-5E72-405D-AFB9-DC49074A3FC6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0AD7C1AA-2EB0-40ED-954A-8C394E1D7411} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0B29DDF5-8438-42FA-A3E0-E23904FD86F4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0B6F6882-871A-42AD-BFB4-C3DCB0827E3E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0B79B127-C6EC-4B29-ACA5-1536870980A9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0BABD47B-C24E-4EAA-B9DE-3491BA40602C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0BC6DD9A-940B-4BF0-9E8F-8ED0DE26F459} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0BF64828-D1D5-49B0-A1F8-6FE3B00834A7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0C3D28B7-CB7C-42A1-BA9A-222010480EE6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0CA8538F-2874-472B-8B4A-C24432AEAC92} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0D476CF0-239D-4A95-A2CE-E3B2591006AA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0D4DDAD0-4FA3-4C9B-8079-97690EB444AB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0D65383F-772D-4C8F-9B30-D85808098FEA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0DCED2EB-17AD-4693-A777-D39B41C22607} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0E2CD1CA-3189-4210-9553-5CFC52C45480} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0E84B38A-06E1-4E64-AE56-B531FCA64953} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0EE351B8-FA13-42F1-8134-5588EB93D280} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0F1B5941-2A1B-49E7-AD74-FF92A60726BE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0F7830BA-5E7D-4036-BE56-F41080B26352} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0FA1E29C-19AE-40A9-BCA2-E867634AE395} folder moved successfully.
C:\Users\Siggi\AppData\Local\{0FDEBACC-07CF-469A-891A-364CF7FAF378} folder moved successfully.
C:\Users\Siggi\AppData\Local\{10494B16-D61F-4E3B-83A1-B0A809DDBCBC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{11A3092D-70FF-4617-AD89-2F1D77BEDD10} folder moved successfully.
C:\Users\Siggi\AppData\Local\{11F31F5E-8BCD-4019-B2B2-36BB5780FC19} folder moved successfully.
C:\Users\Siggi\AppData\Local\{11FDCABB-831B-4F73-AB60-14175262CC8E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{11FEC404-1D9B-4102-8B7E-EE0D4CB0810F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{12C31061-A493-4007-9CD9-CC9F34A87057} folder moved successfully.
C:\Users\Siggi\AppData\Local\{12F27CDF-2A34-4AFD-8F9E-D8DAA8880000} folder moved successfully.
C:\Users\Siggi\AppData\Local\{13AC5E1E-8A0D-4C4E-A90B-046AA5559AD1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{13BB6293-FD7A-433A-9289-BC370C069158} folder moved successfully.
C:\Users\Siggi\AppData\Local\{13C3F219-5A97-4E47-94CB-478D8E782825} folder moved successfully.
C:\Users\Siggi\AppData\Local\{14233376-EA14-461A-89D9-921D6FAE2E3C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{15221E1F-30CC-427D-8F19-67842E5C2759} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1535022F-C1A2-4136-88BA-DBB28D448CD5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1561CB9B-3598-4228-88E8-C325804DA608} folder moved successfully.
C:\Users\Siggi\AppData\Local\{15E92AD7-9170-426E-AA15-FB02B7A8ABA6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{169110BA-169A-4D7C-AF46-C827383D6ECD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{169DF377-E855-4935-BC7B-6B20E3430E0E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{17111EA4-CF8F-417E-AD32-F03029466F8A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{17B94D36-0DF4-450A-A1E9-BC2B68108DAB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{17B9DD5D-766B-4560-8456-3D1638F323CA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{17F8599B-BE8C-446F-98F9-623CDB7BEB40} folder moved successfully.
C:\Users\Siggi\AppData\Local\{181E3059-4D11-4C7B-9452-5046D4B92747} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1862709D-A67A-4113-ACEC-59F4B4635719} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1865C784-9586-4790-8CAB-9034A4BCC5A6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{199B749F-7756-487A-8278-1985855CF8A1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{19D460A7-6CB5-4EA2-8D52-3509DAA6C6A5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1A39C999-D635-4442-B0B8-F0CB0F1E74CE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1A703FBC-E143-4B37-B6FA-7975E5FAF7D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1A9629BB-3343-49FA-AD14-0F572F09C17B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1B3B6794-7296-4BF0-9360-524A7902AC49} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1B8204F9-DC8B-44D5-B17A-852E32A0D410} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1BDAB029-B995-4AEA-95DC-8AB214FFDB89} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1CC494B3-B1F1-4F7C-B4E9-8994B33E5C6D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1D01B8B0-679B-47A9-8C68-42FE20894EA4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1D3CFFF8-04BA-4865-A7DB-1E63807CE4BF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1EA851A7-D642-4DAA-9690-88F65EC22EB3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1EB0D088-750A-4591-91EC-712DDD0BAFA8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1F1C44FE-3189-4AF9-BD7D-C0EF69034F63} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1F3BCA2B-CD47-483B-BB62-6D61413A720C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1F86DAEB-017C-4F81-BA7F-6DC562D2C5B9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1F8F0729-C602-4192-B5E5-BB34CEB42EE5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1F923F25-B807-4A6C-B7ED-D844601DFF82} folder moved successfully.
C:\Users\Siggi\AppData\Local\{1FA50D29-118D-4C2B-9219-12A1B22B37D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{208EE2F4-3CBB-4BA9-BD49-4304FBB4FA84} folder moved successfully.
C:\Users\Siggi\AppData\Local\{20C9EF4D-4872-4ACD-9B3C-7DC8B4DC3C33} folder moved successfully.
C:\Users\Siggi\AppData\Local\{216E5A9C-59B8-4B67-8006-E05543DF18A3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{218B3BF0-D759-4222-914D-108C02D6418B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{21E93338-BA1E-4650-9E1D-F766423A0A17} folder moved successfully.
C:\Users\Siggi\AppData\Local\{224CCFA3-E499-4D1D-8456-9BE8EF9BB1B8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2255DD45-0EF6-481F-9874-7CF683BE2045} folder moved successfully.
C:\Users\Siggi\AppData\Local\{22E81F72-26A5-414C-A9E5-61964A7DF603} folder moved successfully.
C:\Users\Siggi\AppData\Local\{22F526BC-1142-4912-8C50-2B6AB6858816} folder moved successfully.
C:\Users\Siggi\AppData\Local\{23720FC7-F6CE-4252-AA14-15BB4E457396} folder moved successfully.
C:\Users\Siggi\AppData\Local\{243BD66C-AE8E-4BEA-BD97-6EB2E994853E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{24F668A6-DE63-4189-9051-AC39BFAA3D9A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{250F9D41-23CE-4445-AA69-27D363435F99} folder moved successfully.
C:\Users\Siggi\AppData\Local\{25422C93-9ED2-42A3-9FD6-B9C96D959E18} folder moved successfully.
C:\Users\Siggi\AppData\Local\{25633A23-7985-447E-9E97-EB2B3BC784F9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{259B28EC-9904-4785-8902-5A057A637D62} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2641E365-D547-4D77-94AB-BFDC84F08398} folder moved successfully.
C:\Users\Siggi\AppData\Local\{264A42BD-7FAB-4CAF-BEEB-6581E73A0E4D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2674952C-01BA-41CE-99C5-4152EFF4C6C4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{26C92C44-8AED-421D-9399-D778D2C47590} folder moved successfully.
C:\Users\Siggi\AppData\Local\{26E53771-28A7-42C6-A869-205E6EF465FF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{26E8CA01-A8EE-4FE5-9A97-86DFF6371824} folder moved successfully.
C:\Users\Siggi\AppData\Local\{27643EF9-93DC-4EB5-8285-B301B0C440D3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2777F707-1831-4C63-A115-94631C10D0FB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{291049F9-0BF0-4442-99BE-19229FF63564} folder moved successfully.
C:\Users\Siggi\AppData\Local\{294765E4-2DBC-4A1A-8FB1-ABA6F156FCC2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2976766A-EAE8-4BB5-ABA7-E59C1B350C56} folder moved successfully.
C:\Users\Siggi\AppData\Local\{29E304FE-BF7C-4A89-AD79-2AFB8A5879EE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{29E5FA2C-F0B7-4708-B63A-F6696B15BAA5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{29F7153D-FEEE-4531-B620-B0BB16CCF2F2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2A17D131-7BA6-4EA0-862B-7D868981B197} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2B68BE3A-3DC5-4D4A-B560-6C9055C82F36} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2B7C27F0-7751-4D90-91A5-6B8A1DB76537} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2BCCE60F-812A-4EF7-B060-29706349792C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2BE612AD-0BB1-4115-943E-0DFDE9C1E435} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2C861898-169E-41A8-977A-D227F94C59BE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2DCBD402-DB4D-472F-B2BE-59B6723CB7B6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2E3A90AF-2A66-4056-B88A-C0809A30FDA8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{2E496D61-05A7-4976-89A0-9E4126DA1C34} folder moved successfully.
C:\Users\Siggi\AppData\Local\{30449BC2-8F8C-4BCE-B51A-C4DE46A4E3C7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{305F499F-ED77-485A-80FF-CB0E044958F9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{308E2429-9DFF-40D9-A8AC-D6B4D8B1525D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{315C909A-BF4C-449B-84C4-2FC02A272207} folder moved successfully.
C:\Users\Siggi\AppData\Local\{31C6FB4C-470D-40B8-B60B-F847D772593F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{32705EBD-E310-4DD4-9F9E-DD00F41DB0EB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3299F327-4248-495C-AF49-8103F0C0D582} folder moved successfully.
C:\Users\Siggi\AppData\Local\{32F68A7C-5C15-4391-86CC-13AABC17CD47} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3332F3AB-90DA-48B5-8568-A28C2B045BA9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3336AFF1-0466-4D30-B752-23C7610763C6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3356E06B-D67B-4A9D-8D04-803212F8575B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{343AB6A7-2D02-4EB1-A6BD-4EEBBE325A8B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{34539991-A021-4F6D-81E2-99020E876B8D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{35061355-46A4-4210-8FD6-0F8B2D2A64DF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{354244FD-F523-47A5-9A26-B081E16E442F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{358EECD3-69E7-4865-8694-3E2F9024F6DA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{35B64413-07EA-43B6-94EC-C4A5D18FFC6B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{365DEC09-9BC7-43B2-8610-60A501070B2D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{36613DEE-BDAC-48D6-AB08-57088473C62F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{369B6A93-DF59-4680-BFB1-C18593062170} folder moved successfully.
C:\Users\Siggi\AppData\Local\{37F447C8-6AF3-4945-92AD-3A7276F7F880} folder moved successfully.
C:\Users\Siggi\AppData\Local\{381B8AD3-9066-480B-8B98-9B9EF816CC02} folder moved successfully.
C:\Users\Siggi\AppData\Local\{38AD6AED-8AD9-49C2-8EE3-9EF9A82D74BD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{39506A53-D3D6-46DD-A5B9-8FF4ED862A5E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{398AB6EF-96CF-45B0-9EC2-8FAAD5E5448D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{398C19CB-3B92-436E-8A03-E06A028E863B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3A0C6752-3576-4C35-B482-C478295F1B9A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3A2CE52E-AEB3-4ECF-9766-3EB330AEF72D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3A709C28-7C09-4B0F-BEE4-0B5410EFC901} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3ABC3444-AB1E-477C-B989-5619C767ED1E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3ACD3738-07D4-4AB7-9A7E-265E40D7BADF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3AEBEC6E-4E00-4DB0-84DF-70D9147B5A55} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3AEEE537-730C-4DF8-9502-7F2BF9904D58} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3B473EA8-6687-4AAE-A2EA-1AD08B589262} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3B5D713D-EC9D-40CF-BD2A-D22AEFC6ABAA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3B7A868D-CBA1-44F7-B4D1-9F52FC24B31F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3BC3A71D-3FDD-4407-B2A4-6E784F4FD454} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3BCBFFAD-828E-48DB-97FC-5594AB0F3E90} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3BD14D84-7794-4420-8DFE-025684D83F24} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3BE1C26F-BD66-470D-BF68-0F18C0384699} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3BEB0104-920A-4DD7-9A42-8C30B63737C3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3C9F3755-F55E-4D51-A25A-0F382403D9C7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3D01633E-145E-4224-ADD0-063B4820E255} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3D88DC81-06C0-4963-91D6-4721F3F60EA2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3E3AF390-F224-400E-80CB-F7834219F282} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3E6CA119-7956-4593-8557-8818F5D42087} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3E722424-1373-4124-85B8-957F2B7FE695} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3E94D341-2F61-42F9-95D3-0CA2406058B4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3EF56589-375D-443F-8CAA-E8D22BBF393C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3F31DE48-530A-450E-889B-78E7382F3853} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3F368A4F-7FFF-478E-935C-1479432B4868} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3F3A9F44-46E2-4B72-A31B-F09824892E01} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3F519E7B-7288-45CE-88BC-94E53982119B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{3FD53100-2FE0-42E5-B13F-98707EDE7683} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4026AE47-540E-413E-8FAA-7F864B2A7B90} folder moved successfully.
C:\Users\Siggi\AppData\Local\{40E8C7AB-8E65-4A36-976E-E342EF9928F6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4150FC4A-8677-40D9-A385-4E87D679B534} folder moved successfully.
C:\Users\Siggi\AppData\Local\{415AF4C7-AC4D-45CA-963B-DC466C99B221} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4177CEB6-685B-4CC5-B5DE-98C17599CC99} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42116D29-2C82-49F2-AB0F-8390B300305B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{421717BC-CB46-4595-B6F5-71BEE5777118} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42295557-4EB3-44F1-AC51-A577DD4906E3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42825079-6538-49EB-A1F4-29928BB52636} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42E7C10E-A073-4C05-BC5E-07A352E1DC5B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42F1392A-A82C-4637-84AF-816EC9B52C48} folder moved successfully.
C:\Users\Siggi\AppData\Local\{42F84E67-CE1B-46C7-9742-981883C78361} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4320F50B-D71C-4A62-89F5-881087EF7C02} folder moved successfully.
C:\Users\Siggi\AppData\Local\{43A4A764-1BC5-4B9C-BDB2-64D2F3A8EA8B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{43E79D04-E2AE-4310-ADFA-24B854240F18} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4462C4B0-F20B-45E8-B057-DA3467E5CE28} folder moved successfully.
C:\Users\Siggi\AppData\Local\{44B7F5C6-5264-474D-B46B-BD58D947F35B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{450D1F5C-5AD5-4995-A027-901EAC2BA107} folder moved successfully.
C:\Users\Siggi\AppData\Local\{453E529B-B071-4881-B4D9-19135BA7BE7F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{455A69A4-B1A6-467F-8200-F0D8DA863ADC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{45794FBB-B8C8-400D-A9C5-DF0443B809D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{45CD6B2D-AFD9-4A95-AAE5-6A03A3B01AF1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{46B30118-6FCC-47F2-98B4-FDDA4B06BACC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{46CD16AA-48FB-4EF0-A45B-BDEEADE37C9E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{47231922-97E7-48FB-B016-634D2E0BA8A6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{474C4FDB-D418-4A37-A029-D13EA941C9E7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4776D09C-1E85-476C-8A8B-97E025E6A7FF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{479193A6-CC57-4811-9135-F2860DE74FCB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{47BFB8CD-20B6-4BEF-8799-751F17802850} folder moved successfully.
C:\Users\Siggi\AppData\Local\{47F4FE16-4052-41D4-A798-7AE9C65AC562} folder moved successfully.
C:\Users\Siggi\AppData\Local\{47F76669-89A5-48BC-9C67-601244B80BB7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{481F3AB4-8B2F-4907-9E53-82A6C56D68EA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{488D4BE0-9987-44F3-ACA8-AF91911CF59F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{496D08F4-D2FC-4871-9038-4DB6E864154D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{497BBCAA-CC1E-4A3A-B64F-9E4019F5F9A0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{49EF1BCF-F21A-4D23-AC91-535F66ABF756} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4A4A2C1A-6C8B-4ED2-BFF3-6E1EDF7A3C88} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4A5505CA-3D85-4279-A98D-2D4801BFB8BC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4AAB27C5-32A4-4661-8E0F-C21399616107} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4AB7710F-7805-4734-A233-D28EF05BD1F9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4AC3A52E-D249-4021-8A0A-80A64B83FAC3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4B3FD5F0-D29A-4190-9D1F-190860773995} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4BC4EBA3-3A63-4ED0-ABD5-35F5C3E46D9B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4C56DD4C-4705-4CC1-8DCA-7450F3BD1B9F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4D21F25C-B46D-4F01-B3FF-87BFA8130FE0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4D25985F-ED85-4F9B-8D56-39F623537B11} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4D2C3D7A-3223-4778-BC8A-FEFDB9EE8491} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4D9BCB88-54CC-4593-A541-67698C150DD4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4DCAC456-BD22-4D7D-A9C6-668B9CCECD65} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4DF9DD9B-5D51-4F07-B12B-68D8EC60649D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4ED5D428-21C4-4FDC-9315-2851A572C9D4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4F84F8A6-8282-469F-BFFE-5E642341A09C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{4FAC9D20-FD23-4919-86FC-AD74463EF301} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5111D8D2-0783-46CA-A65F-7014B9D75038} folder moved successfully.
C:\Users\Siggi\AppData\Local\{51133341-A0AC-4801-8F1E-76D144E75DAF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{511A267A-EC84-48E8-ACFF-22C80721868C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{511D5B63-7918-40F0-A925-C5B54DC4FC9E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5184B664-D19D-498E-B1AD-D7B1B9148377} folder moved successfully.
C:\Users\Siggi\AppData\Local\{51B3951A-B7A4-4407-831D-105B569A249E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{51D2D502-55BD-4AEE-AB5C-86B6A24779BF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{52245624-7F36-40AF-BB4C-0EC304675090} folder moved successfully.
C:\Users\Siggi\AppData\Local\{52DC9E6A-47AE-4B0A-BA83-C9AD1DAB199F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{532E8F8E-47A4-4033-BB10-89313B2AB0C2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{535CAAFA-5B80-4F6B-95C2-4BF0307BF6F0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{53A78642-910E-43E3-AAF3-F34CFB29D96D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{53B6B281-0716-446F-A7A6-439178A313F8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{53F66D6E-7886-4A00-BB89-5A06BBD78702} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5482F32D-ED3C-4724-ABBC-52F29A920284} folder moved successfully.
C:\Users\Siggi\AppData\Local\{54ABD9D3-F168-420F-AF44-4897A306786C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{54BCF3A9-7341-4441-BC34-DEE0A42881A3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{54DA54EA-3788-4A31-ADDB-25A995913DF8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{54FF3DD8-6B17-4FE1-8DA4-95B44D03DD16} folder moved successfully.
C:\Users\Siggi\AppData\Local\{552EA189-32CA-4BDE-9C5A-ABEF01DFD4F6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5532ECF9-2EAD-4533-B515-A9B1C20CBA41} folder moved successfully.
C:\Users\Siggi\AppData\Local\{55BFD1D0-10B7-4D58-92A8-4D68A4880B55} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5603B390-BD5F-4585-B2FF-2E8B918DD45E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5627DE87-31D6-4FD9-B094-E90793A0F90A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5648032D-F114-4FB5-A88C-6C2035EEF822} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5707BD50-3B16-437B-A948-29BF9FBD6E0E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{570B13B9-E91F-4DFB-87EA-5E08C26D1F39} folder moved successfully.
C:\Users\Siggi\AppData\Local\{570D78E2-6DFD-4D08-9B6D-7CA45A6D967B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{58E1AC49-BB7A-457E-8DC2-B369D3F1C77B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{59237F6F-3F79-407E-806D-8A1675A0CF0A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{59B53FA7-5E47-427F-8D8F-F540FD957B8F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{59C5259D-B881-426B-A32F-7DBB61B2F554} folder moved successfully.
C:\Users\Siggi\AppData\Local\{59FCB9E3-27F8-45E3-84DC-9F7812D4BCB9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5A066E2D-BA58-4F15-8BBF-B4D1C1F20514} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5A30624F-01AD-49BD-89BE-9DD9D6B43E11} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5A54F372-B35A-4B8A-9343-445793654BFA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5A59C788-BF93-4CA6-A90A-3051232C456D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5B036B3A-3DA5-403C-8F99-F445C53CBFC9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5B596D99-12F1-4D88-876F-3E347DA5F768} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5B9727A7-2384-42E4-964D-FB48B6FC6820} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5C35F26E-92A6-4F17-B2CB-8B0144A29DE0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5C60FB1B-14ED-43ED-B63D-06CBF5E9E506} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5C6F7C5F-35F5-413C-9FD5-03F47AE48314} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5D30953D-76BA-471D-99A9-24860AB1C9C0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5E5E5E9C-CD4E-48D0-8CD4-AFAC10D870E2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5E7CF286-B90E-42CD-8DCB-A42A5A50AE59} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5E83870F-8B95-4B2B-ADC9-0CB518ACF765} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5ECCA43D-DA11-4178-BB91-908F1360830C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5EF65840-CD8A-43A2-AFDA-523A39904A7B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5F23C611-4339-482F-8041-14E7F5D787D9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5F24FC30-C6B5-4B2B-B96D-C510C9874D7C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5F25E6FC-1504-41BF-9B08-75C791069222} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5FADD55D-0DD6-4A2A-B1BD-57F841D1828B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{5FF615D4-1C9D-455F-BD30-E8C30B8844DF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{60744209-839A-4BD0-8996-191F0B497A99} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6207B219-04F6-4E5F-8BCC-F814EFC16C5D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{629C6F96-C382-40EB-B347-6EA44A4C354D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{629FE38D-D4F2-4A95-8D76-6ED266083E63} folder moved successfully.
C:\Users\Siggi\AppData\Local\{63121E46-C62F-47FA-A11E-569B00F2B549} folder moved successfully.
C:\Users\Siggi\AppData\Local\{636887B3-AA20-4839-9E12-151DAD5B2ACC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6371613A-0AF1-40B2-9168-5E861B93D1C3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{638EE3E8-9CD0-4174-AE3C-0A0CF6F11482} folder moved successfully.
C:\Users\Siggi\AppData\Local\{645903A6-E205-410F-9CE0-2B8515B3204A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{646E2BEE-EA4B-444D-B824-D6FA104F14BF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{64742AC2-16E4-4E71-8554-F2EF0443BD02} folder moved successfully.
C:\Users\Siggi\AppData\Local\{64F55580-6F5E-4B5A-84B0-49573339EF4B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6513AE89-D85D-4F8A-A81F-D1467935AD90} folder moved successfully.
C:\Users\Siggi\AppData\Local\{65E36683-D237-45AA-B2E5-26161A7AEDB2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{66D6389F-483E-4297-B3D2-D3BE7113C37C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{676B0CB6-98BA-4F0E-B510-8BA268732F49} folder moved successfully.
C:\Users\Siggi\AppData\Local\{67F6A0E1-1B1E-4799-BBBB-19AE7B437B10} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6888BB6C-649D-4EC5-A6B5-A27A5949ADDF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{68B7F2F4-DDE4-4094-97D4-CDA994577666} folder moved successfully.
C:\Users\Siggi\AppData\Local\{68C9831C-BE35-4E95-8A4B-71887FA3AFD5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{68CB114D-3696-4164-AEAA-C0FCC3F44040} folder moved successfully.
C:\Users\Siggi\AppData\Local\{69021C65-EE64-4793-9C89-298BBD225201} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6941C92A-96F4-40CA-9D8A-5FC82583C201} folder moved successfully.
C:\Users\Siggi\AppData\Local\{69CA63B0-BE45-4390-97B2-098B36E220FE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{69E37294-7F2D-481F-B615-34DFCF1703DC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6A050CC1-FF8E-4C2C-BF76-579E642E938C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6A516AA7-0EF8-441A-894B-EA0DFFFF7EE3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6A9E789F-6848-40A4-B888-86B724640E42} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6AC0AFD8-EA98-4D88-910C-B534BEBF0C0A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6B155700-A0D0-4427-AB74-6B7712F96F7C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6B4059B5-0009-42C2-B549-9906ACC31733} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6B9DD384-0669-425F-A919-7867273B9AB5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6BEC25EC-93F5-4560-801A-4EDE6DE62FB3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6CB09AB1-E164-4A13-9439-8CDADBF08089} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6D4E4084-5A81-43AA-9602-D3A85B58A2E7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6D576DC7-7E73-477A-94E4-1ED7E34B57B9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6DDB2366-7DE0-474A-BA47-335F57EBD970} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6E078025-31F9-4865-9AE1-C2207A5B64CC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6EB57628-9D9D-4833-B0F0-5F05984ED30C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6F10084E-E6D3-4C53-A37E-1456F2997890} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6F32D9BE-49D4-4386-8BCC-B3006E952EA9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6FAC4A1B-E4AE-4C52-9C37-0E0788107A51} folder moved successfully.
C:\Users\Siggi\AppData\Local\{6FB9F3DD-E159-4D51-A5BD-E484BA4027F5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{70100ABD-F120-47EB-B124-624ECC30689B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{70225377-00C6-4E91-88BE-73E9A067C0D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{702FBDC5-348E-40AF-9351-B0E26A74DC6D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{70318D59-27BD-4864-9CB2-51AE80509FF6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{71760914-8E89-4324-A999-2D5401A5F754} folder moved successfully.
C:\Users\Siggi\AppData\Local\{71A06B3F-9143-4C2E-B1D2-45EED9441A35} folder moved successfully.
C:\Users\Siggi\AppData\Local\{71D577FB-7897-4EF4-AAD2-3CF91671C87C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{72988371-396C-4ED8-95A2-19FA3C141EAA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{73068CFC-03C1-4315-9B0F-E9999C69A6AD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7354E063-E228-45F1-A73C-AE6214F40588} folder moved successfully.
C:\Users\Siggi\AppData\Local\{735B68EB-2711-4F0A-A57A-2FF48B1BF6CE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7382BC51-BBA6-4E58-B2C8-4B6E4CC4BC29} folder moved successfully.
C:\Users\Siggi\AppData\Local\{73C546C9-B984-4C31-9F93-05F9622F9783} folder moved successfully.
C:\Users\Siggi\AppData\Local\{73DE73A3-26DD-490B-9752-3E63CA7E3739} folder moved successfully.
C:\Users\Siggi\AppData\Local\{74BCD317-B7C3-4869-B159-F7DCAD251925} folder moved successfully.
C:\Users\Siggi\AppData\Local\{74FE63A5-999B-4273-94B6-F75FA83854C9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7500C025-82BF-4644-84CA-27F3A88BF603} folder moved successfully.
C:\Users\Siggi\AppData\Local\{75A69345-F50A-47C6-B8A4-0763F0D868F0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{75DFE129-37BC-46F9-80F2-5CD910A55A70} folder moved successfully.
C:\Users\Siggi\AppData\Local\{76502099-7A10-4B7E-8A05-44F48802A1A1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{76617F85-EE85-49A7-93D4-FC6B42965520} folder moved successfully.
C:\Users\Siggi\AppData\Local\{77048BBB-8E35-4C41-AEE4-AAC80FC68F6E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{780430CE-BFF5-4A5F-B910-F74BB41A8808} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7854C566-6990-44A3-A020-174637193EF1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{798AF68D-D5E9-48E2-A18D-2623236E3D99} folder moved successfully.
C:\Users\Siggi\AppData\Local\{79A46A6D-29E8-4567-9352-023E0972383E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{79E3B5C7-AE16-4F7D-998E-7014BFBEE7D7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7A0B7DE5-BAE9-48B1-96CB-68E72CC65CB6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7A204E42-5D6D-4303-BE3B-0CF74E4828DA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7A4AC039-3900-4CE3-AFC2-7DCBEAA26AEF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7A4BD6C7-7C53-499C-99A1-7F2A548020D6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7B90C85A-6D69-4B87-9BBB-C98ECA85A70B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7C5A0FD3-A658-48EE-83DA-19061BEBE910} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7D5CCD22-D0EE-43CD-90BD-59BE96BB7C1A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7F17AE9B-E835-401A-8DB5-28C69E8D0682} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7F8C6990-612F-44E8-8ADB-BDDBD0EC374B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{7FBBBB03-FFD5-4D0B-BBDD-7F2E73B3A09C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{80867720-C5B9-4A25-BFE5-6AF4624709E1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{81A2A9A8-17D6-4451-8442-671B401802B4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8235309E-D027-4442-AC5D-FB8AB1173EB4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8241685A-3A45-4818-8308-4BB225F64355} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8245BBE0-8F08-4452-B519-CD1F7BF38EEE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{82D36CE3-2638-45B5-B101-1266527B2979} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8381431F-2926-4002-8117-C0BBD2AE04DE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{856A7F6B-4190-416C-AF9D-7B6A17BBA3FD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8579D90B-7FAE-4109-BE0F-AD5C40BB6E6D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8591007F-DD2E-409B-99B7-8D9DCE52E1D9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8685D84D-F21A-4089-A043-EE858AB65A06} folder moved successfully.
C:\Users\Siggi\AppData\Local\{87D8BA18-7A60-4A17-B77C-7F95FEAED6EF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{88296652-1C9A-4FE8-B3C5-20325DF0DC27} folder moved successfully.
C:\Users\Siggi\AppData\Local\{882C9FC9-9797-431F-93B3-044EAFFDFD32} folder moved successfully.
C:\Users\Siggi\AppData\Local\{88314840-6CF2-4F01-914A-39D35B8EA33E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{891ECD27-056C-4673-A451-37DF685BF53A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{89378933-57A8-492A-85D4-D1C7C3819D25} folder moved successfully.
C:\Users\Siggi\AppData\Local\{893EE7B8-6A1E-43AB-B70B-CBB4C0168CC3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{894B5560-CACE-4ACE-B9EE-D823E1C7D333} folder moved successfully.
C:\Users\Siggi\AppData\Local\{896143D8-6566-494D-8835-7B0FA7DB7282} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8A8B6D67-458A-4445-A872-577CB430EB1E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8BA4FCFC-DC07-4BDA-9305-C618286226EB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8BBD7157-DB7C-40D1-9A32-B805F450B09C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8BE5C96E-C56B-42D6-89B3-514E9AD579FA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8C05CC79-2AE0-4FDB-AC36-4AC504CBD454} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8C2EC1B6-00BD-4D7F-9CE0-7746AE9FBC4A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8D02B463-AAE3-44D1-87B1-9DD20BC3AD9F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8D29813B-645F-4B45-A6CD-9582A8A0334B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8D95F213-2B23-4DA7-9400-A70645440E44} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8DAF29C0-DAC6-48C4-B7E3-3F42F85EA589} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8DC7B252-F992-4DB6-B1B3-F41F167DC18B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8DDDA8D8-F2C6-48B8-B9B4-77FA37E3D4BE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8E12EC66-D80D-4607-B829-E789200CDDFC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8E447A59-FF0D-4D30-8E9B-2FBEE6ABBD48} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8EBE4F47-300C-459E-946F-2DF7F2D6AF63} folder moved successfully.
C:\Users\Siggi\AppData\Local\{8ED287C1-30A1-4BC7-97DC-EBD046EADD51} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9003FE28-DBCD-4CE2-81A7-8685583BD371} folder moved successfully.
C:\Users\Siggi\AppData\Local\{90424B57-EA4B-4B60-BC18-04C709031520} folder moved successfully.
C:\Users\Siggi\AppData\Local\{906542FE-876F-4371-92EA-7BB72A8002DF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{916CB8AE-03B2-452C-AD40-E8DB4EC44CDA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{92405567-159E-4849-BE22-49B056889CEA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{927970EA-4A28-4D0A-8463-2ABAF3097523} folder moved successfully.
C:\Users\Siggi\AppData\Local\{92DF1FED-2CB5-4EBE-8807-313088406408} folder moved successfully.
C:\Users\Siggi\AppData\Local\{930A3E11-B562-4530-B0AE-0B6E8512CF44} folder moved successfully.
C:\Users\Siggi\AppData\Local\{93691B04-5AEC-4B51-9C60-5CACCE34B889} folder moved successfully.
C:\Users\Siggi\AppData\Local\{942D5DDB-F625-45C0-BCE0-33B835520BDB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{943ECB57-2DCA-456B-AB1A-5B08AFBFC398} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9473CEE0-7E7A-4C3A-9C1E-83F4ECA81151} folder moved successfully.
C:\Users\Siggi\AppData\Local\{951AD7FB-A16B-4AFF-8F2F-92739754F300} folder moved successfully.
C:\Users\Siggi\AppData\Local\{95EA1D65-71E3-45BA-BC35-428913C0AEFE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9665E9D0-2F70-41BA-BE9C-F43B92B5DD31} folder moved successfully.
C:\Users\Siggi\AppData\Local\{969FFF71-8F3E-4806-8220-9F5F47CD67EB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{96BB8EED-93C0-4C8B-B562-C3D0C9E1ADAB} folder moved successfully.
C:\Users\Siggi\AppData\Local\{96C1D8BA-5786-42EB-8237-1C616F7A8B96} folder moved successfully.
C:\Users\Siggi\AppData\Local\{97805340-1767-4FD9-BD9D-03D988E3075B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{984390CB-A92B-4D0E-AAFE-68677AE6C0A3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9871A364-FED9-4EDC-8667-CCD2B268B071} folder moved successfully.
C:\Users\Siggi\AppData\Local\{98AB6F17-DAC1-43A5-A979-42FE7D894A8A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{98B589D5-A84E-4EF6-8B4C-444998DBC086} folder moved successfully.
C:\Users\Siggi\AppData\Local\{98F1D35F-820A-4572-AB8F-47467BBFBF75} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9916EBD2-EC43-4C5C-BC40-7577EB027B57} folder moved successfully.
C:\Users\Siggi\AppData\Local\{99427C4F-6280-4E9F-BB04-4B1F5FCF064C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{996D4002-6E61-425F-972B-CAFE9749152F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9974FA9E-F98E-4389-A2BF-12531E9A1A09} folder moved successfully.
C:\Users\Siggi\AppData\Local\{997DC1AC-9366-4D7A-B2A9-AD2510BEDFCD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{99B25680-502A-47F0-B32E-90A6A8C7D0AF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{99E72707-C5B0-467D-942F-FD84CE727253} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9A118214-402A-4CD6-9BCC-FEB68A063416} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9A22342E-7AF6-409F-A50E-3820E3B4D9C6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9A3C1DE7-F3C8-4856-8050-A255C258009D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9A41803E-D6FF-446F-A546-C5C1437E871A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9A8A264C-75FA-466F-BC19-A0595EF1FBB0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9AC62617-C2BA-4008-A4A1-AA8A6F7F918C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9B789376-866F-4CD3-AF89-78763B356B3B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9C375C3A-4B9E-4E6B-99DF-890F18B80707} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9CA00B6D-2CA1-470D-97B4-692EB6442EE9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9CE6F6A3-8CA1-48B7-B3D0-B565E7B6E4BF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9CFF2E8C-D0C6-447A-B2B0-8DE96921FD7E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9D36687C-61FA-4726-AFEF-68FB6C55209B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9DBB14EA-B382-48DC-80DA-9CD8E0A58067} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9E06E081-BEE2-4530-B475-6DA15FD6A226} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9E14B1E6-CB7B-464B-91A7-A64E85169995} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9E21949A-1168-4A57-AF48-E66100F3BE5D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9EECCE43-4B4E-48AC-9183-7868745D0C53} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9EF08330-FD9A-46DA-97CD-E433C7ADE69A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9F1B1A9C-6CEA-45B5-A3C2-FD85F0DC3E08} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9FC1BB24-848F-41C1-8F0B-E2BED5668E0D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{9FDECE1B-3B56-47DE-8B6D-76E4AE646F10} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A00E88A2-E6C2-4E90-AD9E-180ED13F2825} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A052C01B-E5FC-4771-B5D3-C0442896EB46} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A0870FCF-3719-4589-8AD0-077314E449D5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A13FBEAE-C617-4134-8306-0DD731A923BA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A2A269CD-9DA1-4BCE-B604-31A235A54DCA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A2DE1B87-5A25-4354-A5A7-5711E74E762F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A2EDF69A-F13B-41BA-A51C-7D9825A67F9C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A39F049C-1DD3-4631-AF6B-A05913D63ED4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A3A11522-3862-4DFC-9FB3-78F146D3987A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A3B4E1E1-EF1A-4339-BF6F-DFD1789EB658} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A4EA53AA-1217-43EE-86DB-386CE93860AC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A58D985F-3C2C-464A-B8A5-277F6929757C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A630CC3F-B8B8-4C68-A3C4-0E124FA8EE40} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A662B47D-1CB0-4297-AC61-98E7233B2F68} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A66EC224-B2E1-4B67-899D-1CC9E20225C2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A694A8E1-9698-4555-A14C-D88E71A40CF9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A6C2020C-BCC0-4049-8010-C33F60EF4876} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A717FA3C-BE76-4EC5-9B64-B19E50927A85} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A7C93507-B774-450B-86F3-AA732E24FAFC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A836B542-E430-4E2C-A707-F883F34C35D3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A856599C-CC70-4CEA-A429-A8B3F6DD8A9D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A895BBCD-D470-459A-B93E-30EFA12E0620} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A8C76384-3E17-4BE8-AC0D-50E95F0F1188} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A8C9D14E-767D-432F-9814-0ADD2CD82400} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A8DD17A3-A430-490F-9097-D7AF3169EAE1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A8E5E066-89DE-4B14-AD75-AE7BF722441F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A9045911-FC12-43A0-8775-9153E93B9E7E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{A9FE8CD1-EE22-48D1-8FF2-A63DBFE97CA3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AA188CA2-55B3-4381-BB89-62D2C3C912C7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AA4B8623-F556-4CAB-8138-A9C93E892E6B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AAF35F67-D658-4AC8-A91C-44E4E737E936} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AB104366-AABF-4236-AD21-15696C8B8E05} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AB51CA10-4E7E-4D1C-8234-E899EBD59273} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AB61E5F1-8A8F-4B3D-8089-78CDDB88E79C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AB883504-82EB-4C90-B9BF-F8E83FE21206} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AB8E400C-D6D1-465F-9F12-2738055CE85A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{ABDACE83-9B51-42A4-92E7-CF2A35CC954E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AC5439F9-B5BB-42A5-BFEC-9D929B62C3DF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AC77AC51-7C3C-4631-AC00-93F2DEEA627A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AD85E4E1-4D40-4688-ADDC-F01EA169F9FE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AE0D8E20-000D-497D-89FC-E87B0068F996} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AE452F27-33CA-480E-9EB4-0FD598752926} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AEA48973-5D6D-4801-9FC1-C3EC6BA0F4F1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AEA62060-DA74-47A7-9E99-9B566E02A23C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AEE785D3-9402-4B7A-9D08-FF16C0B9AC3B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AF231F63-0308-45F3-A2B4-C6E7CBE66956} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AF549B24-9EC5-40CD-925D-F9C7DC0F2F00} folder moved successfully.
C:\Users\Siggi\AppData\Local\{AFABC5BB-7715-4D39-AE32-90967BAFA398} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B062E81D-7D67-4CC4-8B78-237E8208B5F5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B0B5DCB1-FC4A-49D6-92CA-87C563693DC2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B1084AA0-772A-46DD-8F6B-559EF3678BE8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B123D63D-0F1C-4BE9-9CAC-85FB9035A0D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B1F5D01F-7EEE-4509-AB26-EE9FA065062A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B26244C9-3F42-44DD-A3BB-642284F7C164} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B270EABC-EF86-49DA-A294-FBE35318EF95} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B2DFD72B-ECEA-4CA5-A36F-3D11EA948660} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B308B0FE-80CA-4D07-ADB7-3F5D4801D61A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B328F867-5265-4669-8E3E-608B49A6D7EC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B40BC709-9A1A-41A3-A9D7-F2A9F2AF1054} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B44E52B3-4804-41D2-812E-41F59C3A8312} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B458AABC-8512-4FF7-BE49-DC8B6BA97460} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B4B84708-29B3-43C4-A98C-4429711597FF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B59B20B9-28BA-4533-87F5-17589F945BBC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B5D8C887-3A0F-4775-8ED6-57B658622193} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B683E5F1-FFAC-43F3-8CC1-DE1A6F82C641} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B75A4156-347F-42C9-B5C7-F6D957F76DDE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B78A5BE7-986F-4594-AF1A-3192548202DE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B7AEFAFB-39BE-4F4C-A2E0-FD4B0F8C1415} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B7C6348F-8993-4DD6-B988-C047451329B2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B8562AA0-4805-4012-BF92-B2D111BBD37A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B8E94DB5-2EB6-4346-BB97-53E9C52544D8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B900FE2C-08E0-4893-A04F-0FFEB28F352F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B9BAB591-3DA5-4AB0-A189-E82CE4E65332} folder moved successfully.
C:\Users\Siggi\AppData\Local\{B9DD7540-0D42-473F-B168-66ADB30DFB1E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BA6D0DBA-C9A3-4F55-B781-E196676FBB55} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BB1BD833-C97C-4048-9F68-7A45DF13C020} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BB44C220-DE19-40F1-B09B-22559D0EC202} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BBA437C6-0C4D-48B4-BCF1-CEC5285EB99B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BBE00D8C-198E-435B-A910-CEB09FA8E0F4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BC652FDD-DB2D-4E25-864F-A3D14597780A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BCB534C1-4699-4762-9158-343754EA6CFC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BCF08D62-026C-4928-A2EA-DF8AE6FAEACE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BDA098B2-66A2-4E18-A9A3-5C13F3C65FFC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BDB38007-EF71-4DFB-BA4A-D06771288520} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BE068B72-C16D-4FDB-9A75-0D749F4EF777} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BEE29C7E-09FB-4850-B474-5177E5B179CC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BEF58522-88C4-42A4-BFE8-1E11EBEB4DE5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BF1E20D8-DFF0-4518-9DD8-08C6674CA294} folder moved successfully.
C:\Users\Siggi\AppData\Local\{BF34A762-100C-4053-83CF-A229DD24329C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C01FB767-362E-4092-9367-277B4055BDD3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C046D7CC-F6DF-4CAF-A15E-BEB96622B138} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C0D9914B-AC4E-4CEB-8158-337DFA14ADA6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C0EA0DA0-283D-4929-A615-B25A1787358D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C119D725-31D8-42E8-96D1-C9AA5FE74F35} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C156C553-08D2-4958-BE25-A2289F8AEC1A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C19583B8-497F-4BE3-905B-0BEAD78B2A14} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C1ABAECF-5D06-43C6-B3AA-C625D37B17D1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C1B4AA91-A7AD-4D88-AED0-826B8A93E9C1} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C1FA6323-13E0-4277-9352-FB5A3C18ED57} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C277F675-4DDA-4D74-876D-DFF73434C930} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C284A987-92AA-4134-879C-AD2A1818ABEE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C3345C9E-E1FD-41C7-85F7-F76841EE2BB8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C36B6C85-CD12-4434-917E-883F26955232} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C3EA84BF-BF73-4D59-AEEC-6C04A769F43F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C4FE6389-15D0-44E3-A232-1079DDB63831} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C51B7660-9029-4E01-95BB-97E2DBCE220B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C5940CC9-E9D4-43C9-8114-84DE4057E832} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C5D340E0-AC56-4E4F-9F95-9AE4ABC7610E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C6829106-B554-4798-ABD0-84DBA8967F5F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C6F65436-D301-4C4B-A5A3-FE22BEE48C69} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C705D50C-5AA3-4D3F-A295-9653426B8AF9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C7203CA9-DEFB-4A2F-BFD9-421DF24C1A11} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C726F046-4C49-4152-86A2-4B862BB8939D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C7343294-F8F8-461C-875A-5F0DA43D9253} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C7BD8399-FB12-4478-AD44-EB394223857C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C842D2AB-1420-4181-AD90-772AE279BEBC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C84E8995-9F4E-4BC6-A3CA-1026315E5E0C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C95A284E-6CBD-4FBB-A5B7-D1EA98545FB4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C9723F62-8328-448E-B5E1-C4F8E13690E4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C98D2B6F-3FC1-48C5-90B1-E2FABFE92745} folder moved successfully.
C:\Users\Siggi\AppData\Local\{C9FF1F48-3524-476A-8EE9-F0FECC14229C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CA4701E0-ACCE-46E4-B6A1-F1BD1C49B323} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CA77DCA5-301E-45C7-857A-59D2C248CAFC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CABED786-7F9E-4664-9289-285284078222} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CB49C086-355A-427B-9868-1FF6B99A70A9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CB4A285A-0689-4DAE-B640-16C6863F8272} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CB4AF90F-610E-4B6E-8276-9387550B5C82} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CB89247C-4210-4A7D-A6C3-4855C07B4FB0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CBE74BA9-15F5-463B-B74A-001310D58CC9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CBF19528-020B-4402-9D75-589CA7B41A58} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CC0C2D00-1EFC-4E30-BE82-89FB5C3E5DF5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CC540EB4-3C98-4726-9752-A3E9FE1F4C8B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CC5E390D-26C7-4358-A886-372798FCE332} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CCBBB49E-2F7E-4B38-81A3-E67A25B8AA78} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CDFEA2CC-CD2F-4C5C-A2C6-94DE1A24C138} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CE8D6A75-724D-4B43-B165-2968D7E2FD40} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CE9D0F60-8033-4422-9C57-F360201FFBDC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CEB49DF5-11DA-4E30-A986-85504F5FF036} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CEDE75BC-1BF9-4D0B-99DD-5F0E0EE7171E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{CFB4DB63-E992-4E4B-94B4-E834A41B408F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D003155E-A5F4-4F08-ACBB-633A8A7B0713} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D05E6F15-436B-436D-B99F-8CA34A871982} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D0CC9CDA-018A-4C31-8EA9-30FF4F9915CE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D15724BC-7D71-4375-AB0B-58225364BA8C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D1A6FD3B-FB95-4EBD-B2BC-42C683B95955} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D2EC5A42-DBA7-417E-A9D8-DFA1F41FACD4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D3574FBA-AA03-4BAD-BC6B-C4F54066EF14} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D3956ED2-8769-4998-A0F7-103DB8A12571} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D4438A14-AFCA-4192-9619-234766E7B73F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D4682C51-874F-4464-9C4C-6D20126CD515} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D475F0ED-B7B7-4392-BFE5-DB32791E0D84} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D590980E-B580-4928-B72C-642929D5D842} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D59B5590-3BDD-4D24-B21E-017C7C1147D6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D5E7C7CA-0C2A-476C-9AF8-1E23BD83B184} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D628471B-A8FE-45E1-A8E1-3A537434A636} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D6BB827E-9D09-4AA6-B67A-E3E6CAD14273} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D6BE70FC-9AF1-4D1D-A9D1-176B699A6FB9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D780E2A1-AD06-44C7-924A-E0838B06CCE7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D797521A-4A24-4FFB-A1F9-9194E11E9438} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D845B5D2-0D0D-44A9-A536-607E95879980} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D8AFD92B-B8D5-4F34-94D3-A41AF583C558} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D8C9F921-72E8-4982-9CB2-1ED58791EFD7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D8EDA33C-67B1-433B-8282-BC0B78FA2169} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D90226D1-A30D-41EC-9481-12F9B8FD6A63} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D90C5438-F160-4329-B027-47D8CAEF540C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D94FDA6C-B9DD-44CD-949C-0578F6C24E93} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D9607DEF-E4F2-4B75-B782-C4A2ED4C6109} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D978E426-C972-4FE4-8642-BA81A88C7E07} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D9967099-D0FA-475A-BC0F-11CF907682B3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D9B8F578-113F-4667-A123-906C71E0D3B2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{D9DE760D-5537-4582-B7D4-E2BFDE8B5403} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DA25A52F-0D58-4267-9B4D-89EF4452281B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DABCCCA3-164A-422D-A4BE-D49E25942B7B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DACAD6F3-BB09-45A4-A791-0B094255113C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DB3DC326-E378-4B9E-A4CA-6B9DA81337BD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DB688847-7E36-49F5-BB05-2A4AA5B04CBC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DB71A5DC-B2C4-4BD5-BC8B-58D51D19596E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DC4B2874-5B18-4F9C-84C6-77040A826E90} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DC50C826-BCE5-4BEF-90A6-897DCA431CDF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DC54636B-E209-4733-BD95-8096BCFCA93B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DCF8626A-8CC8-4D79-BC0D-A3CBECBADBB6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DD089581-2241-4285-877D-5D8150717C2F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DD1EE93E-0FAD-41CC-9B65-1E895606FA49} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DDC6FB22-A4C9-44A2-9863-03518D115C77} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DDD59218-74C5-43FA-9C64-57EE0E7B75C0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DDF65BF6-C296-488A-825D-5DF950BBDBFF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DE0C1AF2-F877-4F0C-85CD-4963A78E4B92} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DE6A5D2E-9269-41C9-B175-3A8DF9C9858B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DE91D397-535F-478D-B4CC-C6FACA700AF4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DF1F5FDE-C419-4E66-905C-137F50A9E69B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DF4DF92A-7FA7-46AA-8FAF-990325A13B4A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DF4FE9A1-CC7C-49E8-AD7D-A47DD3068589} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DF9B181D-DC24-451B-B80B-71BD19202447} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DFC77025-BB84-4BB9-B6D5-922B4ABE2789} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DFE1FB55-B2C8-4BCF-8C08-8DC9FBD891BF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{DFE55DBB-C4F2-4786-89A6-069471C180BE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E0ABF64B-9A45-4EEF-927F-68EDD0AACDC0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E0FE817B-FB5F-48BD-AFCC-2333F2D51908} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E13558B5-AC4F-4121-BC3B-90149630625E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E1EA982F-28C4-4B8B-88AE-B09D52046CAC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E27D4D67-E5CA-4C8E-B97B-3644A68DC2C4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E2A72B88-76C0-4E4F-8EC5-AB8748A464FC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E2C97A52-594B-4646-8D40-90E84228ECED} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E2F29D2E-C115-4D09-9B19-7A9EC4235DAD} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E3906375-F260-401A-8CD2-A0D326D1DB2A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E3E57821-C065-4DDB-A026-BA899EA56242} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E4257AA0-DAAA-4F7F-BD67-9005674EBF7B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E43612DC-A710-4FFB-9769-EEF6D395B79D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E480E246-5C83-47D1-BAA9-005738F97148} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E497EB00-9CC2-4102-B090-8625B34EFCAF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E4D3952D-71E1-45CC-BD84-962F2A295D4F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E4DE9BAF-3863-4AA7-BB32-D7F2D0986ACC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E57A8E93-48B8-4016-8B14-DFB616DB3538} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E5A1E322-72E3-49CB-B508-361F3B125B18} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E5F3047B-757F-42E7-A446-7731F831743A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E6A8537D-F97A-476D-81A4-92A263DFC29C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E6B5EBAB-E662-4057-9D71-F1AA81F0108F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E7E3B090-20AE-4D82-B498-CE524B466EE4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E81B7211-B60E-4858-9C3B-8998EB897CB6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E8488BDE-FCF6-4361-9AE1-A75EC6A3592F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E864B54A-8D4C-410D-89E0-B33F03BB4714} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E89C2537-ED8E-4BBE-91F8-F9010D501CB8} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E93CB3CA-6D7A-4CB4-995C-D8221E1C16F4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E980F7FE-577E-4C65-B590-4387B54C392F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{E9BBDDB3-CC74-41FD-9E86-62ABD62C1A2A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EA4629FC-5D6D-4488-BC9B-74A5589202E0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EA6E96CC-98A4-4234-A204-118E1B649337} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EA731F0E-17FE-4AF6-B875-36335EA38BC4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EAEEB240-653E-495C-9D64-862BF1F9E2FE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EC7FFFA4-D3F9-4BF6-AB9C-31C5312D943D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{ED070CD5-8F0E-4A38-A9E8-3934E2576A53} folder moved successfully.
C:\Users\Siggi\AppData\Local\{ED2CEFBA-048B-4BBE-8F68-DB0C7820ED8F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EDA4487E-DA3E-4369-8CA4-C124226F1EF3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EE3D8130-02C3-4CE5-BB83-DF41983CD354} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EE549C7D-5DFC-460F-BFD6-E7FD347B2516} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EE6D4088-74BD-4DC6-B069-F9D27FE3E06D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EE9C67E3-FB38-4067-B5C2-E62C0F21CFD6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EEA82D50-1E9B-480A-A04F-57DEA0E8E26E} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EED1003F-3EA7-4D9D-849D-3C084D1CD435} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EED7F31A-0612-43FD-B318-5C8703225E72} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EEF07CBF-F9D8-48BD-AD38-91390BA68DD0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EF3A5369-5D7D-4249-B7FB-4D8A057F8C76} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EF42163C-EA3F-4F3A-AE7A-BBFBE784CF56} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EF479602-91F4-4055-8EC5-93AF14C9B2A5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EF8B4DD0-BBE4-498E-B7A1-42120FFA8004} folder moved successfully.
C:\Users\Siggi\AppData\Local\{EFF6B9F5-10CE-4793-83E8-61804BC94F4D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F02469E6-E36A-49A6-B8DD-E24B4970B852} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F10C5278-25D8-4D77-A9B1-88D4DC8703E9} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F141EA05-C417-4133-95BD-42E0DC9E821C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F1800ADC-E24A-47C7-84B7-8A7F8254CD28} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F1FDC88C-9A4B-45B5-A644-566F3B466125} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F22A0070-1C13-4327-BD22-D4F4ACDEC0E0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F276D707-A578-4B0F-B6AE-E002135BD209} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F2A24672-1BE6-4A87-A9ED-E8245E95436B} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F3E484F9-8095-4375-9F69-E3198FE8F5DE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F4C1E7D9-7875-4641-8638-6B0022242544} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F50A318E-4696-4ABF-87BE-E0ACB9FCD169} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F565651D-9AD2-400B-83C8-91D7713C16A3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F58C3B9E-54F2-494F-8978-EDB168D3B133} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F58EF908-1B44-486D-8EF8-B806982C22B3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F6467BB0-2D31-4D50-B627-B6DB9F94A8CF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F64809F0-9ED3-4574-BF39-12BD1C207012} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F669CE62-C540-4B04-9C4C-04D7D1276CFE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F6C01BDA-EDEB-4139-B72E-5064D83D568C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F6E6D4C4-D9E5-4B53-994B-C6460D76B94A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F70D1C45-FF9F-48E8-893A-E47159540441} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F75CA86F-5673-4049-9318-ADB452076A14} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F7D6719D-69FA-4281-ACD8-09E8ED4D7E15} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F85F41F3-8E0B-48AC-83D7-2CEC9C96779D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F86BC305-9CE0-43D9-9D82-3A4FBCFB7923} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F86D26DA-F4EA-4AB1-A240-FF655665E07C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F88604EB-4191-4763-AE56-85F5E42CC150} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F99DE3D3-14CE-4F1C-862D-7DB7025AE0CC} folder moved successfully.
C:\Users\Siggi\AppData\Local\{F9CFAB19-E205-4494-8EE6-108678FFE8AE} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FA2D033A-369E-4471-BCE5-D302989240BA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FAF1024E-BFB3-4A84-9C32-9AA95A4B03FA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FB05CBE5-54E0-4B01-8436-D8B0D367117A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FB426A4A-6539-4B87-A8C8-C3011DBBA1A3} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FB7DC964-B785-4FF4-B596-3B706FB54816} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FBB9EC33-771E-41C2-B32E-7B285EC4DFB0} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FBD3CE97-855F-4995-B3B4-2F06EA37370C} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FBF194D8-8D88-4248-9811-3BD2F1EB4EF5} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FC32B9FF-FCB4-4904-B137-6A829617667D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FC8626F4-6254-4830-91B1-D5704B51BFDF} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FCFFC234-B15B-4231-8194-C3077F0DB14F} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FD6AE53B-247F-42E1-87A3-71258AF6DBA7} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FDED194D-A448-4A05-AFC9-7F1E0635A62A} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FE2170F5-F8F1-4304-A92D-376A071CAFFA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FEAB741E-40C5-4205-8339-D3CE31B3C182} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FEB32C9A-8146-4B2E-89CA-9C7B8B5C9A5D} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FEFB3CA1-00A1-429B-B8FE-42163A147882} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FF34CDB4-E8E0-4FDE-A59D-25307CDDA6B2} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FF56F83A-1866-405D-8466-DB0D7C5ABD77} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FF620399-0834-4BEF-A649-27CE8E4BA9FA} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FF9F6476-2E24-47CE-B69D-A8C8E22A32D4} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FFDBCEDB-0792-44F8-95DE-95275DCA2AE6} folder moved successfully.
C:\Users\Siggi\AppData\Local\{FFEA8217-2AF2-465D-BAC1-3F9F2B522597} folder moved successfully.
File\Folder C:\Windows\system32\consrv.dll not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Siggi
->Temp folder emptied: 651616 bytes
->Temporary Internet Files folder emptied: 38898452 bytes
->Java cache emptied: 2856644 bytes
->FireFox cache emptied: 61341601 bytes
->Flash cache emptied: 116014 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 878132 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 148864 bytes
 
Total Files Cleaned = 100,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12292011_130341

Files\Folders moved on Reboot...
C:\Users\Siggi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         

Alt 29.12.2011, 15:44   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 17:11   #9
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hier der TDSS-Log, es wurde etwas gefunden, das ich erstmal geskiped habe

Code:
ATTFilter
18:08:41.0588 1108	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
18:08:41.0643 1108	============================================================
18:08:41.0643 1108	Current date / time: 2011/12/29 18:08:41.0643
18:08:41.0643 1108	SystemInfo:
18:08:41.0643 1108	
18:08:41.0643 1108	OS Version: 6.1.7601 ServicePack: 1.0
18:08:41.0643 1108	Product type: Workstation
18:08:41.0643 1108	ComputerName: SIGGI-PC
18:08:41.0643 1108	UserName: Siggi
18:08:41.0643 1108	Windows directory: C:\Windows
18:08:41.0643 1108	System windows directory: C:\Windows
18:08:41.0643 1108	Running under WOW64
18:08:41.0643 1108	Processor architecture: Intel x64
18:08:41.0643 1108	Number of processors: 6
18:08:41.0643 1108	Page size: 0x1000
18:08:41.0643 1108	Boot type: Normal boot
18:08:41.0643 1108	============================================================
18:08:41.0792 1108	Initialize success
18:09:00.0787 2784	============================================================
18:09:00.0787 2784	Scan started
18:09:00.0787 2784	Mode: Manual; SigCheck; TDLFS; 
18:09:00.0787 2784	============================================================
18:09:00.0963 2784	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:09:00.0996 2784	1394ohci - ok
18:09:01.0003 2784	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:09:01.0013 2784	ACPI - ok
18:09:01.0018 2784	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:09:01.0040 2784	AcpiPmi - ok
18:09:01.0052 2784	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:09:01.0068 2784	adp94xx - ok
18:09:01.0076 2784	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:09:01.0089 2784	adpahci - ok
18:09:01.0096 2784	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:09:01.0106 2784	adpu320 - ok
18:09:01.0123 2784	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
18:09:01.0143 2784	AFD - ok
18:09:01.0149 2784	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:09:01.0158 2784	agp440 - ok
18:09:01.0165 2784	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:09:01.0173 2784	aliide - ok
18:09:01.0181 2784	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:09:01.0189 2784	amdide - ok
18:09:01.0195 2784	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
18:09:01.0219 2784	amdiox64 - ok
18:09:01.0227 2784	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:09:01.0241 2784	AmdK8 - ok
18:09:01.0339 2784	amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
18:09:01.0497 2784	amdkmdag - ok
18:09:01.0510 2784	amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
18:09:01.0527 2784	amdkmdap - ok
18:09:01.0533 2784	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:09:01.0541 2784	AmdPPM - ok
18:09:01.0547 2784	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:09:01.0557 2784	amdsata - ok
18:09:01.0565 2784	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:09:01.0576 2784	amdsbs - ok
18:09:01.0581 2784	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:09:01.0589 2784	amdxata - ok
18:09:01.0595 2784	amd_sata        (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
18:09:01.0600 2784	amd_sata - ok
18:09:01.0605 2784	amd_xata        (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
18:09:01.0612 2784	amd_xata - ok
18:09:01.0619 2784	AODDriver2      (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
18:09:01.0624 2784	AODDriver2 - ok
18:09:01.0627 2784	AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
18:09:01.0631 2784	AODDriver4.01 - ok
18:09:01.0643 2784	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:09:01.0706 2784	AppID - ok
18:09:01.0720 2784	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:09:01.0730 2784	arc - ok
18:09:01.0736 2784	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:09:01.0746 2784	arcsas - ok
18:09:01.0748 2784	AsIO - ok
18:09:01.0759 2784	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:09:01.0809 2784	AsyncMac - ok
18:09:01.0817 2784	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:09:01.0826 2784	atapi - ok
18:09:01.0835 2784	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
18:09:01.0846 2784	AtiHDAudioService - ok
18:09:01.0853 2784	AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
18:09:01.0866 2784	AtiHdmiService - ok
18:09:01.0871 2784	AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
18:09:01.0878 2784	AtiPcie - ok
18:09:01.0888 2784	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:09:01.0898 2784	avgntflt - ok
18:09:01.0904 2784	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
18:09:01.0913 2784	avipbb - ok
18:09:01.0925 2784	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:09:01.0942 2784	b06bdrv - ok
18:09:01.0950 2784	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:09:01.0964 2784	b57nd60a - ok
18:09:01.0977 2784	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:09:02.0000 2784	Beep - ok
18:09:02.0009 2784	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:09:02.0020 2784	blbdrive - ok
18:09:02.0027 2784	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:09:02.0039 2784	bowser - ok
18:09:02.0045 2784	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:09:02.0064 2784	BrFiltLo - ok
18:09:02.0069 2784	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:09:02.0079 2784	BrFiltUp - ok
18:09:02.0088 2784	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:09:02.0106 2784	Brserid - ok
18:09:02.0111 2784	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:09:02.0124 2784	BrSerWdm - ok
18:09:02.0132 2784	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:09:02.0143 2784	BrUsbMdm - ok
18:09:02.0148 2784	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:09:02.0157 2784	BrUsbSer - ok
18:09:02.0164 2784	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:09:02.0176 2784	BTHMODEM - ok
18:09:02.0186 2784	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:09:02.0212 2784	cdfs - ok
18:09:02.0218 2784	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:09:02.0231 2784	cdrom - ok
18:09:02.0239 2784	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:09:02.0252 2784	circlass - ok
18:09:02.0260 2784	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:09:02.0270 2784	CLFS - ok
18:09:02.0282 2784	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:09:02.0292 2784	CmBatt - ok
18:09:02.0297 2784	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:09:02.0306 2784	cmdide - ok
18:09:02.0318 2784	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
18:09:02.0339 2784	CNG - ok
18:09:02.0344 2784	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:09:02.0353 2784	Compbatt - ok
18:09:02.0359 2784	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:09:02.0372 2784	CompositeBus - ok
18:09:02.0379 2784	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:09:02.0388 2784	crcdisk - ok
18:09:02.0401 2784	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:09:02.0419 2784	CSC - ok
18:09:02.0431 2784	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:09:02.0457 2784	DfsC - ok
18:09:02.0464 2784	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:09:02.0487 2784	discache - ok
18:09:02.0494 2784	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:09:02.0503 2784	Disk - ok
18:09:02.0516 2784	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
18:09:02.0530 2784	Dot4 - ok
18:09:02.0536 2784	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
18:09:02.0548 2784	Dot4Print - ok
18:09:02.0553 2784	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
18:09:02.0565 2784	dot4usb - ok
18:09:02.0572 2784	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:09:02.0582 2784	drmkaud - ok
18:09:02.0597 2784	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:09:02.0620 2784	DXGKrnl - ok
18:09:02.0657 2784	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:09:02.0705 2784	ebdrv - ok
18:09:02.0720 2784	EIO64           (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
18:09:02.0728 2784	EIO64 - ok
18:09:02.0739 2784	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:09:02.0755 2784	elxstor - ok
18:09:02.0760 2784	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:09:02.0771 2784	ErrDev - ok
18:09:02.0782 2784	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:09:02.0810 2784	exfat - ok
18:09:02.0817 2784	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:09:02.0845 2784	fastfat - ok
18:09:02.0852 2784	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:09:02.0863 2784	fdc - ok
18:09:02.0872 2784	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:09:02.0881 2784	FileInfo - ok
18:09:02.0887 2784	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:09:02.0911 2784	Filetrace - ok
18:09:02.0917 2784	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:09:02.0937 2784	flpydisk - ok
18:09:02.0948 2784	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:09:02.0962 2784	FltMgr - ok
18:09:02.0971 2784	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:09:02.0980 2784	FsDepends - ok
18:09:02.0985 2784	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:09:02.0993 2784	Fs_Rec - ok
18:09:03.0001 2784	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:09:03.0016 2784	fvevol - ok
18:09:03.0023 2784	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:09:03.0032 2784	gagp30kx - ok
18:09:03.0038 2784	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:09:03.0044 2784	GEARAspiWDM - ok
18:09:03.0052 2784	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:09:03.0063 2784	hcw85cir - ok
18:09:03.0072 2784	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:09:03.0089 2784	HdAudAddService - ok
18:09:03.0099 2784	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:09:03.0109 2784	HDAudBus - ok
18:09:03.0114 2784	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:09:03.0124 2784	HidBatt - ok
18:09:03.0130 2784	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:09:03.0144 2784	HidBth - ok
18:09:03.0150 2784	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:09:03.0162 2784	HidIr - ok
18:09:03.0170 2784	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:09:03.0180 2784	HidUsb - ok
18:09:03.0194 2784	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:09:03.0204 2784	HpSAMD - ok
18:09:03.0216 2784	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:09:03.0243 2784	HTTP - ok
18:09:03.0249 2784	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:09:03.0256 2784	hwpolicy - ok
18:09:03.0264 2784	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:09:03.0275 2784	i8042prt - ok
18:09:03.0288 2784	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:09:03.0302 2784	iaStorV - ok
18:09:03.0311 2784	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:09:03.0320 2784	iirsp - ok
18:09:03.0350 2784	IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
18:09:03.0394 2784	IntcAzAudAddService - ok
18:09:03.0403 2784	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:09:03.0411 2784	intelide - ok
18:09:03.0417 2784	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:09:03.0429 2784	intelppm - ok
18:09:03.0435 2784	IOMap           (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
18:09:03.0439 2784	IOMap - ok
18:09:03.0447 2784	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:09:03.0472 2784	IpFilterDriver - ok
18:09:03.0480 2784	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:09:03.0493 2784	IPMIDRV - ok
18:09:03.0499 2784	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:09:03.0525 2784	IPNAT - ok
18:09:03.0532 2784	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:09:03.0553 2784	IRENUM - ok
18:09:03.0558 2784	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:09:03.0566 2784	isapnp - ok
18:09:03.0578 2784	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:09:03.0591 2784	iScsiPrt - ok
18:09:03.0598 2784	JRAID           (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
18:09:03.0607 2784	JRAID - ok
18:09:03.0613 2784	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:09:03.0622 2784	kbdclass - ok
18:09:03.0627 2784	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:09:03.0637 2784	kbdhid - ok
18:09:03.0645 2784	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
18:09:03.0655 2784	KSecDD - ok
18:09:03.0662 2784	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
18:09:03.0673 2784	KSecPkg - ok
18:09:03.0679 2784	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:09:03.0703 2784	ksthunk - ok
18:09:03.0717 2784	LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:09:03.0725 2784	LHidFilt - ok
18:09:03.0731 2784	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:09:03.0757 2784	lltdio - ok
18:09:03.0771 2784	LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:09:03.0779 2784	LMouFilt - ok
18:09:03.0788 2784	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:09:03.0798 2784	LSI_FC - ok
18:09:03.0804 2784	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:09:03.0814 2784	LSI_SAS - ok
18:09:03.0820 2784	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:09:03.0829 2784	LSI_SAS2 - ok
18:09:03.0836 2784	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:09:03.0846 2784	LSI_SCSI - ok
18:09:03.0854 2784	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:09:03.0882 2784	luafv - ok
18:09:03.0888 2784	LUsbFilt        (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
18:09:03.0897 2784	LUsbFilt - ok
18:09:03.0903 2784	Magic Tune      (b3b7c5f26f3f8c7992350b7ede64f5c9) C:\Windows\system32\Drivers\MtiCtwl.sys
18:09:03.0910 2784	Magic Tune - ok
18:09:03.0918 2784	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:09:03.0927 2784	megasas - ok
18:09:03.0938 2784	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:09:03.0950 2784	MegaSR - ok
18:09:03.0958 2784	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:09:03.0982 2784	Modem - ok
18:09:03.0988 2784	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:09:03.0998 2784	monitor - ok
18:09:04.0004 2784	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:09:04.0013 2784	mouclass - ok
18:09:04.0019 2784	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:09:04.0029 2784	mouhid - ok
18:09:04.0035 2784	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:09:04.0045 2784	mountmgr - ok
18:09:04.0059 2784	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:09:04.0071 2784	mpio - ok
18:09:04.0077 2784	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:09:04.0103 2784	mpsdrv - ok
18:09:04.0112 2784	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:09:04.0136 2784	MRxDAV - ok
18:09:04.0153 2784	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:09:04.0165 2784	mrxsmb - ok
18:09:04.0173 2784	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:09:04.0187 2784	mrxsmb10 - ok
18:09:04.0194 2784	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:09:04.0205 2784	mrxsmb20 - ok
18:09:04.0210 2784	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:09:04.0219 2784	msahci - ok
18:09:04.0225 2784	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:09:04.0236 2784	msdsm - ok
18:09:04.0246 2784	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:09:04.0270 2784	Msfs - ok
18:09:04.0276 2784	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:09:04.0300 2784	mshidkmdf - ok
18:09:04.0305 2784	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:09:04.0313 2784	msisadrv - ok
18:09:04.0322 2784	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:09:04.0345 2784	MSKSSRV - ok
18:09:04.0351 2784	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:09:04.0376 2784	MSPCLOCK - ok
18:09:04.0384 2784	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:09:04.0408 2784	MSPQM - ok
18:09:04.0417 2784	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:09:04.0431 2784	MsRPC - ok
18:09:04.0438 2784	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:09:04.0445 2784	mssmbios - ok
18:09:04.0450 2784	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:09:04.0475 2784	MSTEE - ok
18:09:04.0480 2784	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:09:04.0490 2784	MTConfig - ok
18:09:04.0496 2784	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
18:09:04.0502 2784	MTsensor - ok
18:09:04.0509 2784	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:09:04.0518 2784	Mup - ok
18:09:04.0528 2784	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:09:04.0545 2784	NativeWifiP - ok
18:09:04.0560 2784	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:09:04.0578 2784	NDIS - ok
18:09:04.0587 2784	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:09:04.0612 2784	NdisCap - ok
18:09:04.0618 2784	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:09:04.0643 2784	NdisTapi - ok
18:09:04.0649 2784	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:09:04.0675 2784	Ndisuio - ok
18:09:04.0681 2784	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:09:04.0708 2784	NdisWan - ok
18:09:04.0714 2784	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:09:04.0738 2784	NDProxy - ok
18:09:04.0746 2784	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:09:04.0772 2784	NetBIOS - ok
18:09:04.0780 2784	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:09:04.0803 2784	NetBT - ok
18:09:04.0820 2784	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:09:04.0829 2784	nfrd960 - ok
18:09:04.0839 2784	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:09:04.0864 2784	Npfs - ok
18:09:04.0874 2784	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:09:04.0899 2784	nsiproxy - ok
18:09:04.0922 2784	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:09:04.0958 2784	Ntfs - ok
18:09:04.0964 2784	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:09:04.0988 2784	Null - ok
18:09:04.0995 2784	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:09:05.0006 2784	nvraid - ok
18:09:05.0013 2784	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:09:05.0024 2784	nvstor - ok
18:09:05.0031 2784	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:09:05.0041 2784	nv_agp - ok
18:09:05.0050 2784	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:09:05.0062 2784	ohci1394 - ok
18:09:05.0072 2784	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:09:05.0083 2784	Parport - ok
18:09:05.0089 2784	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:09:05.0099 2784	partmgr - ok
18:09:05.0120 2784	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:09:05.0127 2784	pci - ok
18:09:05.0133 2784	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:09:05.0140 2784	pciide - ok
18:09:05.0148 2784	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:09:05.0160 2784	pcmcia - ok
18:09:05.0166 2784	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:09:05.0175 2784	pcw - ok
18:09:05.0185 2784	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:09:05.0221 2784	PEAUTH - ok
18:09:05.0253 2784	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:09:05.0279 2784	PptpMiniport - ok
18:09:05.0285 2784	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:09:05.0298 2784	Processor - ok
18:09:05.0308 2784	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:09:05.0334 2784	Psched - ok
18:09:05.0353 2784	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:09:05.0386 2784	ql2300 - ok
18:09:05.0392 2784	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:09:05.0403 2784	ql40xx - ok
18:09:05.0410 2784	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:09:05.0423 2784	QWAVEdrv - ok
18:09:05.0429 2784	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:09:05.0453 2784	RasAcd - ok
18:09:05.0461 2784	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:05.0487 2784	RasAgileVpn - ok
18:09:05.0496 2784	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:05.0522 2784	Rasl2tp - ok
18:09:05.0531 2784	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:05.0557 2784	RasPppoe - ok
18:09:05.0564 2784	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:09:05.0590 2784	RasSstp - ok
18:09:05.0601 2784	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:09:05.0630 2784	rdbss - ok
18:09:05.0635 2784	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:09:05.0647 2784	rdpbus - ok
18:09:05.0652 2784	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:05.0676 2784	RDPCDD - ok
18:09:05.0685 2784	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:09:05.0697 2784	RDPDR - ok
18:09:05.0703 2784	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:09:05.0727 2784	RDPENCDD - ok
18:09:05.0736 2784	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:09:05.0759 2784	RDPREFMP - ok
18:09:05.0767 2784	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:09:05.0793 2784	RDPWD - ok
18:09:05.0801 2784	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:09:05.0814 2784	rdyboost - ok
18:09:05.0828 2784	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:09:05.0854 2784	rspndr - ok
18:09:05.0865 2784	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:09:05.0881 2784	RTL8167 - ok
18:09:05.0887 2784	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:09:05.0897 2784	s3cap - ok
18:09:05.0900 2784	SANDRA - ok
18:09:05.0910 2784	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:09:05.0921 2784	sbp2port - ok
18:09:05.0930 2784	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:09:05.0954 2784	scfilter - ok
18:09:05.0967 2784	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:09:05.0992 2784	secdrv - ok
18:09:06.0002 2784	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:09:06.0011 2784	Serenum - ok
18:09:06.0018 2784	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:09:06.0029 2784	Serial - ok
18:09:06.0035 2784	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:09:06.0045 2784	sermouse - ok
18:09:06.0056 2784	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:09:06.0066 2784	sffdisk - ok
18:09:06.0071 2784	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:09:06.0080 2784	sffp_mmc - ok
18:09:06.0086 2784	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:09:06.0096 2784	sffp_sd - ok
18:09:06.0102 2784	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:09:06.0112 2784	sfloppy - ok
18:09:06.0121 2784	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:09:06.0129 2784	SiSRaid2 - ok
18:09:06.0136 2784	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:09:06.0145 2784	SiSRaid4 - ok
18:09:06.0153 2784	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:09:06.0179 2784	Smb - ok
18:09:06.0190 2784	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:09:06.0199 2784	spldr - ok
18:09:06.0213 2784	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:09:06.0231 2784	srv - ok
18:09:06.0240 2784	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:09:06.0257 2784	srv2 - ok
18:09:06.0264 2784	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:09:06.0277 2784	srvnet - ok
18:09:06.0288 2784	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:09:06.0296 2784	stexstor - ok
18:09:06.0304 2784	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:09:06.0312 2784	storflt - ok
18:09:06.0320 2784	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:09:06.0328 2784	storvsc - ok
18:09:06.0336 2784	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:09:06.0344 2784	swenum - ok
18:09:06.0373 2784	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:09:06.0416 2784	Tcpip - ok
18:09:06.0438 2784	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:09:06.0461 2784	TCPIP6 - ok
18:09:06.0472 2784	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:09:06.0496 2784	tcpipreg - ok
18:09:06.0504 2784	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:09:06.0527 2784	TDPIPE - ok
18:09:06.0533 2784	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:09:06.0558 2784	TDTCP - ok
18:09:06.0566 2784	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:09:06.0592 2784	tdx - ok
18:09:06.0598 2784	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:09:06.0608 2784	TermDD - ok
18:09:06.0623 2784	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:06.0646 2784	tssecsrv - ok
18:09:06.0653 2784	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:09:06.0665 2784	TsUsbFlt - ok
18:09:06.0671 2784	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
18:09:06.0675 2784	TuneUpUtilitiesDrv - ok
18:09:06.0682 2784	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:09:06.0708 2784	tunnel - ok
18:09:06.0717 2784	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:09:06.0726 2784	uagp35 - ok
18:09:06.0735 2784	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:09:06.0763 2784	udfs - ok
18:09:06.0774 2784	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:09:06.0783 2784	uliagpkx - ok
18:09:06.0790 2784	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:09:06.0801 2784	umbus - ok
18:09:06.0806 2784	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:09:06.0816 2784	UmPass - ok
18:09:06.0825 2784	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:06.0837 2784	usbccgp - ok
18:09:06.0844 2784	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:09:06.0859 2784	usbcir - ok
18:09:06.0864 2784	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:09:06.0875 2784	usbehci - ok
18:09:06.0883 2784	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:09:06.0898 2784	usbhub - ok
18:09:06.0907 2784	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:09:06.0916 2784	usbohci - ok
18:09:06.0922 2784	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:09:06.0933 2784	usbprint - ok
18:09:06.0938 2784	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:09:06.0950 2784	usbscan - ok
18:09:06.0957 2784	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:06.0969 2784	USBSTOR - ok
18:09:06.0975 2784	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:09:06.0985 2784	usbuhci - ok
18:09:06.0995 2784	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:09:07.0004 2784	vdrvroot - ok
18:09:07.0011 2784	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:07.0022 2784	vga - ok
18:09:07.0028 2784	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:09:07.0053 2784	VgaSave - ok
18:09:07.0060 2784	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:09:07.0073 2784	vhdmp - ok
18:09:07.0081 2784	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:09:07.0089 2784	viaide - ok
18:09:07.0097 2784	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:09:07.0109 2784	vmbus - ok
18:09:07.0115 2784	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:09:07.0124 2784	VMBusHID - ok
18:09:07.0130 2784	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:09:07.0140 2784	volmgr - ok
18:09:07.0149 2784	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:09:07.0158 2784	volmgrx - ok
18:09:07.0167 2784	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:09:07.0181 2784	volsnap - ok
18:09:07.0188 2784	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:09:07.0199 2784	vsmraid - ok
18:09:07.0206 2784	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:09:07.0217 2784	vwifibus - ok
18:09:07.0226 2784	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:09:07.0236 2784	WacomPen - ok
18:09:07.0243 2784	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:09:07.0268 2784	WANARP - ok
18:09:07.0271 2784	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:09:07.0293 2784	Wanarpv6 - ok
18:09:07.0306 2784	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:09:07.0315 2784	Wd - ok
18:09:07.0326 2784	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:09:07.0345 2784	Wdf01000 - ok
18:09:07.0360 2784	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:07.0385 2784	WfpLwf - ok
18:09:07.0391 2784	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:09:07.0399 2784	WIMMount - ok
18:09:07.0418 2784	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:09:07.0431 2784	WinUsb - ok
18:09:07.0440 2784	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:09:07.0448 2784	WmiAcpi - ok
18:09:07.0461 2784	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:09:07.0486 2784	ws2ifsl - ok
18:09:07.0499 2784	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:09:07.0524 2784	WudfPf - ok
18:09:07.0532 2784	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:07.0558 2784	WUDFRd - ok
18:09:07.0567 2784	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:09:07.0582 2784	\Device\Harddisk0\DR0 - ok
18:09:07.0584 2784	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
18:09:07.0622 2784	\Device\Harddisk1\DR1 ( TDSS File System ) - warning
18:09:07.0622 2784	\Device\Harddisk1\DR1 - detected TDSS File System (1)
18:09:07.0631 2784	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
18:09:07.0697 2784	\Device\Harddisk2\DR2 - ok
18:09:07.0700 2784	Boot (0x1200)   (e0155d549ee7baf04017e2d8f7603648) \Device\Harddisk0\DR0\Partition0
18:09:07.0701 2784	\Device\Harddisk0\DR0\Partition0 - ok
18:09:07.0703 2784	Boot (0x1200)   (667eaa57f7311d395dcb9b6d322409ae) \Device\Harddisk0\DR0\Partition1
18:09:07.0704 2784	\Device\Harddisk0\DR0\Partition1 - ok
18:09:07.0706 2784	Boot (0x1200)   (7b6daf7bc4a6b03c57f6c997b99d781e) \Device\Harddisk1\DR1\Partition0
18:09:07.0707 2784	\Device\Harddisk1\DR1\Partition0 - ok
18:09:07.0709 2784	Boot (0x1200)   (71698fa8384b02e4cbfbc57562a02518) \Device\Harddisk1\DR1\Partition1
18:09:07.0710 2784	\Device\Harddisk1\DR1\Partition1 - ok
18:09:07.0712 2784	Boot (0x1200)   (a9fa6dc625ff3e7cfbd6f53dacf9f1bc) \Device\Harddisk2\DR2\Partition0
18:09:07.0713 2784	\Device\Harddisk2\DR2\Partition0 - ok
18:09:07.0714 2784	============================================================
18:09:07.0714 2784	Scan finished
18:09:07.0714 2784	============================================================
18:09:07.0720 2652	Detected object count: 1
18:09:07.0720 2652	Actual detected object count: 1
18:09:21.0514 2652	\Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
18:09:21.0514 2652	\Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
         

Alt 29.12.2011, 22:04   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Zitat:
18:09:21.0514 2652 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
18:09:21.0514 2652 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
Das TDSS File System bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.01.2012, 01:16   #11
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hier das TDSS-log mit dem gelöschtem filesystem

Code:
ATTFilter
02:14:09.0986 5556	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
02:14:10.0095 5556	============================================================
02:14:10.0095 5556	Current date / time: 2012/01/03 02:14:10.0095
02:14:10.0095 5556	SystemInfo:
02:14:10.0095 5556	
02:14:10.0095 5556	OS Version: 6.1.7601 ServicePack: 1.0
02:14:10.0095 5556	Product type: Workstation
02:14:10.0095 5556	ComputerName: SIGGI-PC
02:14:10.0095 5556	UserName: Siggi
02:14:10.0095 5556	Windows directory: C:\Windows
02:14:10.0095 5556	System windows directory: C:\Windows
02:14:10.0095 5556	Running under WOW64
02:14:10.0095 5556	Processor architecture: Intel x64
02:14:10.0095 5556	Number of processors: 6
02:14:10.0095 5556	Page size: 0x1000
02:14:10.0095 5556	Boot type: Normal boot
02:14:10.0095 5556	============================================================
02:14:10.0313 5556	Initialize success
02:14:54.0946 5904	============================================================
02:14:54.0946 5904	Scan started
02:14:54.0946 5904	Mode: Manual; SigCheck; TDLFS; 
02:14:54.0946 5904	============================================================
02:14:55.0180 5904	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:14:55.0211 5904	1394ohci - ok
02:14:55.0227 5904	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:14:55.0227 5904	ACPI - ok
02:14:55.0242 5904	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:14:55.0258 5904	AcpiPmi - ok
02:14:55.0273 5904	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:14:55.0289 5904	adp94xx - ok
02:14:55.0289 5904	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:14:55.0305 5904	adpahci - ok
02:14:55.0320 5904	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:14:55.0320 5904	adpu320 - ok
02:14:55.0336 5904	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
02:14:55.0367 5904	AFD - ok
02:14:55.0367 5904	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:14:55.0383 5904	agp440 - ok
02:14:55.0383 5904	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:14:55.0398 5904	aliide - ok
02:14:55.0398 5904	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:14:55.0414 5904	amdide - ok
02:14:55.0414 5904	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
02:14:55.0445 5904	amdiox64 - ok
02:14:55.0445 5904	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:14:55.0461 5904	AmdK8 - ok
02:14:55.0554 5904	amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
02:14:55.0710 5904	amdkmdag - ok
02:14:55.0726 5904	amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
02:14:55.0741 5904	amdkmdap - ok
02:14:55.0757 5904	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:14:55.0757 5904	AmdPPM - ok
02:14:55.0773 5904	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:14:55.0773 5904	amdsata - ok
02:14:55.0788 5904	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:14:55.0788 5904	amdsbs - ok
02:14:55.0804 5904	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:14:55.0804 5904	amdxata - ok
02:14:55.0819 5904	amd_sata        (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
02:14:55.0819 5904	amd_sata - ok
02:14:55.0819 5904	amd_xata        (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
02:14:55.0835 5904	amd_xata - ok
02:14:55.0835 5904	AODDriver2      (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
02:14:55.0851 5904	AODDriver2 - ok
02:14:55.0851 5904	AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
02:14:55.0851 5904	AODDriver4.01 - ok
02:14:55.0866 5904	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:14:55.0929 5904	AppID - ok
02:14:55.0944 5904	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:14:55.0960 5904	arc - ok
02:14:55.0960 5904	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:14:55.0975 5904	arcsas - ok
02:14:55.0975 5904	AsIO - ok
02:14:55.0975 5904	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:14:56.0038 5904	AsyncMac - ok
02:14:56.0038 5904	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:14:56.0053 5904	atapi - ok
02:14:56.0053 5904	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
02:14:56.0069 5904	AtiHDAudioService - ok
02:14:56.0085 5904	AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
02:14:56.0085 5904	AtiHdmiService - ok
02:14:56.0100 5904	AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
02:14:56.0100 5904	AtiPcie - ok
02:14:56.0116 5904	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
02:14:56.0131 5904	avgntflt - ok
02:14:56.0131 5904	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
02:14:56.0147 5904	avipbb - ok
02:14:56.0163 5904	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:14:56.0178 5904	b06bdrv - ok
02:14:56.0194 5904	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:14:56.0194 5904	b57nd60a - ok
02:14:56.0209 5904	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:14:56.0241 5904	Beep - ok
02:14:56.0241 5904	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:14:56.0256 5904	blbdrive - ok
02:14:56.0256 5904	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:14:56.0272 5904	bowser - ok
02:14:56.0272 5904	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:14:56.0303 5904	BrFiltLo - ok
02:14:56.0303 5904	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:14:56.0319 5904	BrFiltUp - ok
02:14:56.0319 5904	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:14:56.0334 5904	Brserid - ok
02:14:56.0350 5904	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:14:56.0365 5904	BrSerWdm - ok
02:14:56.0365 5904	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:14:56.0381 5904	BrUsbMdm - ok
02:14:56.0381 5904	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:14:56.0397 5904	BrUsbSer - ok
02:14:56.0397 5904	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:14:56.0412 5904	BTHMODEM - ok
02:14:56.0412 5904	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:14:56.0443 5904	cdfs - ok
02:14:56.0459 5904	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
02:14:56.0459 5904	cdrom - ok
02:14:56.0475 5904	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:14:56.0490 5904	circlass - ok
02:14:56.0490 5904	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:14:56.0506 5904	CLFS - ok
02:14:56.0521 5904	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:14:56.0521 5904	CmBatt - ok
02:14:56.0537 5904	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:14:56.0537 5904	cmdide - ok
02:14:56.0553 5904	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
02:14:56.0568 5904	CNG - ok
02:14:56.0584 5904	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:14:56.0584 5904	Compbatt - ok
02:14:56.0599 5904	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:14:56.0599 5904	CompositeBus - ok
02:14:56.0615 5904	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:14:56.0615 5904	crcdisk - ok
02:14:56.0631 5904	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
02:14:56.0646 5904	CSC - ok
02:14:56.0662 5904	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:14:56.0693 5904	DfsC - ok
02:14:56.0693 5904	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:14:56.0724 5904	discache - ok
02:14:56.0724 5904	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:14:56.0740 5904	Disk - ok
02:14:56.0740 5904	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
02:14:56.0755 5904	Dot4 - ok
02:14:56.0771 5904	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
02:14:56.0771 5904	Dot4Print - ok
02:14:56.0787 5904	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
02:14:56.0787 5904	dot4usb - ok
02:14:56.0802 5904	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:14:56.0818 5904	drmkaud - ok
02:14:56.0833 5904	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:14:56.0849 5904	DXGKrnl - ok
02:14:56.0880 5904	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:14:56.0943 5904	ebdrv - ok
02:14:56.0943 5904	EIO64           (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
02:14:56.0958 5904	EIO64 - ok
02:14:56.0974 5904	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:14:56.0989 5904	elxstor - ok
02:14:56.0989 5904	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:14:57.0005 5904	ErrDev - ok
02:14:57.0005 5904	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:14:57.0036 5904	exfat - ok
02:14:57.0052 5904	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:14:57.0067 5904	fastfat - ok
02:14:57.0083 5904	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:14:57.0083 5904	fdc - ok
02:14:57.0099 5904	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:14:57.0114 5904	FileInfo - ok
02:14:57.0114 5904	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:14:57.0145 5904	Filetrace - ok
02:14:57.0145 5904	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:14:57.0177 5904	flpydisk - ok
02:14:57.0177 5904	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:14:57.0192 5904	FltMgr - ok
02:14:57.0208 5904	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:14:57.0208 5904	FsDepends - ok
02:14:57.0223 5904	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
02:14:57.0223 5904	Fs_Rec - ok
02:14:57.0239 5904	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:14:57.0255 5904	fvevol - ok
02:14:57.0255 5904	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:14:57.0270 5904	gagp30kx - ok
02:14:57.0270 5904	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:14:57.0270 5904	GEARAspiWDM - ok
02:14:57.0286 5904	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:14:57.0301 5904	hcw85cir - ok
02:14:57.0301 5904	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:14:57.0317 5904	HdAudAddService - ok
02:14:57.0333 5904	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:14:57.0333 5904	HDAudBus - ok
02:14:57.0348 5904	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:14:57.0348 5904	HidBatt - ok
02:14:57.0364 5904	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:14:57.0379 5904	HidBth - ok
02:14:57.0379 5904	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:14:57.0395 5904	HidIr - ok
02:14:57.0395 5904	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:14:57.0411 5904	HidUsb - ok
02:14:57.0426 5904	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:14:57.0442 5904	HpSAMD - ok
02:14:57.0442 5904	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:14:57.0489 5904	HTTP - ok
02:14:57.0489 5904	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:14:57.0504 5904	hwpolicy - ok
02:14:57.0504 5904	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:14:57.0520 5904	i8042prt - ok
02:14:57.0520 5904	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:14:57.0535 5904	iaStorV - ok
02:14:57.0551 5904	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:14:57.0567 5904	iirsp - ok
02:14:57.0582 5904	IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
02:14:57.0629 5904	IntcAzAudAddService - ok
02:14:57.0645 5904	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:14:57.0660 5904	intelide - ok
02:14:57.0660 5904	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:14:57.0676 5904	intelppm - ok
02:14:57.0676 5904	IOMap           (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
02:14:57.0676 5904	IOMap - ok
02:14:57.0691 5904	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:14:57.0707 5904	IpFilterDriver - ok
02:14:57.0723 5904	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:14:57.0738 5904	IPMIDRV - ok
02:14:57.0738 5904	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:14:57.0769 5904	IPNAT - ok
02:14:57.0769 5904	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:14:57.0801 5904	IRENUM - ok
02:14:57.0801 5904	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:14:57.0801 5904	isapnp - ok
02:14:57.0816 5904	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:14:57.0832 5904	iScsiPrt - ok
02:14:57.0832 5904	JRAID           (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
02:14:57.0847 5904	JRAID - ok
02:14:57.0863 5904	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:14:57.0863 5904	kbdclass - ok
02:14:57.0879 5904	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
02:14:57.0879 5904	kbdhid - ok
02:14:57.0894 5904	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
02:14:57.0894 5904	KSecDD - ok
02:14:57.0910 5904	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
02:14:57.0925 5904	KSecPkg - ok
02:14:57.0925 5904	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:14:57.0941 5904	ksthunk - ok
02:14:57.0957 5904	LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
02:14:57.0972 5904	LHidFilt - ok
02:14:57.0972 5904	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:14:58.0003 5904	lltdio - ok
02:14:58.0019 5904	LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
02:14:58.0019 5904	LMouFilt - ok
02:14:58.0035 5904	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:14:58.0035 5904	LSI_FC - ok
02:14:58.0050 5904	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:14:58.0050 5904	LSI_SAS - ok
02:14:58.0066 5904	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:14:58.0066 5904	LSI_SAS2 - ok
02:14:58.0081 5904	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:14:58.0081 5904	LSI_SCSI - ok
02:14:58.0097 5904	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:14:58.0113 5904	luafv - ok
02:14:58.0128 5904	LUsbFilt        (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
02:14:58.0128 5904	LUsbFilt - ok
02:14:58.0144 5904	Magic Tune      (b3b7c5f26f3f8c7992350b7ede64f5c9) C:\Windows\system32\Drivers\MtiCtwl.sys
02:14:58.0144 5904	Magic Tune - ok
02:14:58.0159 5904	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:14:58.0159 5904	megasas - ok
02:14:58.0175 5904	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:14:58.0191 5904	MegaSR - ok
02:14:58.0191 5904	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:14:58.0222 5904	Modem - ok
02:14:58.0222 5904	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:14:58.0237 5904	monitor - ok
02:14:58.0237 5904	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:14:58.0253 5904	mouclass - ok
02:14:58.0253 5904	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:14:58.0269 5904	mouhid - ok
02:14:58.0269 5904	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:14:58.0284 5904	mountmgr - ok
02:14:58.0284 5904	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:14:58.0300 5904	mpio - ok
02:14:58.0300 5904	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:14:58.0331 5904	mpsdrv - ok
02:14:58.0331 5904	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:14:58.0362 5904	MRxDAV - ok
02:14:58.0362 5904	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:14:58.0378 5904	mrxsmb - ok
02:14:58.0393 5904	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:14:58.0409 5904	mrxsmb10 - ok
02:14:58.0409 5904	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:14:58.0425 5904	mrxsmb20 - ok
02:14:58.0425 5904	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:14:58.0440 5904	msahci - ok
02:14:58.0440 5904	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:14:58.0456 5904	msdsm - ok
02:14:58.0471 5904	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:14:58.0487 5904	Msfs - ok
02:14:58.0487 5904	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:14:58.0518 5904	mshidkmdf - ok
02:14:58.0518 5904	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:14:58.0534 5904	msisadrv - ok
02:14:58.0534 5904	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:14:58.0565 5904	MSKSSRV - ok
02:14:58.0565 5904	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:14:58.0596 5904	MSPCLOCK - ok
02:14:58.0612 5904	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:14:58.0627 5904	MSPQM - ok
02:14:58.0643 5904	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:14:58.0659 5904	MsRPC - ok
02:14:58.0659 5904	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:14:58.0674 5904	mssmbios - ok
02:14:58.0674 5904	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:14:58.0690 5904	MSTEE - ok
02:14:58.0705 5904	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:14:58.0705 5904	MTConfig - ok
02:14:58.0721 5904	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
02:14:58.0721 5904	MTsensor - ok
02:14:58.0737 5904	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:14:58.0737 5904	Mup - ok
02:14:58.0752 5904	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:14:58.0768 5904	NativeWifiP - ok
02:14:58.0783 5904	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:14:58.0799 5904	NDIS - ok
02:14:58.0815 5904	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:14:58.0830 5904	NdisCap - ok
02:14:58.0846 5904	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:14:58.0861 5904	NdisTapi - ok
02:14:58.0861 5904	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:14:58.0893 5904	Ndisuio - ok
02:14:58.0893 5904	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:14:58.0924 5904	NdisWan - ok
02:14:58.0924 5904	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:14:58.0955 5904	NDProxy - ok
02:14:58.0955 5904	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:14:58.0986 5904	NetBIOS - ok
02:14:59.0002 5904	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:14:59.0017 5904	NetBT - ok
02:14:59.0033 5904	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:14:59.0049 5904	nfrd960 - ok
02:14:59.0049 5904	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:14:59.0080 5904	Npfs - ok
02:14:59.0080 5904	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:14:59.0111 5904	nsiproxy - ok
02:14:59.0127 5904	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:14:59.0173 5904	Ntfs - ok
02:14:59.0173 5904	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:14:59.0205 5904	Null - ok
02:14:59.0205 5904	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:14:59.0220 5904	nvraid - ok
02:14:59.0220 5904	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:14:59.0236 5904	nvstor - ok
02:14:59.0236 5904	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:14:59.0251 5904	nv_agp - ok
02:14:59.0267 5904	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:14:59.0267 5904	ohci1394 - ok
02:14:59.0283 5904	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:14:59.0298 5904	Parport - ok
02:14:59.0298 5904	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
02:14:59.0314 5904	partmgr - ok
02:14:59.0314 5904	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:14:59.0329 5904	pci - ok
02:14:59.0329 5904	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:14:59.0345 5904	pciide - ok
02:14:59.0345 5904	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:14:59.0361 5904	pcmcia - ok
02:14:59.0361 5904	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:14:59.0376 5904	pcw - ok
02:14:59.0376 5904	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:14:59.0423 5904	PEAUTH - ok
02:14:59.0454 5904	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:14:59.0470 5904	PptpMiniport - ok
02:14:59.0485 5904	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:14:59.0501 5904	Processor - ok
02:14:59.0501 5904	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:14:59.0532 5904	Psched - ok
02:14:59.0548 5904	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:14:59.0579 5904	ql2300 - ok
02:14:59.0595 5904	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:14:59.0595 5904	ql40xx - ok
02:14:59.0610 5904	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:14:59.0626 5904	QWAVEdrv - ok
02:14:59.0626 5904	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:14:59.0641 5904	RasAcd - ok
02:14:59.0657 5904	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:14:59.0673 5904	RasAgileVpn - ok
02:14:59.0688 5904	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:14:59.0719 5904	Rasl2tp - ok
02:14:59.0719 5904	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:14:59.0751 5904	RasPppoe - ok
02:14:59.0751 5904	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:14:59.0782 5904	RasSstp - ok
02:14:59.0797 5904	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:14:59.0813 5904	rdbss - ok
02:14:59.0829 5904	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:14:59.0829 5904	rdpbus - ok
02:14:59.0844 5904	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:14:59.0860 5904	RDPCDD - ok
02:14:59.0875 5904	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
02:14:59.0891 5904	RDPDR - ok
02:14:59.0891 5904	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:14:59.0922 5904	RDPENCDD - ok
02:14:59.0922 5904	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:14:59.0953 5904	RDPREFMP - ok
02:14:59.0953 5904	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
02:14:59.0985 5904	RDPWD - ok
02:14:59.0985 5904	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:15:00.0000 5904	rdyboost - ok
02:15:00.0016 5904	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:15:00.0047 5904	rspndr - ok
02:15:00.0047 5904	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:15:00.0063 5904	RTL8167 - ok
02:15:00.0063 5904	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
02:15:00.0078 5904	s3cap - ok
02:15:00.0078 5904	SANDRA - ok
02:15:00.0094 5904	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:15:00.0109 5904	sbp2port - ok
02:15:00.0109 5904	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:15:00.0141 5904	scfilter - ok
02:15:00.0141 5904	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:15:00.0172 5904	secdrv - ok
02:15:00.0187 5904	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:15:00.0187 5904	Serenum - ok
02:15:00.0203 5904	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:15:00.0203 5904	Serial - ok
02:15:00.0219 5904	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:15:00.0219 5904	sermouse - ok
02:15:00.0234 5904	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:15:00.0250 5904	sffdisk - ok
02:15:00.0250 5904	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:15:00.0265 5904	sffp_mmc - ok
02:15:00.0265 5904	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:15:00.0281 5904	sffp_sd - ok
02:15:00.0281 5904	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:15:00.0297 5904	sfloppy - ok
02:15:00.0297 5904	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:15:00.0312 5904	SiSRaid2 - ok
02:15:00.0312 5904	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:15:00.0328 5904	SiSRaid4 - ok
02:15:00.0328 5904	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:15:00.0359 5904	Smb - ok
02:15:00.0375 5904	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:15:00.0375 5904	spldr - ok
02:15:00.0390 5904	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:15:00.0406 5904	srv - ok
02:15:00.0421 5904	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:15:00.0437 5904	srv2 - ok
02:15:00.0437 5904	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:15:00.0453 5904	srvnet - ok
02:15:00.0468 5904	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:15:00.0468 5904	stexstor - ok
02:15:00.0484 5904	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
02:15:00.0484 5904	storflt - ok
02:15:00.0499 5904	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
02:15:00.0499 5904	storvsc - ok
02:15:00.0515 5904	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:15:00.0515 5904	swenum - ok
02:15:00.0546 5904	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
02:15:00.0593 5904	Tcpip - ok
02:15:00.0609 5904	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
02:15:00.0640 5904	TCPIP6 - ok
02:15:00.0640 5904	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:15:00.0671 5904	tcpipreg - ok
02:15:00.0671 5904	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:15:00.0702 5904	TDPIPE - ok
02:15:00.0702 5904	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
02:15:00.0733 5904	TDTCP - ok
02:15:00.0733 5904	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:15:00.0765 5904	tdx - ok
02:15:00.0765 5904	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:15:00.0780 5904	TermDD - ok
02:15:00.0796 5904	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:15:00.0811 5904	tssecsrv - ok
02:15:00.0827 5904	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:15:00.0827 5904	TsUsbFlt - ok
02:15:00.0843 5904	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
02:15:00.0843 5904	TuneUpUtilitiesDrv - ok
02:15:00.0858 5904	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:15:00.0874 5904	tunnel - ok
02:15:00.0889 5904	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:15:00.0889 5904	uagp35 - ok
02:15:00.0905 5904	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:15:00.0936 5904	udfs - ok
02:15:00.0952 5904	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:15:00.0952 5904	uliagpkx - ok
02:15:00.0967 5904	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
02:15:00.0967 5904	umbus - ok
02:15:00.0983 5904	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:15:00.0983 5904	UmPass - ok
02:15:00.0999 5904	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:15:01.0014 5904	usbccgp - ok
02:15:01.0014 5904	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:15:01.0030 5904	usbcir - ok
02:15:01.0030 5904	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:15:01.0045 5904	usbehci - ok
02:15:01.0061 5904	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:15:01.0077 5904	usbhub - ok
02:15:01.0077 5904	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
02:15:01.0092 5904	usbohci - ok
02:15:01.0092 5904	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:15:01.0108 5904	usbprint - ok
02:15:01.0108 5904	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:15:01.0123 5904	usbscan - ok
02:15:01.0123 5904	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:15:01.0139 5904	USBSTOR - ok
02:15:01.0139 5904	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:15:01.0155 5904	usbuhci - ok
02:15:01.0170 5904	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:15:01.0170 5904	vdrvroot - ok
02:15:01.0186 5904	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:15:01.0186 5904	vga - ok
02:15:01.0201 5904	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:15:01.0217 5904	VgaSave - ok
02:15:01.0233 5904	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:15:01.0248 5904	vhdmp - ok
02:15:01.0248 5904	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:15:01.0264 5904	viaide - ok
02:15:01.0264 5904	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
02:15:01.0279 5904	vmbus - ok
02:15:01.0279 5904	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
02:15:01.0295 5904	VMBusHID - ok
02:15:01.0295 5904	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:15:01.0311 5904	volmgr - ok
02:15:01.0326 5904	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:15:01.0326 5904	volmgrx - ok
02:15:01.0342 5904	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:15:01.0357 5904	volsnap - ok
02:15:01.0357 5904	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:15:01.0373 5904	vsmraid - ok
02:15:01.0373 5904	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
02:15:01.0389 5904	vwifibus - ok
02:15:01.0389 5904	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:15:01.0404 5904	WacomPen - ok
02:15:01.0420 5904	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:15:01.0435 5904	WANARP - ok
02:15:01.0435 5904	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:15:01.0467 5904	Wanarpv6 - ok
02:15:01.0467 5904	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:15:01.0482 5904	Wd - ok
02:15:01.0498 5904	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:15:01.0513 5904	Wdf01000 - ok
02:15:01.0529 5904	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:15:01.0545 5904	WfpLwf - ok
02:15:01.0560 5904	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:15:01.0560 5904	WIMMount - ok
02:15:01.0576 5904	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:15:01.0591 5904	WinUsb - ok
02:15:01.0607 5904	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:15:01.0607 5904	WmiAcpi - ok
02:15:01.0623 5904	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:15:01.0654 5904	ws2ifsl - ok
02:15:01.0669 5904	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:15:01.0685 5904	WudfPf - ok
02:15:01.0701 5904	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:15:01.0716 5904	WUDFRd - ok
02:15:01.0732 5904	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:15:01.0747 5904	\Device\Harddisk0\DR0 - ok
02:15:01.0747 5904	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
02:15:01.0779 5904	\Device\Harddisk1\DR1 ( TDSS File System ) - warning
02:15:01.0779 5904	\Device\Harddisk1\DR1 - detected TDSS File System (1)
02:15:01.0779 5904	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
02:15:01.0841 5904	\Device\Harddisk2\DR2 - ok
02:15:01.0841 5904	Boot (0x1200)   (e0155d549ee7baf04017e2d8f7603648) \Device\Harddisk0\DR0\Partition0
02:15:01.0841 5904	\Device\Harddisk0\DR0\Partition0 - ok
02:15:01.0841 5904	Boot (0x1200)   (667eaa57f7311d395dcb9b6d322409ae) \Device\Harddisk0\DR0\Partition1
02:15:01.0841 5904	\Device\Harddisk0\DR0\Partition1 - ok
02:15:01.0841 5904	Boot (0x1200)   (7b6daf7bc4a6b03c57f6c997b99d781e) \Device\Harddisk1\DR1\Partition0
02:15:01.0841 5904	\Device\Harddisk1\DR1\Partition0 - ok
02:15:01.0857 5904	Boot (0x1200)   (71698fa8384b02e4cbfbc57562a02518) \Device\Harddisk1\DR1\Partition1
02:15:01.0857 5904	\Device\Harddisk1\DR1\Partition1 - ok
02:15:01.0857 5904	Boot (0x1200)   (a9fa6dc625ff3e7cfbd6f53dacf9f1bc) \Device\Harddisk2\DR2\Partition0
02:15:01.0857 5904	\Device\Harddisk2\DR2\Partition0 - ok
02:15:01.0857 5904	============================================================
02:15:01.0857 5904	Scan finished
02:15:01.0857 5904	============================================================
02:15:01.0872 5896	Detected object count: 1
02:15:01.0872 5896	Actual detected object count: 1
02:15:07.0301 5896	\Device\Harddisk1\DR1\TDLFS - deleted
02:15:07.0301 5896	\Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
         

Alt 03.01.2012, 18:41   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Ja, du solltest danach aber auch den Rechner neu starten und einen neuen Scan mit dem TDSS Killer machen. Das Log solltest du posten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.01.2012, 23:21   #13
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hier der Log nach dem Neustart. Es wurde nichts mehr gefunden.

Code:
ATTFilter
00:20:10.0326 4320	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
00:20:10.0466 4320	============================================================
00:20:10.0466 4320	Current date / time: 2012/01/04 00:20:10.0466
00:20:10.0466 4320	SystemInfo:
00:20:10.0466 4320	
00:20:10.0466 4320	OS Version: 6.1.7601 ServicePack: 1.0
00:20:10.0466 4320	Product type: Workstation
00:20:10.0466 4320	ComputerName: SIGGI-PC
00:20:10.0466 4320	UserName: Siggi
00:20:10.0466 4320	Windows directory: C:\Windows
00:20:10.0466 4320	System windows directory: C:\Windows
00:20:10.0466 4320	Running under WOW64
00:20:10.0466 4320	Processor architecture: Intel x64
00:20:10.0466 4320	Number of processors: 6
00:20:10.0466 4320	Page size: 0x1000
00:20:10.0466 4320	Boot type: Normal boot
00:20:10.0466 4320	============================================================
00:20:17.0907 4320	Initialize success
00:20:19.0218 4548	============================================================
00:20:19.0218 4548	Scan started
00:20:19.0218 4548	Mode: Manual; 
00:20:19.0218 4548	============================================================
00:20:19.0499 4548	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:20:19.0499 4548	1394ohci - ok
00:20:19.0499 4548	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:20:19.0514 4548	ACPI - ok
00:20:19.0514 4548	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:20:19.0514 4548	AcpiPmi - ok
00:20:19.0530 4548	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:20:19.0545 4548	adp94xx - ok
00:20:19.0545 4548	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:20:19.0561 4548	adpahci - ok
00:20:19.0561 4548	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:20:19.0561 4548	adpu320 - ok
00:20:19.0577 4548	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
00:20:19.0592 4548	AFD - ok
00:20:19.0592 4548	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:20:19.0608 4548	agp440 - ok
00:20:19.0608 4548	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:20:19.0608 4548	aliide - ok
00:20:19.0623 4548	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:20:19.0623 4548	amdide - ok
00:20:19.0623 4548	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
00:20:19.0639 4548	amdiox64 - ok
00:20:19.0639 4548	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:20:19.0639 4548	AmdK8 - ok
00:20:19.0748 4548	amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
00:20:19.0857 4548	amdkmdag - ok
00:20:19.0873 4548	amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
00:20:19.0873 4548	amdkmdap - ok
00:20:19.0889 4548	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:20:19.0889 4548	AmdPPM - ok
00:20:19.0889 4548	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:20:19.0889 4548	amdsata - ok
00:20:19.0904 4548	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:20:19.0904 4548	amdsbs - ok
00:20:19.0904 4548	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:20:19.0920 4548	amdxata - ok
00:20:19.0920 4548	amd_sata        (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
00:20:19.0920 4548	amd_sata - ok
00:20:19.0920 4548	amd_xata        (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
00:20:19.0935 4548	amd_xata - ok
00:20:19.0935 4548	AODDriver2      (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
00:20:19.0935 4548	AODDriver2 - ok
00:20:19.0951 4548	AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:20:19.0951 4548	AODDriver4.01 - ok
00:20:19.0951 4548	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:20:19.0967 4548	AppID - ok
00:20:19.0967 4548	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:20:19.0982 4548	arc - ok
00:20:19.0982 4548	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:20:19.0982 4548	arcsas - ok
00:20:19.0982 4548	AsIO - ok
00:20:19.0998 4548	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:20:19.0998 4548	AsyncMac - ok
00:20:20.0013 4548	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:20:20.0013 4548	atapi - ok
00:20:20.0013 4548	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
00:20:20.0029 4548	AtiHDAudioService - ok
00:20:20.0029 4548	AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
00:20:20.0029 4548	AtiHdmiService - ok
00:20:20.0045 4548	AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
00:20:20.0045 4548	AtiPcie - ok
00:20:20.0060 4548	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
00:20:20.0060 4548	avgntflt - ok
00:20:20.0060 4548	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
00:20:20.0076 4548	avipbb - ok
00:20:20.0076 4548	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:20:20.0091 4548	b06bdrv - ok
00:20:20.0107 4548	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:20:20.0107 4548	b57nd60a - ok
00:20:20.0107 4548	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:20:20.0123 4548	Beep - ok
00:20:20.0123 4548	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:20:20.0123 4548	blbdrive - ok
00:20:20.0138 4548	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:20:20.0138 4548	bowser - ok
00:20:20.0154 4548	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:20:20.0154 4548	BrFiltLo - ok
00:20:20.0154 4548	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:20:20.0154 4548	BrFiltUp - ok
00:20:20.0169 4548	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:20:20.0169 4548	Brserid - ok
00:20:20.0185 4548	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:20:20.0185 4548	BrSerWdm - ok
00:20:20.0201 4548	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:20:20.0201 4548	BrUsbMdm - ok
00:20:20.0201 4548	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:20:20.0216 4548	BrUsbSer - ok
00:20:20.0216 4548	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:20:20.0216 4548	BTHMODEM - ok
00:20:20.0232 4548	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:20:20.0232 4548	cdfs - ok
00:20:20.0247 4548	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:20:20.0247 4548	cdrom - ok
00:20:20.0279 4548	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:20:20.0279 4548	circlass - ok
00:20:20.0294 4548	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:20:20.0294 4548	CLFS - ok
00:20:20.0310 4548	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:20:20.0310 4548	CmBatt - ok
00:20:20.0310 4548	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:20:20.0310 4548	cmdide - ok
00:20:20.0325 4548	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
00:20:20.0341 4548	CNG - ok
00:20:20.0341 4548	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:20:20.0341 4548	Compbatt - ok
00:20:20.0357 4548	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:20:20.0357 4548	CompositeBus - ok
00:20:20.0357 4548	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:20:20.0357 4548	crcdisk - ok
00:20:20.0372 4548	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
00:20:20.0388 4548	CSC - ok
00:20:20.0403 4548	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:20:20.0403 4548	DfsC - ok
00:20:20.0403 4548	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:20:20.0403 4548	discache - ok
00:20:20.0419 4548	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:20:20.0419 4548	Disk - ok
00:20:20.0435 4548	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
00:20:20.0435 4548	Dot4 - ok
00:20:20.0435 4548	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
00:20:20.0450 4548	Dot4Print - ok
00:20:20.0450 4548	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
00:20:20.0450 4548	dot4usb - ok
00:20:20.0466 4548	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:20:20.0466 4548	drmkaud - ok
00:20:20.0481 4548	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:20:20.0481 4548	DXGKrnl - ok
00:20:20.0528 4548	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:20:20.0559 4548	ebdrv - ok
00:20:20.0575 4548	EIO64           (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
00:20:20.0575 4548	EIO64 - ok
00:20:20.0591 4548	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:20:20.0591 4548	elxstor - ok
00:20:20.0591 4548	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:20:20.0606 4548	ErrDev - ok
00:20:20.0606 4548	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:20:20.0622 4548	exfat - ok
00:20:20.0622 4548	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:20:20.0622 4548	fastfat - ok
00:20:20.0637 4548	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:20:20.0637 4548	fdc - ok
00:20:20.0653 4548	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:20:20.0653 4548	FileInfo - ok
00:20:20.0653 4548	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:20:20.0653 4548	Filetrace - ok
00:20:20.0669 4548	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:20:20.0669 4548	flpydisk - ok
00:20:20.0684 4548	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:20:20.0684 4548	FltMgr - ok
00:20:20.0700 4548	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:20:20.0700 4548	FsDepends - ok
00:20:20.0700 4548	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:20:20.0700 4548	Fs_Rec - ok
00:20:20.0715 4548	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:20:20.0715 4548	fvevol - ok
00:20:20.0731 4548	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:20:20.0731 4548	gagp30kx - ok
00:20:20.0731 4548	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:20:20.0747 4548	GEARAspiWDM - ok
00:20:20.0747 4548	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:20:20.0747 4548	hcw85cir - ok
00:20:20.0762 4548	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:20:20.0762 4548	HdAudAddService - ok
00:20:20.0778 4548	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:20:20.0778 4548	HDAudBus - ok
00:20:20.0778 4548	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:20:20.0778 4548	HidBatt - ok
00:20:20.0793 4548	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:20:20.0793 4548	HidBth - ok
00:20:20.0793 4548	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:20:20.0809 4548	HidIr - ok
00:20:20.0809 4548	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:20:20.0809 4548	HidUsb - ok
00:20:20.0825 4548	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:20:20.0840 4548	HpSAMD - ok
00:20:20.0840 4548	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:20:20.0856 4548	HTTP - ok
00:20:20.0856 4548	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:20:20.0871 4548	hwpolicy - ok
00:20:20.0871 4548	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:20:20.0887 4548	i8042prt - ok
00:20:20.0887 4548	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:20:20.0903 4548	iaStorV - ok
00:20:20.0903 4548	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:20:20.0903 4548	iirsp - ok
00:20:20.0934 4548	IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
00:20:20.0965 4548	IntcAzAudAddService - ok
00:20:20.0981 4548	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:20:20.0981 4548	intelide - ok
00:20:20.0981 4548	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:20:20.0996 4548	intelppm - ok
00:20:20.0996 4548	IOMap           (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
00:20:20.0996 4548	IOMap - ok
00:20:21.0012 4548	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:20:21.0012 4548	IpFilterDriver - ok
00:20:21.0012 4548	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:20:21.0027 4548	IPMIDRV - ok
00:20:21.0027 4548	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:20:21.0027 4548	IPNAT - ok
00:20:21.0043 4548	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:20:21.0043 4548	IRENUM - ok
00:20:21.0043 4548	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:20:21.0043 4548	isapnp - ok
00:20:21.0059 4548	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:20:21.0059 4548	iScsiPrt - ok
00:20:21.0074 4548	JRAID           (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
00:20:21.0074 4548	JRAID - ok
00:20:21.0074 4548	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:20:21.0090 4548	kbdclass - ok
00:20:21.0090 4548	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:20:21.0090 4548	kbdhid - ok
00:20:21.0105 4548	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
00:20:21.0105 4548	KSecDD - ok
00:20:21.0105 4548	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
00:20:21.0121 4548	KSecPkg - ok
00:20:21.0121 4548	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:20:21.0121 4548	ksthunk - ok
00:20:21.0137 4548	LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:20:21.0137 4548	LHidFilt - ok
00:20:21.0137 4548	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:20:21.0137 4548	lltdio - ok
00:20:21.0152 4548	LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:20:21.0152 4548	LMouFilt - ok
00:20:21.0168 4548	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:20:21.0168 4548	LSI_FC - ok
00:20:21.0183 4548	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:20:21.0183 4548	LSI_SAS - ok
00:20:21.0183 4548	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:20:21.0199 4548	LSI_SAS2 - ok
00:20:21.0199 4548	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:20:21.0199 4548	LSI_SCSI - ok
00:20:21.0215 4548	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:20:21.0215 4548	luafv - ok
00:20:21.0230 4548	LUsbFilt        (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
00:20:21.0230 4548	LUsbFilt - ok
00:20:21.0230 4548	Magic Tune      (b3b7c5f26f3f8c7992350b7ede64f5c9) C:\Windows\system32\Drivers\MtiCtwl.sys
00:20:21.0230 4548	Magic Tune - ok
00:20:21.0246 4548	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:20:21.0246 4548	megasas - ok
00:20:21.0261 4548	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:20:21.0261 4548	MegaSR - ok
00:20:21.0277 4548	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:20:21.0277 4548	Modem - ok
00:20:21.0277 4548	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:20:21.0277 4548	monitor - ok
00:20:21.0293 4548	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:20:21.0293 4548	mouclass - ok
00:20:21.0308 4548	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:20:21.0308 4548	mouhid - ok
00:20:21.0308 4548	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:20:21.0308 4548	mountmgr - ok
00:20:21.0324 4548	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:20:21.0324 4548	mpio - ok
00:20:21.0339 4548	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:20:21.0339 4548	mpsdrv - ok
00:20:21.0339 4548	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:20:21.0355 4548	MRxDAV - ok
00:20:21.0355 4548	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:20:21.0355 4548	mrxsmb - ok
00:20:21.0371 4548	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:20:21.0371 4548	mrxsmb10 - ok
00:20:21.0386 4548	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:20:21.0386 4548	mrxsmb20 - ok
00:20:21.0402 4548	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:20:21.0402 4548	msahci - ok
00:20:21.0402 4548	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:20:21.0402 4548	msdsm - ok
00:20:21.0417 4548	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:20:21.0417 4548	Msfs - ok
00:20:21.0433 4548	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:20:21.0433 4548	mshidkmdf - ok
00:20:21.0433 4548	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:20:21.0433 4548	msisadrv - ok
00:20:21.0449 4548	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:20:21.0449 4548	MSKSSRV - ok
00:20:21.0449 4548	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:20:21.0449 4548	MSPCLOCK - ok
00:20:21.0464 4548	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:20:21.0464 4548	MSPQM - ok
00:20:21.0480 4548	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:20:21.0495 4548	MsRPC - ok
00:20:21.0495 4548	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:20:21.0495 4548	mssmbios - ok
00:20:21.0495 4548	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:20:21.0511 4548	MSTEE - ok
00:20:21.0511 4548	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:20:21.0511 4548	MTConfig - ok
00:20:21.0511 4548	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
00:20:21.0527 4548	MTsensor - ok
00:20:21.0527 4548	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:20:21.0527 4548	Mup - ok
00:20:21.0542 4548	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:20:21.0542 4548	NativeWifiP - ok
00:20:21.0558 4548	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:20:21.0573 4548	NDIS - ok
00:20:21.0573 4548	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:20:21.0573 4548	NdisCap - ok
00:20:21.0589 4548	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:20:21.0589 4548	NdisTapi - ok
00:20:21.0589 4548	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:20:21.0605 4548	Ndisuio - ok
00:20:21.0605 4548	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:20:21.0605 4548	NdisWan - ok
00:20:21.0620 4548	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:20:21.0620 4548	NDProxy - ok
00:20:21.0636 4548	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:20:21.0636 4548	NetBIOS - ok
00:20:21.0636 4548	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:20:21.0636 4548	NetBT - ok
00:20:21.0651 4548	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:20:21.0667 4548	nfrd960 - ok
00:20:21.0667 4548	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:20:21.0667 4548	Npfs - ok
00:20:21.0683 4548	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:20:21.0683 4548	nsiproxy - ok
00:20:21.0714 4548	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:20:21.0729 4548	Ntfs - ok
00:20:21.0729 4548	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:20:21.0745 4548	Null - ok
00:20:21.0745 4548	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:20:21.0745 4548	nvraid - ok
00:20:21.0761 4548	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:20:21.0761 4548	nvstor - ok
00:20:21.0776 4548	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:20:21.0776 4548	nv_agp - ok
00:20:21.0776 4548	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:20:21.0776 4548	ohci1394 - ok
00:20:21.0792 4548	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:20:21.0792 4548	Parport - ok
00:20:21.0807 4548	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:20:21.0807 4548	partmgr - ok
00:20:21.0823 4548	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:20:21.0823 4548	pci - ok
00:20:21.0823 4548	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:20:21.0823 4548	pciide - ok
00:20:21.0839 4548	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:20:21.0839 4548	pcmcia - ok
00:20:21.0854 4548	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:20:21.0854 4548	pcw - ok
00:20:21.0870 4548	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:20:21.0870 4548	PEAUTH - ok
00:20:21.0901 4548	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:20:21.0917 4548	PptpMiniport - ok
00:20:21.0917 4548	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:20:21.0917 4548	Processor - ok
00:20:21.0932 4548	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:20:21.0932 4548	Psched - ok
00:20:21.0948 4548	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:20:21.0979 4548	ql2300 - ok
00:20:21.0979 4548	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:20:21.0979 4548	ql40xx - ok
00:20:21.0995 4548	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:20:21.0995 4548	QWAVEdrv - ok
00:20:21.0995 4548	Scan interrupted by user!
00:20:21.0995 4548	Scan interrupted by user!
00:20:21.0995 4548	Scan interrupted by user!
00:20:21.0995 4548	============================================================
00:20:21.0995 4548	Scan finished
00:20:21.0995 4548	============================================================
00:20:22.0010 0708	Detected object count: 0
00:20:22.0010 0708	Actual detected object count: 0
00:20:25.0458 3828	============================================================
00:20:25.0458 3828	Scan started
00:20:25.0458 3828	Mode: Manual; SigCheck; TDLFS; 
00:20:25.0458 3828	============================================================
00:20:25.0536 3828	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:20:25.0567 3828	1394ohci - ok
00:20:25.0567 3828	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:20:25.0583 3828	ACPI - ok
00:20:25.0583 3828	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:20:25.0598 3828	AcpiPmi - ok
00:20:25.0614 3828	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:20:25.0614 3828	adp94xx - ok
00:20:25.0629 3828	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:20:25.0645 3828	adpahci - ok
00:20:25.0645 3828	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:20:25.0645 3828	adpu320 - ok
00:20:25.0661 3828	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
00:20:25.0676 3828	AFD - ok
00:20:25.0676 3828	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:20:25.0692 3828	agp440 - ok
00:20:25.0692 3828	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:20:25.0707 3828	aliide - ok
00:20:25.0707 3828	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:20:25.0707 3828	amdide - ok
00:20:25.0723 3828	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
00:20:25.0739 3828	amdiox64 - ok
00:20:25.0739 3828	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:20:25.0754 3828	AmdK8 - ok
00:20:25.0863 3828	amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
00:20:25.0957 3828	amdkmdag - ok
00:20:25.0973 3828	amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
00:20:25.0973 3828	amdkmdap - ok
00:20:25.0988 3828	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:20:25.0988 3828	AmdPPM - ok
00:20:26.0004 3828	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:20:26.0004 3828	amdsata - ok
00:20:26.0004 3828	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:20:26.0019 3828	amdsbs - ok
00:20:26.0019 3828	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:20:26.0019 3828	amdxata - ok
00:20:26.0035 3828	amd_sata        (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
00:20:26.0035 3828	amd_sata - ok
00:20:26.0035 3828	amd_xata        (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
00:20:26.0051 3828	amd_xata - ok
00:20:26.0051 3828	AODDriver2      (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
00:20:26.0051 3828	AODDriver2 - ok
00:20:26.0051 3828	AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:20:26.0066 3828	AODDriver4.01 - ok
00:20:26.0066 3828	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:20:26.0129 3828	AppID - ok
00:20:26.0144 3828	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:20:26.0144 3828	arc - ok
00:20:26.0160 3828	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:20:26.0160 3828	arcsas - ok
00:20:26.0160 3828	AsIO - ok
00:20:26.0175 3828	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:20:26.0222 3828	AsyncMac - ok
00:20:26.0238 3828	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:20:26.0238 3828	atapi - ok
00:20:26.0238 3828	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
00:20:26.0253 3828	AtiHDAudioService - ok
00:20:26.0253 3828	AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
00:20:26.0269 3828	AtiHdmiService - ok
00:20:26.0269 3828	AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
00:20:26.0269 3828	AtiPcie - ok
00:20:26.0285 3828	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
00:20:26.0285 3828	avgntflt - ok
00:20:26.0300 3828	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
00:20:26.0300 3828	avipbb - ok
00:20:26.0316 3828	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:20:26.0316 3828	b06bdrv - ok
00:20:26.0331 3828	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:20:26.0331 3828	b57nd60a - ok
00:20:26.0347 3828	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:20:26.0363 3828	Beep - ok
00:20:26.0378 3828	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:20:26.0378 3828	blbdrive - ok
00:20:26.0394 3828	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:20:26.0394 3828	bowser - ok
00:20:26.0409 3828	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:20:26.0425 3828	BrFiltLo - ok
00:20:26.0425 3828	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:20:26.0441 3828	BrFiltUp - ok
00:20:26.0441 3828	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:20:26.0456 3828	Brserid - ok
00:20:26.0456 3828	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:20:26.0472 3828	BrSerWdm - ok
00:20:26.0472 3828	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:20:26.0487 3828	BrUsbMdm - ok
00:20:26.0487 3828	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:20:26.0487 3828	BrUsbSer - ok
00:20:26.0503 3828	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:20:26.0503 3828	BTHMODEM - ok
00:20:26.0519 3828	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:20:26.0534 3828	cdfs - ok
00:20:26.0550 3828	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:20:26.0550 3828	cdrom - ok
00:20:26.0565 3828	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:20:26.0581 3828	circlass - ok
00:20:26.0581 3828	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:20:26.0597 3828	CLFS - ok
00:20:26.0597 3828	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:20:26.0612 3828	CmBatt - ok
00:20:26.0612 3828	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:20:26.0612 3828	cmdide - ok
00:20:26.0628 3828	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
00:20:26.0643 3828	CNG - ok
00:20:26.0643 3828	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:20:26.0659 3828	Compbatt - ok
00:20:26.0659 3828	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:20:26.0675 3828	CompositeBus - ok
00:20:26.0675 3828	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:20:26.0675 3828	crcdisk - ok
00:20:26.0690 3828	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
00:20:26.0706 3828	CSC - ok
00:20:26.0721 3828	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:20:26.0737 3828	DfsC - ok
00:20:26.0737 3828	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:20:26.0768 3828	discache - ok
00:20:26.0768 3828	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:20:26.0784 3828	Disk - ok
00:20:26.0784 3828	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
00:20:26.0799 3828	Dot4 - ok
00:20:26.0799 3828	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
00:20:26.0815 3828	Dot4Print - ok
00:20:26.0815 3828	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
00:20:26.0831 3828	dot4usb - ok
00:20:26.0831 3828	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:20:26.0846 3828	drmkaud - ok
00:20:26.0862 3828	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:20:26.0862 3828	DXGKrnl - ok
00:20:26.0909 3828	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:20:26.0940 3828	ebdrv - ok
00:20:26.0955 3828	EIO64           (343ada10d948db29251f2d9c809af204) C:\Windows\system32\DRIVERS\EIO64.sys
00:20:26.0955 3828	EIO64 - ok
00:20:26.0971 3828	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:20:26.0971 3828	elxstor - ok
00:20:26.0987 3828	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:20:26.0987 3828	ErrDev - ok
00:20:27.0002 3828	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:20:27.0018 3828	exfat - ok
00:20:27.0033 3828	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:20:27.0049 3828	fastfat - ok
00:20:27.0065 3828	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:20:27.0065 3828	fdc - ok
00:20:27.0080 3828	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:20:27.0080 3828	FileInfo - ok
00:20:27.0080 3828	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:20:27.0111 3828	Filetrace - ok
00:20:27.0111 3828	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:20:27.0127 3828	flpydisk - ok
00:20:27.0143 3828	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:20:27.0143 3828	FltMgr - ok
00:20:27.0158 3828	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:20:27.0158 3828	FsDepends - ok
00:20:27.0174 3828	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:20:27.0174 3828	Fs_Rec - ok
00:20:27.0189 3828	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:20:27.0189 3828	fvevol - ok
00:20:27.0205 3828	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:20:27.0205 3828	gagp30kx - ok
00:20:27.0205 3828	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:20:27.0221 3828	GEARAspiWDM - ok
00:20:27.0221 3828	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:20:27.0236 3828	hcw85cir - ok
00:20:27.0236 3828	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:20:27.0252 3828	HdAudAddService - ok
00:20:27.0252 3828	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:20:27.0267 3828	HDAudBus - ok
00:20:27.0267 3828	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:20:27.0283 3828	HidBatt - ok
00:20:27.0283 3828	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:20:27.0299 3828	HidBth - ok
00:20:27.0299 3828	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:20:27.0314 3828	HidIr - ok
00:20:27.0314 3828	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:20:27.0330 3828	HidUsb - ok
00:20:27.0330 3828	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:20:27.0345 3828	HpSAMD - ok
00:20:27.0345 3828	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:20:27.0377 3828	HTTP - ok
00:20:27.0392 3828	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:20:27.0392 3828	hwpolicy - ok
00:20:27.0392 3828	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:20:27.0408 3828	i8042prt - ok
00:20:27.0423 3828	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:20:27.0423 3828	iaStorV - ok
00:20:27.0439 3828	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:20:27.0439 3828	iirsp - ok
00:20:27.0470 3828	IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
00:20:27.0501 3828	IntcAzAudAddService - ok
00:20:27.0501 3828	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:20:27.0501 3828	intelide - ok
00:20:27.0517 3828	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:20:27.0517 3828	intelppm - ok
00:20:27.0533 3828	IOMap           (a01c412699b6f21645b2885c2bae4454) C:\Windows\system32\drivers\IOMap64.sys
00:20:27.0533 3828	IOMap - ok
00:20:27.0548 3828	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:20:27.0564 3828	IpFilterDriver - ok
00:20:27.0579 3828	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:20:27.0579 3828	IPMIDRV - ok
00:20:27.0595 3828	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:20:27.0611 3828	IPNAT - ok
00:20:27.0611 3828	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:20:27.0642 3828	IRENUM - ok
00:20:27.0642 3828	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:20:27.0642 3828	isapnp - ok
00:20:27.0657 3828	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:20:27.0657 3828	iScsiPrt - ok
00:20:27.0673 3828	JRAID           (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
00:20:27.0673 3828	JRAID - ok
00:20:27.0673 3828	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:20:27.0689 3828	kbdclass - ok
00:20:27.0689 3828	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:20:27.0689 3828	kbdhid - ok
00:20:27.0704 3828	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
00:20:27.0704 3828	KSecDD - ok
00:20:27.0720 3828	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
00:20:27.0720 3828	KSecPkg - ok
00:20:27.0735 3828	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:20:27.0751 3828	ksthunk - ok
00:20:27.0767 3828	LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:20:27.0767 3828	LHidFilt - ok
00:20:27.0782 3828	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:20:27.0798 3828	lltdio - ok
00:20:27.0798 3828	LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:20:27.0813 3828	LMouFilt - ok
00:20:27.0813 3828	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:20:27.0829 3828	LSI_FC - ok
00:20:27.0829 3828	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:20:27.0829 3828	LSI_SAS - ok
00:20:27.0845 3828	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:20:27.0845 3828	LSI_SAS2 - ok
00:20:27.0860 3828	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:20:27.0860 3828	LSI_SCSI - ok
00:20:27.0860 3828	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:20:27.0891 3828	luafv - ok
00:20:27.0891 3828	LUsbFilt        (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
00:20:27.0891 3828	LUsbFilt - ok
00:20:27.0907 3828	Magic Tune      (b3b7c5f26f3f8c7992350b7ede64f5c9) C:\Windows\system32\Drivers\MtiCtwl.sys
00:20:27.0907 3828	Magic Tune - ok
00:20:27.0907 3828	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:20:27.0923 3828	megasas - ok
00:20:27.0923 3828	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:20:27.0938 3828	MegaSR - ok
00:20:27.0938 3828	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:20:27.0969 3828	Modem - ok
00:20:27.0969 3828	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:20:27.0985 3828	monitor - ok
00:20:27.0985 3828	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:20:27.0985 3828	mouclass - ok
00:20:28.0001 3828	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:20:28.0001 3828	mouhid - ok
00:20:28.0001 3828	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:20:28.0016 3828	mountmgr - ok
00:20:28.0016 3828	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:20:28.0032 3828	mpio - ok
00:20:28.0032 3828	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:20:28.0047 3828	mpsdrv - ok
00:20:28.0063 3828	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:20:28.0079 3828	MRxDAV - ok
00:20:28.0094 3828	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:20:28.0094 3828	mrxsmb - ok
00:20:28.0110 3828	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:20:28.0110 3828	mrxsmb10 - ok
00:20:28.0125 3828	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:20:28.0125 3828	mrxsmb20 - ok
00:20:28.0141 3828	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:20:28.0141 3828	msahci - ok
00:20:28.0141 3828	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:20:28.0157 3828	msdsm - ok
00:20:28.0157 3828	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:20:28.0188 3828	Msfs - ok
00:20:28.0188 3828	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:20:28.0203 3828	mshidkmdf - ok
00:20:28.0219 3828	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:20:28.0219 3828	msisadrv - ok
00:20:28.0235 3828	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:20:28.0250 3828	MSKSSRV - ok
00:20:28.0250 3828	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:20:28.0281 3828	MSPCLOCK - ok
00:20:28.0281 3828	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:20:28.0313 3828	MSPQM - ok
00:20:28.0313 3828	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:20:28.0328 3828	MsRPC - ok
00:20:28.0328 3828	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:20:28.0344 3828	mssmbios - ok
00:20:28.0344 3828	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:20:28.0359 3828	MSTEE - ok
00:20:28.0375 3828	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:20:28.0375 3828	MTConfig - ok
00:20:28.0391 3828	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
00:20:28.0391 3828	MTsensor - ok
00:20:28.0391 3828	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:20:28.0406 3828	Mup - ok
00:20:28.0406 3828	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:20:28.0422 3828	NativeWifiP - ok
00:20:28.0437 3828	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:20:28.0453 3828	NDIS - ok
00:20:28.0453 3828	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:20:28.0484 3828	NdisCap - ok
00:20:28.0484 3828	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:20:28.0500 3828	NdisTapi - ok
00:20:28.0515 3828	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:20:28.0531 3828	Ndisuio - ok
00:20:28.0531 3828	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:20:28.0562 3828	NdisWan - ok
00:20:28.0562 3828	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:20:28.0578 3828	NDProxy - ok
00:20:28.0593 3828	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:20:28.0609 3828	NetBIOS - ok
00:20:28.0625 3828	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:20:28.0640 3828	NetBT - ok
00:20:28.0656 3828	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:20:28.0671 3828	nfrd960 - ok
00:20:28.0671 3828	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:20:28.0703 3828	Npfs - ok
00:20:28.0703 3828	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:20:28.0734 3828	nsiproxy - ok
00:20:28.0749 3828	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:20:28.0765 3828	Ntfs - ok
00:20:28.0781 3828	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:20:28.0796 3828	Null - ok
00:20:28.0812 3828	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:20:28.0812 3828	nvraid - ok
00:20:28.0827 3828	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:20:28.0827 3828	nvstor - ok
00:20:28.0827 3828	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:20:28.0843 3828	nv_agp - ok
00:20:28.0843 3828	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:20:28.0859 3828	ohci1394 - ok
00:20:28.0859 3828	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:20:28.0874 3828	Parport - ok
00:20:28.0874 3828	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:20:28.0874 3828	partmgr - ok
00:20:28.0890 3828	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:20:28.0890 3828	pci - ok
00:20:28.0905 3828	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:20:28.0905 3828	pciide - ok
00:20:28.0921 3828	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:20:28.0921 3828	pcmcia - ok
00:20:28.0921 3828	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:20:28.0937 3828	pcw - ok
00:20:28.0937 3828	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:20:28.0968 3828	PEAUTH - ok
00:20:28.0999 3828	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:20:29.0015 3828	PptpMiniport - ok
00:20:29.0030 3828	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:20:29.0030 3828	Processor - ok
00:20:29.0046 3828	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:20:29.0061 3828	Psched - ok
00:20:29.0077 3828	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:20:29.0108 3828	ql2300 - ok
00:20:29.0108 3828	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:20:29.0108 3828	ql40xx - ok
00:20:29.0124 3828	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:20:29.0139 3828	QWAVEdrv - ok
00:20:29.0139 3828	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:20:29.0155 3828	RasAcd - ok
00:20:29.0171 3828	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:20:29.0186 3828	RasAgileVpn - ok
00:20:29.0202 3828	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:20:29.0233 3828	Rasl2tp - ok
00:20:29.0233 3828	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:20:29.0264 3828	RasPppoe - ok
00:20:29.0264 3828	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:20:29.0295 3828	RasSstp - ok
00:20:29.0311 3828	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:20:29.0327 3828	rdbss - ok
00:20:29.0342 3828	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:20:29.0342 3828	rdpbus - ok
00:20:29.0358 3828	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:20:29.0373 3828	RDPCDD - ok
00:20:29.0389 3828	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
00:20:29.0405 3828	RDPDR - ok
00:20:29.0405 3828	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:20:29.0420 3828	RDPENCDD - ok
00:20:29.0436 3828	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:20:29.0451 3828	RDPREFMP - ok
00:20:29.0467 3828	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
00:20:29.0483 3828	RDPWD - ok
00:20:29.0498 3828	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:20:29.0514 3828	rdyboost - ok
00:20:29.0529 3828	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:20:29.0545 3828	rspndr - ok
00:20:29.0561 3828	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:20:29.0576 3828	RTL8167 - ok
00:20:29.0576 3828	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
00:20:29.0592 3828	s3cap - ok
00:20:29.0592 3828	SANDRA - ok
00:20:29.0607 3828	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:20:29.0607 3828	sbp2port - ok
00:20:29.0623 3828	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:20:29.0639 3828	scfilter - ok
00:20:29.0654 3828	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:20:29.0670 3828	secdrv - ok
00:20:29.0685 3828	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:20:29.0701 3828	Serenum - ok
00:20:29.0701 3828	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:20:29.0717 3828	Serial - ok
00:20:29.0717 3828	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:20:29.0732 3828	sermouse - ok
00:20:29.0748 3828	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:20:29.0748 3828	sffdisk - ok
00:20:29.0763 3828	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:20:29.0763 3828	sffp_mmc - ok
00:20:29.0779 3828	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:20:29.0779 3828	sffp_sd - ok
00:20:29.0795 3828	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:20:29.0795 3828	sfloppy - ok
00:20:29.0810 3828	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:20:29.0810 3828	SiSRaid2 - ok
00:20:29.0826 3828	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:20:29.0826 3828	SiSRaid4 - ok
00:20:29.0841 3828	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:20:29.0857 3828	Smb - ok
00:20:29.0873 3828	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:20:29.0873 3828	spldr - ok
00:20:29.0888 3828	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:20:29.0919 3828	srv - ok
00:20:29.0919 3828	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:20:29.0935 3828	srv2 - ok
00:20:29.0951 3828	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:20:29.0951 3828	srvnet - ok
00:20:29.0966 3828	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:20:29.0982 3828	stexstor - ok
00:20:29.0982 3828	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
00:20:29.0997 3828	storflt - ok
00:20:29.0997 3828	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
00:20:30.0013 3828	storvsc - ok
00:20:30.0013 3828	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:20:30.0029 3828	swenum - ok
00:20:30.0044 3828	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:20:30.0091 3828	Tcpip - ok
00:20:30.0122 3828	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:20:30.0138 3828	TCPIP6 - ok
00:20:30.0153 3828	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:20:30.0169 3828	tcpipreg - ok
00:20:30.0185 3828	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:20:30.0200 3828	TDPIPE - ok
00:20:30.0216 3828	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
00:20:30.0247 3828	TDTCP - ok
00:20:30.0247 3828	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:20:30.0278 3828	tdx - ok
00:20:30.0278 3828	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:20:30.0294 3828	TermDD - ok
00:20:30.0309 3828	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:20:30.0325 3828	tssecsrv - ok
00:20:30.0341 3828	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:20:30.0341 3828	TsUsbFlt - ok
00:20:30.0356 3828	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
00:20:30.0356 3828	TuneUpUtilitiesDrv - ok
00:20:30.0372 3828	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:20:30.0387 3828	tunnel - ok
00:20:30.0403 3828	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:20:30.0403 3828	uagp35 - ok
00:20:30.0419 3828	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:20:30.0450 3828	udfs - ok
00:20:30.0450 3828	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:20:30.0465 3828	uliagpkx - ok
00:20:30.0465 3828	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
00:20:30.0481 3828	umbus - ok
00:20:30.0481 3828	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:20:30.0497 3828	UmPass - ok
00:20:30.0512 3828	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:20:30.0512 3828	usbccgp - ok
00:20:30.0528 3828	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:20:30.0543 3828	usbcir - ok
00:20:30.0543 3828	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
00:20:30.0559 3828	usbehci - ok
00:20:30.0559 3828	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:20:30.0575 3828	usbhub - ok
00:20:30.0590 3828	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
00:20:30.0590 3828	usbohci - ok
00:20:30.0606 3828	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:20:30.0606 3828	usbprint - ok
00:20:30.0621 3828	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
00:20:30.0637 3828	usbscan - ok
00:20:30.0637 3828	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:20:30.0653 3828	USBSTOR - ok
00:20:30.0653 3828	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:20:30.0668 3828	usbuhci - ok
00:20:30.0668 3828	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:20:30.0684 3828	vdrvroot - ok
00:20:30.0684 3828	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:20:30.0699 3828	vga - ok
00:20:30.0715 3828	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:20:30.0731 3828	VgaSave - ok
00:20:30.0746 3828	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:20:30.0746 3828	vhdmp - ok
00:20:30.0762 3828	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:20:30.0762 3828	viaide - ok
00:20:30.0777 3828	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
00:20:30.0793 3828	vmbus - ok
00:20:30.0793 3828	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
00:20:30.0809 3828	VMBusHID - ok
00:20:30.0809 3828	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:20:30.0824 3828	volmgr - ok
00:20:30.0824 3828	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:20:30.0840 3828	volmgrx - ok
00:20:30.0840 3828	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:20:30.0855 3828	volsnap - ok
00:20:30.0871 3828	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:20:30.0871 3828	vsmraid - ok
00:20:30.0887 3828	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
00:20:30.0887 3828	vwifibus - ok
00:20:30.0902 3828	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:20:30.0918 3828	WacomPen - ok
00:20:30.0918 3828	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:20:30.0949 3828	WANARP - ok
00:20:30.0949 3828	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:20:30.0965 3828	Wanarpv6 - ok
00:20:30.0980 3828	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:20:30.0980 3828	Wd - ok
00:20:30.0996 3828	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:20:31.0011 3828	Wdf01000 - ok
00:20:31.0027 3828	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:20:31.0058 3828	WfpLwf - ok
00:20:31.0058 3828	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:20:31.0074 3828	WIMMount - ok
00:20:31.0089 3828	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
00:20:31.0105 3828	WinUsb - ok
00:20:31.0105 3828	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:20:31.0121 3828	WmiAcpi - ok
00:20:31.0136 3828	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:20:31.0152 3828	ws2ifsl - ok
00:20:31.0167 3828	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:20:31.0199 3828	WudfPf - ok
00:20:31.0199 3828	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:20:31.0230 3828	WUDFRd - ok
00:20:31.0230 3828	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:20:31.0245 3828	\Device\Harddisk0\DR0 - ok
00:20:31.0245 3828	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
00:20:31.0339 3828	\Device\Harddisk1\DR1 - ok
00:20:31.0339 3828	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
00:20:31.0401 3828	\Device\Harddisk2\DR2 - ok
00:20:31.0479 3828	Boot (0x1200)   (e0155d549ee7baf04017e2d8f7603648) \Device\Harddisk0\DR0\Partition0
00:20:31.0479 3828	\Device\Harddisk0\DR0\Partition0 - ok
00:20:31.0479 3828	Boot (0x1200)   (667eaa57f7311d395dcb9b6d322409ae) \Device\Harddisk0\DR0\Partition1
00:20:31.0479 3828	\Device\Harddisk0\DR0\Partition1 - ok
00:20:31.0495 3828	Boot (0x1200)   (7b6daf7bc4a6b03c57f6c997b99d781e) \Device\Harddisk1\DR1\Partition0
00:20:31.0495 3828	\Device\Harddisk1\DR1\Partition0 - ok
00:20:31.0495 3828	Boot (0x1200)   (71698fa8384b02e4cbfbc57562a02518) \Device\Harddisk1\DR1\Partition1
00:20:31.0495 3828	\Device\Harddisk1\DR1\Partition1 - ok
00:20:31.0495 3828	Boot (0x1200)   (a9fa6dc625ff3e7cfbd6f53dacf9f1bc) \Device\Harddisk2\DR2\Partition0
00:20:31.0495 3828	\Device\Harddisk2\DR2\Partition0 - ok
00:20:31.0495 3828	============================================================
00:20:31.0495 3828	Scan finished
00:20:31.0495 3828	============================================================
00:20:31.0495 3452	Detected object count: 0
00:20:31.0495 3452	Actual detected object count: 0
         

Alt 04.01.2012, 17:01   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2012, 17:25   #15
siggi123
 
Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Standard

Trojaner! System wurde aus Sicherheitsgründen gesperrt.



Hier der Combofix log

Code:
ATTFilter
ComboFix 12-01-04.02 - Siggi 04.01.2012  18:17:29.1.6 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4094.2722 [GMT 1:00]
ausgeführt von:: c:\users\Siggi\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-04 bis 2012-01-04  ))))))))))))))))))))))))))))))
.
.
2011-12-27 17:19 . 2011-12-27 17:19	--------	d-----w-	c:\users\Siggi\AppData\Roaming\Malwarebytes
2011-12-27 17:19 . 2011-12-27 17:19	--------	d-----w-	c:\programdata\Malwarebytes
2011-12-27 17:19 . 2011-12-10 14:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-12-23 10:50 . 2011-12-23 10:50	--------	d-----w-	c:\program files (x86)\BinarySense
2011-12-06 11:45 . 2011-12-06 11:45	--------	d-----w-	c:\programdata\ATI
2011-12-06 11:45 . 2011-12-06 11:45	--------	d-----w-	c:\program files (x86)\AMD APP
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 18:15 . 2011-11-24 13:40	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-12-21 18:15 . 2011-09-29 22:41	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-12-12 23:05 . 2011-11-24 13:40	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2011-12-06 20:03 . 2011-11-24 13:40	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2011-11-24 10:26 . 2011-05-14 11:04	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-19 23:01 . 2010-12-01 21:37	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2011-10-31 15:59 . 2011-10-31 15:59	69632	----a-r-	c:\users\Siggi\AppData\Roaming\Microsoft\Installer\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}\_F2475BE884FE_4D10_8135_47C85E4D7080.exe
2011-10-26 03:05 . 2011-10-26 03:05	10496512	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2011-10-26 02:16 . 2011-10-26 02:16	24866816	----a-w-	c:\windows\system32\atio6axx.dll
2011-10-26 02:06 . 2011-10-26 02:06	159744	----a-w-	c:\windows\system32\atiapfxx.exe
2011-10-26 02:05 . 2011-10-26 02:05	748544	----a-w-	c:\windows\SysWow64\aticfx32.dll
2011-10-26 02:04 . 2010-02-10 14:08	892416	----a-w-	c:\windows\system32\aticfx64.dll
2011-10-26 02:01 . 2011-10-26 02:01	466944	----a-w-	c:\windows\system32\ATIDEMGX.dll
2011-10-26 02:01 . 2011-10-26 02:01	517120	----a-w-	c:\windows\system32\atieclxx.exe
2011-10-26 02:00 . 2011-10-26 02:00	204288	----a-w-	c:\windows\system32\atiesrxx.exe
2011-10-26 01:59 . 2011-10-26 01:59	18757120	----a-w-	c:\windows\SysWow64\atioglxx.dll
2011-10-26 01:59 . 2011-10-26 01:59	120320	----a-w-	c:\windows\system32\atitmm64.dll
2011-10-26 01:59 . 2011-10-26 01:59	423424	----a-w-	c:\windows\system32\atipdl64.dll
2011-10-26 01:59 . 2010-09-28 20:49	356352	----a-w-	c:\windows\SysWow64\atipdlxx.dll
2011-10-26 01:59 . 2011-10-26 01:59	278528	----a-w-	c:\windows\SysWow64\Oemdspif.dll
2011-10-26 01:58 . 2011-10-26 01:58	21504	----a-w-	c:\windows\system32\atimuixx.dll
2011-10-26 01:58 . 2011-10-26 01:58	59392	----a-w-	c:\windows\system32\atiedu64.dll
2011-10-26 01:58 . 2011-10-26 01:58	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2011-10-26 01:55 . 2011-10-26 01:55	4292096	----a-w-	c:\windows\SysWow64\atidxx32.dll
2011-10-26 01:46 . 2010-02-10 13:52	5041664	----a-w-	c:\windows\system32\atidxx64.dll
2011-10-26 01:43 . 2011-10-26 01:43	1113088	----a-w-	c:\windows\system32\atiumd6v.dll
2011-10-26 01:43 . 2011-10-26 01:43	1828864	----a-w-	c:\windows\SysWow64\atiumdmv.dll
2011-10-26 01:43 . 2011-01-09 18:16	4044288	----a-w-	c:\windows\system32\atiumd6a.dll
2011-10-26 01:38 . 2011-10-26 01:38	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2011-10-26 01:38 . 2011-10-26 01:38	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2011-10-26 01:38 . 2011-10-26 01:38	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2011-10-26 01:38 . 2011-10-26 01:38	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2011-10-26 01:38 . 2011-10-26 01:38	9978880	----a-w-	c:\windows\system32\aticaldd64.dll
2011-10-26 01:35 . 2011-10-26 01:35	4353536	----a-w-	c:\windows\SysWow64\atiumdag.dll
2011-10-26 01:34 . 2011-10-26 01:34	8449024	----a-w-	c:\windows\SysWow64\aticaldd.dll
2011-10-26 01:32 . 2011-10-26 01:32	4189184	----a-w-	c:\windows\SysWow64\atiumdva.dll
2011-10-26 01:29 . 2011-01-09 18:16	5510144	----a-w-	c:\windows\system32\atiumd64.dll
2011-10-26 01:29 . 2010-12-01 17:28	58880	----a-w-	c:\windows\system32\coinst.dll
2011-10-26 01:22 . 2011-10-26 01:22	486912	----a-w-	c:\windows\system32\atiadlxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	339968	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2011-10-26 01:22 . 2011-10-26 01:22	17408	----a-w-	c:\windows\system32\atig6pxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	14336	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	14336	----a-w-	c:\windows\system32\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	39936	----a-w-	c:\windows\system32\atig6txx.dll
2011-10-26 01:22 . 2011-10-26 01:22	32768	----a-w-	c:\windows\SysWow64\atigktxx.dll
2011-10-26 01:21 . 2011-10-26 01:21	326656	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2011-10-26 01:21 . 2010-02-10 13:10	40960	----a-w-	c:\windows\system32\atiuxp64.dll
2011-10-26 01:21 . 2011-10-26 01:21	31744	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2011-10-26 01:21 . 2011-01-09 18:16	38912	----a-w-	c:\windows\system32\atiu9p64.dll
2011-10-26 01:20 . 2011-10-26 01:20	29184	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2011-10-26 01:20 . 2011-10-26 01:20	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2011-10-26 01:16 . 2011-10-26 01:16	54784	----a-w-	c:\windows\system32\atimpc64.dll
2011-10-26 01:16 . 2011-10-26 01:16	54784	----a-w-	c:\windows\system32\amdpcom64.dll
2011-10-26 01:15 . 2011-10-26 01:15	53760	----a-w-	c:\windows\SysWow64\atimpc32.dll
2011-10-26 01:15 . 2011-10-26 01:15	53760	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2011-10-25 20:21 . 2011-10-25 20:21	66560	----a-w-	c:\windows\system32\OpenVideo64.dll
2011-10-25 20:21 . 2011-10-25 20:21	56832	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2011-10-25 20:21 . 2011-10-25 20:21	66560	----a-w-	c:\windows\system32\OVDecoder64.dll
2011-10-25 20:21 . 2011-10-25 20:21	56832	----a-w-	c:\windows\SysWow64\OVDecoder.dll
2011-10-25 20:21 . 2011-10-25 20:21	16991744	----a-w-	c:\windows\system32\amdocl64.dll
2011-10-25 20:20 . 2011-10-25 20:20	13950464	----a-w-	c:\windows\SysWow64\amdocl.dll
2011-10-07 04:16 . 2011-11-26 15:26	8570192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DEFB7FC-950E-483E-9672-89267CB02E67}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ASUS SmartDoctor"="c:\program files (x86)\ASUS\SmartDoctor\SmartDoctor.exe" [2010-09-30 1290240]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\program files\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S1 Magic Tune;MagicTune;c:\windows\system32\Drivers\MtiCtwl.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 361984]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2011-01-12 1403200]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-24 11856]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\yv5k50de.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Notify-LBTWlgn - (no file)
AddRemove-World of Logs Client (4.2) - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\DAODx.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-04  18:22:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-04 17:22
.
Vor Suchlauf: 9 Verzeichnis(se), 40.484.671.488 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 40.007.962.624 Bytes frei
.
- - End Of File - - 2B5497B1B53CDE9EBEAE01369C2D37DE
         

Antwort

Themen zu Trojaner! System wurde aus Sicherheitsgründen gesperrt.
.dll, 0x00000001, 64-bit, adobe, alternate, antivir, avira, bho, browser, excel, fehler, firefox, format, gesperrt, helper, internet, langs, launch, neustart, problem, programme, realtek, registry, safer networking, scan, sched.exe, software, starten, system, teamspeak, trojaner, trojaner eingefangen, version=1.0, webcheck, windows, windows 7 64-bit



Ähnliche Themen: Trojaner! System wurde aus Sicherheitsgründen gesperrt.


  1. achtung! ihr windowssystem wurde aus sicherheitsgründen gesperrt - trojaner
    Log-Analyse und Auswertung - 30.03.2012 (3)
  2. Meldung: Windows wurde aus Sicherheitsgründen gesperrt - Virus/Trojaner?
    Log-Analyse und Auswertung - 11.03.2012 (3)
  3. Achtung!Ihr Windows system wurde aus Sicherheitsgründen gesperrt
    Plagegeister aller Art und deren Bekämpfung - 01.03.2012 (8)
  4. 50 € "Aus Sicherheitsgründen wurde Ihr System gesperrt"-Virus
    Log-Analyse und Auswertung - 23.02.2012 (10)
  5. "Aus Sicherheitsgründen wurde ihr System gesperrt!"-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.02.2012 (23)
  6. Gehe zum ersten neuen Beitrag Achtung ! Aus Sicherheitsgründen wurde ihr Windows-System gesperrt
    Plagegeister aller Art und deren Bekämpfung - 22.02.2012 (27)
  7. Achtung ! Aus Sicherheitsgründen wurde ihr Windows-System gesperrt
    Plagegeister aller Art und deren Bekämpfung - 20.02.2012 (19)
  8. Trojaner: Ihr Windows wurde aus Sicherheitsgründen gesperrt! Bezahlen und runterladen
    Log-Analyse und Auswertung - 15.02.2012 (17)
  9. Virus/ Trojaner: Achtung, aus Sicherheitsgründen wurde ihr System wurde Blockiert!
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (15)
  10. Aus Sicherheitsgründen wurde ihr System gesperrt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (1)
  11. Trojaner - Aus Sicherheitsgründen wurde Ihr PC gesperrt. Windows Secuirity Center
    Plagegeister aller Art und deren Bekämpfung - 02.02.2012 (14)
  12. Aus sicherheitsgründen wurde ihr Windows-System gesperrt!!! :S
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (1)
  13. aus sicherheitsgründen wurde ihr system gesperrt - 50 euro bezahlen
    Plagegeister aller Art und deren Bekämpfung - 07.01.2012 (8)
  14. aus sicherheitsgründen wurde ihr system gesperrt - 50 euro bezahlen
    Log-Analyse und Auswertung - 06.01.2012 (17)
  15. aus Sicherheitsgründen wurde ihr System gesperrt - 50 Euro bezahlen...
    Alles rund um Windows - 02.01.2012 (2)
  16. "Achtung! Aus Sicherheitsgründen wurde ihr System gesperrt"
    Log-Analyse und Auswertung - 29.12.2011 (3)
  17. Aus Sicherheitsgründen wurde ihr System gesperrt
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (1)

Zum Thema Trojaner! System wurde aus Sicherheitsgründen gesperrt. - Hallo Ich habe mir heute den Trojaner eingefangen, der die Meldung bringt „System wurde aus Sicherheitsgründen gesperrt.“ Nach einem Start im Abgesichertenmodus konnte ich „Hihgjack this“ ausführen und das Log - Trojaner! System wurde aus Sicherheitsgründen gesperrt....
Archiv
Du betrachtest: Trojaner! System wurde aus Sicherheitsgründen gesperrt. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.