Alt 28.12.2011, 03:26   #1
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

da mein Rechner sehr langsam ist und Kaspersky eine Fehlermeldung ausspuckt, dass die schwarze Liste beschädigt ist, bin ich mir sicher, dass ich Viren auf den Rechner habe...

Bitte erneut um Hilfe!

Danke Voraus.

MFG darkrider78

Alt 28.12.2011, 05:42   #2
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

 hier steht das Log


Alt 30.12.2011, 01:09   #3
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Den Vollscan mit Malewarebytes habe ich gemacht.
Ich finde nur leider die Logs nicht.

Und die Logs von ESET auch nicht, bitte sagen Sie mir, wo die Programme die Logdateien speichern.

Alt 30.12.2011, 01:10   #4
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Ich finde nur leider die Logs nicht.
Malwarebytes starten => Reiter Logdateien

Und die Logs von ESET auch nicht,
Wurde in meiner Anleitung gepostet
Logfiles bitte immer in CODE-Tags posten

Alt 30.12.2011, 04:37   #5
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Malwarebytes Anti-Malware

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 03:46:49
mbam-log-2011-12-28 (03-46-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 500409
Laufzeit: 1 Stunde(n), 46 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

Nach Löschung der Funde:
Malwarebytes Anti-Malware

Datenbank Version: v2011.12.27.05

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7600.16385
****** :: ******-PC [Administrator]

28.12.2011 02:56:58
mbam-log-2011-12-28 (02-56-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 488011
Laufzeit: 45 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_cfg.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.
I:\DISC G\Sicherung vorm formatieren\******\Downloads\install_u_r.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Irgendwas hat mir den ESET Log zerschossen, ich werde gleich währen ich schlafe einen erneuten Scan machen und den Log dann posten...

Alt 31.12.2011, 00:18   #6
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Hier der ESET Log:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=
# OnlineScanner.ocx=
# api_version=3.0.2
# EOSSerial=24697847b8c78a4398d03265229f1ef9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-12-30 11:08:42
# local_time=2011-12-31 12:08:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 5894 76894212 0 0
# compatibility_mode=8192 67108863 100 0 222447 222447 0 0
# scanned=277617
# found=8
# cleaned=8
# scan_time=23501
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CheatEngine61(1).exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\DISC G\Sicherung vorm formatieren\***\Downloads\CrystalDiskInfo4_0_2a-en.exe	Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Documents\Sicherung vom USB-STICK\Downloads\CheatEngine60.exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CheatEngine61(1).exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CheatEngine61.exe	Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\CrystalDiskInfo4_0_2a-en.exe	Win32/OpenCandy Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\DivXInstaller813(1).exe	Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C
I:\Users\***\Downloads\DivXInstaller813.exe	Win32/Adware.ToolPlugin Anwendung (gelöscht - in Quarantäne kopiert)	00000000000000000000000000000000	C

Alt 31.12.2011, 00:25   #7
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

(gelöscht - in Quarantäne kopiert)
Warum kann man die Anleitungen nichmal vollstädnig und aufmerksam lesen?
Bei ESET sollten die Funde noch NICHT entfernt werden!
Logfiles bitte immer in CODE-Tags posten

Alt 31.12.2011, 00:36   #8
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Und jetzt?
EDIT: Sry, wegen der Anleitung, mir geht es in letzter Zeit vsehr schlecht und ich bin leicht verwirrt.

Alt 31.12.2011, 01:50   #9
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Guten Rutsch, melde mich 01.01.12 zwischen 18 und 23 Uhr wieder...

Alt 31.12.2011, 15:34   #10
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.exe /s
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
Logfiles bitte immer in CODE-Tags posten

Alt 01.01.2012, 16:59   #11
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

OTL logfile created on: 1/1/2012 4:41:47 PM - Run 1
OTL by OldTimer - Version     Folder = C:\Users\***\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 72.22% Memory free
6.00 Gb Paging File | 4.76 Gb Available in Paging File | 79.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 890.41 Gb Total Space | 779.72 Gb Free Space | 87.57% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 23.48 Gb Free Space | 58.70% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/01 16:36:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/29 18:40:26 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011/12/29 16:36:26 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/12/29 16:36:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/12/29 16:35:50 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/12/29 16:35:44 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/12/29 16:35:32 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/29 16:35:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/12/29 16:35:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/12/29 16:35:23 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/29 16:35:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/11/13 00:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\\mscorlib.resources.dll
MOD - [2010/05/27 20:40:48 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/05/12 14:12:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\\System.Runtime.Remoting.resources.dll
MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/23 14:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe -- (AVP)
SRV - [2010/09/14 05:46:26 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:46:16 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - [2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011/11/23 14:17:08 | 000,131,856 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/08/19 09:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C525(UVC)
DRV - [2011/08/19 09:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 09:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/09/14 05:46:26 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010/09/14 05:46:22 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010/09/14 05:46:18 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010/09/14 05:46:14 | 000,577,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/27 17:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 10:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.85
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: lazarus@interclue.com:2.0.4
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:
FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.2.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..keyword.URL: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: ""
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: ""
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/12/27 16:42:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011/12/28 04:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/12/27 16:45:52 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/12/27 16:45:53 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/12/27 16:45:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/27 16:45:55 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2011/12/27 16:45:50 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\moveplayer@movenetworks.com
[2011/12/27 16:45:51 | 000,000,000 | ---D | M] ("PennerBar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\423xf1hp.default\extensions\pennerbar3@pennergame.de
[2011/12/27 16:58:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ie_banner_deny.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer =
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\kloehk.dll) -C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
MsConfig - State: "bootini" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: BsScanner - Service
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: BsScanner - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/01 15:26:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/31 03:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011/12/31 03:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/12/31 02:07:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2011/12/31 02:05:16 | 000,000,000 | ---D | C] -- C:\AiO-Files
[2011/12/31 02:04:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\svcpack
[2011/12/31 00:13:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SoftGrid Client
[2011/12/31 00:13:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/31 00:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011/12/31 00:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/12/31 00:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2011/12/31 00:11:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TP
[2011/12/30 19:16:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\CyberLink
[2011/12/30 04:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
[2011/12/30 04:08:41 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Crossfire
[2011/12/30 01:24:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 01:02:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2011/12/30 01:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2011/12/30 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2011/12/30 01:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011/12/29 16:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM
[2011/12/28 21:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/12/28 15:08:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Logitech® Webcam-Software
[2011/12/28 15:04:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/12/28 15:04:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/28 15:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011/12/28 15:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/12/28 15:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011/12/28 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011/12/28 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/12/28 15:01:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/12/28 14:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2011/12/28 14:20:20 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/12/28 04:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/28 02:55:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011/12/28 02:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/28 02:55:40 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/28 02:23:28 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\CFNA
[2011/12/28 02:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Suite CBE 11
[2011/12/28 02:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/12/28 02:04:11 | 000,488,536 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:50:52 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/12/28 00:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/12/27 18:59:05 | 000,000,000 | ---D | C] -- C:\CFLog
[2011/12/27 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/27 18:41:15 | 000,025,088 | ---- | C] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2011/12/27 18:38:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\WinRAR
[2011/12/27 18:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games
[2011/12/27 17:38:21 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Hörspiele
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Vuze Downloads
[2011/12/27 17:27:23 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Videomaskenprojekte
[2011/12/27 17:27:19 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Texturen Pakete
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Sicherung vom USB-STICK
[2011/12/27 17:22:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\PF
[2011/12/27 17:22:08 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\O&O
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Need for Speed World
[2011/12/27 17:22:07 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\My Cheat Tables
[2011/12/27 17:21:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Minecraft Mod's
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX_Music_Maker_17
[2011/12/27 17:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MAGIX Downloads
[2011/12/27 17:18:46 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie GTA SA
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kopie FS
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Kalypso Media
[2011/12/27 17:18:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Image - SimCity3000 Deutschland
[2011/12/27 17:18:04 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\ICQ
[2011/12/27 17:18:03 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\HUiiii
[2011/12/27 17:17:55 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\FUSSBALL MANAGER 11 Demo
[2011/12/27 17:04:47 | 000,000,000 | -H-D | C] -- C:\Users\***\Eigene Filme
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Eigene Dateien
[2011/12/27 17:02:42 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Cross Fire
[2011/12/27 17:02:05 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Play4Free
[2011/12/27 17:01:57 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Heroes
[2011/12/27 17:01:30 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Abbild CBS
[2011/12/27 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe
[2011/12/27 16:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/12/27 16:53:52 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/12/27 16:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/12/27 16:52:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/27 16:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2011/12/27 16:46:18 | 000,000,000 | ---D | C] -- C:\SG Interactive
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2011/12/27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2011/12/27 16:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2011/12/27 16:42:18 | 000,000,000 | ---D | C] -- C:\Programme
[2011/12/27 16:31:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:19:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:18:12 | 000,117,760 | -H-- | C] (Skydaz) -- C:\Users\***\Desktop\Mod Tools v2.2.exe
[2011/12/27 16:18:10 | 000,925,696 | -H-- | C] (Georg Rottensteiner) -- C:\Users\***\Desktop\HitBlock.exe
[2011/12/27 16:18:10 | 000,388,608 | -H-- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis204.exe
[2011/12/27 16:18:09 | 000,684,032 | -H-- | C] (Wissen digital) -- C:\Users\***\Desktop\Führerschein.exe
[2011/12/27 16:18:06 | 003,095,040 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/27 16:18:02 | 002,904,064 | RH-- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/27 16:17:42 | 001,236,480 | ---- | C] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/27 16:17:40 | 001,953,792 | -H-- | C] ( g4bo) -- C:\Users\***\Desktop\CF_G4box.exe
[2011/12/27 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\***\CrossFire_1080
[2011/12/27 16:14:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/27 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ATI
[2011/12/27 16:14:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Power2Go
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\Searches
[2011/12/27 16:14:04 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/27 16:13:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:13:55 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts
[2011/12/27 16:13:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/27 16:13:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2011/12/27 16:13:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2011/12/27 16:13:42 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2011/12/27 16:13:42 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/27 16:13:42 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011/12/27 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2011/12/27 16:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/12/27 16:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials 4
[2011/12/27 16:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2011/12/27 16:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2011/12/27 16:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2011/12/27 16:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/27 16:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/12/27 16:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/12/27 16:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/12/27 16:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/12/27 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/12/27 16:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/27 16:06:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/12/27 16:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/12/27 16:04:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/12/27 16:04:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/01 16:13:05 | 026,928,174 | ---- | M] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:06:25 | 002,992,284 | ---- | M] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2012/01/01 15:35:23 | 000,662,686 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/01 15:35:23 | 000,623,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/01 15:35:23 | 000,133,764 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/01 15:35:23 | 000,109,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:29:05 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 15:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/01 15:21:23 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/31 03:36:14 | 000,001,690 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011/12/31 01:54:11 | 000,058,360 | ---- | M] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 17:01:58 | 000,000,869 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | M] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 16:32:21 | 000,278,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/28 15:03:37 | 000,001,586 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 02:56:22 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011/12/28 02:44:07 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:44:07 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 02:42:07 | 000,002,495 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | M] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2011/12/28 00:48:12 | 000,000,858 | ---- | M] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:03:11 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/12/27 16:53:03 | 000,001,545 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:48:05 | 000,000,849 | ---- | M] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:10:27 | 000,000,020 | ---- | M] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | M] () -- C:\Windows\DùR
[2011/12/27 15:22:37 | 016,257,873 | ---- | M] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/25 20:03:37 | 000,093,860 | ---- | M] () -- C:\Users\***\Documents\New.MMM
[2011/12/25 20:02:40 | 000,119,382 | ---- | M] () -- C:\Users\***\Documents\rock.MMM
[2011/12/25 11:37:48 | 000,000,371 | ---- | M] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/24 13:06:06 | 000,001,352 | ---- | M] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/23 15:22:44 | 001,236,480 | ---- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFire Hack.exe
[2011/12/23 14:47:28 | 002,904,064 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireEU.dll
[2011/12/23 14:46:52 | 003,095,040 | RH-- | M] (zYan Development) -- C:\Users\***\Desktop\CrossFireNA.dll
[2011/12/19 15:14:42 | 000,036,864 | ---- | M] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/17 20:05:55 | 001,264,095 | ---- | M] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/16 15:09:51 | 000,000,053 | RH-- | M] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/14 16:41:30 | 536,435,153 | ---- | M] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 21:42:15 | 000,000,754 | -H-- | M] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/07 13:07:25 | 000,013,157 | -H-- | M] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/03 00:14:34 | 000,073,604 | -H-- | M] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/02 18:39:56 | 000,025,088 | ---- | M] (Bjorn) -- C:\Users\***\Desktop\AFK Bot.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/01 16:08:54 | 026,928,174 | ---- | C] () -- C:\Users\***\Documents\video-2011-12-31-14-18-55.mp4
[2012/01/01 16:05:59 | 002,992,284 | ---- | C] () -- C:\Users\***\Documents\2011-12-31 15.28.58.jpg
[2011/12/31 02:04:14 | 000,000,371 | ---- | C] () -- C:\Users\***\Desktop\entries_AiORuntimes.ini
[2011/12/31 02:04:14 | 000,000,279 | ---- | C] () -- C:\Users\***\Desktop\AiO.ini
[2011/12/31 01:54:03 | 000,058,360 | ---- | C] () -- C:\Users\***\Documents\cc_20111231_015401.reg
[2011/12/31 01:52:23 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/30 19:15:21 | 520,349,696 | ---- | C] () -- C:\Users\***\Desktop\ophcrack-vista-livecd-2.3.1.iso
[2011/12/30 17:01:58 | 000,000,869 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011/12/30 04:24:42 | 000,001,102 | ---- | C] () -- C:\Users\***\Desktop\CrossFire.lnk
[2011/12/30 01:01:50 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011/12/29 23:58:09 | 000,036,864 | ---- | C] () -- C:\Users\***\Desktop\Abel09 Christmas HackV4.dll
[2011/12/28 21:04:18 | 000,001,140 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011/12/28 15:03:37 | 000,001,586 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2011/12/28 14:20:57 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/12/28 14:20:05 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/12/28 14:20:00 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/12/28 02:56:22 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011/12/28 02:39:00 | 000,550,854 | ---- | C] () -- C:\Users\***\Desktop\X-TRAP 20111228.bmp
[2011/12/28 02:05:08 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/12/28 02:05:07 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/12/28 00:49:44 | 000,000,858 | ---- | C] () -- C:\Users\***\Desktop\Sandboxed Web Browser.lnk
[2011/12/28 00:49:41 | 000,001,690 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/12/27 23:58:21 | 2415,321,088 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/27 17:30:38 | 000,231,252 | -H-- | C] () -- C:\Users\***\Documents\Unbenannt.png
[2011/12/27 17:30:38 | 000,119,382 | ---- | C] () -- C:\Users\***\Documents\rock.MMM
[2011/12/27 17:30:38 | 000,093,860 | ---- | C] () -- C:\Users\***\Documents\New.MMM
[2011/12/27 17:28:14 | 052,723,711 | -H-- | C] () -- C:\Users\***\Documents\IMAGE.iso
[2011/12/27 17:28:14 | 000,000,107 | -H-- | C] () -- C:\Users\***\Documents\gta sa 1.cht
[2011/12/27 17:28:13 | 016,257,873 | ---- | C] () -- C:\Users\***\Documents\Firefox 6.0.2 (de) - 2011-12-27.pcv
[2011/12/27 17:28:13 | 001,264,095 | ---- | C] () -- C:\Users\***\Documents\Fehlermeldung CrossFire Europe.png
[2011/12/27 17:27:53 | 000,036,134 | -H-- | C] () -- C:\Users\***\Documents\cc_20111101_194453.reg
[2011/12/27 17:27:52 | 011,481,072 | -H-- | C] () -- C:\Users\***\Documents\bfh.wmv
[2011/12/27 17:27:52 | 000,001,352 | ---- | C] () -- C:\Users\***\Documents\AutoHotkey.ahk
[2011/12/27 17:27:48 | 140,388,356 | -H-- | C] () -- C:\Users\***\Documents\Absicherung vor Änderung der reg wegen Skype.reg
[2011/12/27 17:27:48 | 000,292,033 | -H-- | C] () -- C:\Users\***\Documents\20111103-5-ichbinschwerti.jpg
[2011/12/27 17:27:47 | 000,073,604 | -H-- | C] () -- C:\Users\***\Documents\381113_331309583551764_100000181757871_1545161_1598838906_n.jpg
[2011/12/27 16:58:32 | 000,002,495 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/27 16:53:03 | 000,001,545 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011/12/27 16:42:53 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011/12/27 16:42:26 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/27 16:42:26 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/27 16:18:19 | 001,009,664 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.exe
[2011/12/27 16:18:19 | 000,001,669 | -H-- | C] () -- C:\Users\***\Desktop\Xpadder.ini
[2011/12/27 16:18:15 | 000,013,157 | -H-- | C] () -- C:\Users\***\Desktop\Sound - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,013,149 | -H-- | C] () -- C:\Users\***\Desktop\Spracherkennung starten - Verknüpfung.lnk
[2011/12/27 16:18:15 | 000,000,209 | -H-- | C] () -- C:\Users\***\Desktop\Team Fortress 2.url
[2011/12/27 16:18:15 | 000,000,072 | -H-- | C] () -- C:\Users\***\Desktop\taskmgr (2).cmd
[2011/12/27 16:18:14 | 003,171,328 | -H-- | C] () -- C:\Users\***\Desktop\RollerCoaster Tycoon.exe
[2011/12/27 16:18:12 | 000,001,785 | -H-- | C] () -- C:\Users\***\Desktop\Maus- und Tastatureinstellungen.lnk
[2011/12/27 16:18:12 | 000,000,720 | -H-- | C] () -- C:\Users\***\Desktop\MacroX.lnk
[2011/12/27 16:18:12 | 000,000,000 | -H-- | C] () -- C:\Users\***\Desktop\info.nfo
[2011/12/27 16:18:09 | 000,000,754 | -H-- | C] () -- C:\Users\***\Desktop\FreeCommander.lnk
[2011/12/27 16:18:08 | 000,000,891 | -H-- | C] () -- C:\Users\***\Desktop\Eigene Musik.lnk
[2011/12/27 16:18:08 | 000,000,757 | -H-- | C] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk
[2011/12/27 16:17:43 | 536,435,153 | ---- | C] () -- C:\Users\***\Desktop\Crossfire_Install.exe
[2011/12/27 16:17:42 | 000,000,849 | ---- | C] () -- C:\Users\***\Desktop\Crossfire Europe.lnk
[2011/12/27 16:17:42 | 000,000,053 | RH-- | C] () -- C:\Users\***\Desktop\Crossfire Europe.url
[2011/12/27 16:17:40 | 000,001,035 | -H-- | C] () -- C:\Users\***\Desktop\Cheat Engine.lnk
[2011/12/27 16:14:05 | 000,001,417 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
[2011/08/19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 06:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/07/01 23:01:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/12 14:13:56 | 000,662,686 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/12 14:13:56 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/12 14:13:56 | 000,133,764 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/12 14:13:56 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/29 16:37:26 | 000,002,137 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/04/06 18:54:32 | 000,203,336 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,278,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,623,174 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,109,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
========== LOP Check ==========
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2009/07/14 05:53:46 | 000,011,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/12/27 16:31:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2011/12/27 16:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI
[2011/12/30 01:24:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Corel
[2011/12/30 19:17:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CyberLink
[2012/01/01 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/12/27 16:13:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2011/12/27 16:14:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Intel Corporation
[2011/12/28 15:04:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010/06/30 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2011/12/28 02:55:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2009/07/14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Media Center Programs
[2011/12/31 00:13:27 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2011/12/27 16:44:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2012/01/01 16:37:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2011/12/31 02:15:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011/12/28 21:04:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/12/31 00:13:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2011/12/27 18:41:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2010/06/30 11:23:09 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/12/28 15:04:22 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011/09/23 13:04:06 | 001,341,376 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\423xf1hp.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: AHCIX86S.SYS  >
[2007/11/14 18:44:42 | 000,129,552 | ---- | M] (Promise Technology, Inc.) MD5=58CB1FA96B24DFE2196548E959B1996B -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2009/10/26 18:41:10 | 000,189,496 | ---- | M] (Advanced Micro Devices, Inc) MD5=6C27F0A964EA98F457CAAB9A47030538 -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\W7\ahcix86s.sys
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTOR.SYS  >
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\drivers\iaStor.sys
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e8a55be84650e755\iaStor.sys
< MD5 for: IASTORV.SYS  >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS  >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE  >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys
[2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl2.sys
[2011/12/28 02:04:11 | 000,488,536 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys
[2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys
[2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2011/04/13 15:38:36 | 000,229,776 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\klogon.dll
[2009/07/14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
========== Files - Unicode (All) ==========
[2011/12/27 16:18:19 | 000,000,000 | -H-- | C] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt
[2011/09/13 23:06:17 | 000,000,000 | -H-- | M] ()(C:\Users\***\Desktop\??????????darkrider78??????.txt) -- C:\Users\***\Desktop\ҳ̸Ҳ̸ҳҳ̸Ҳ̸ҳdarkrider78ҳ̸Ҳ̸ҳҳ.txt

< End of report >

Alt 02.01.2012, 12:33   #12
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
FF - prefs.js..keyword.URL: "http://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q="
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: ""
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: ""
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2011/12/27 16:18:13 | 000,949,904 | ---- | C] (Neowiz Games) -- C:\Users\***\Desktop\patcher_cf.exe
[2011/12/27 16:10:26 | 000,000,020 | ---- | C] () -- C:\Windows\põ‚
[2011/12/27 16:08:09 | 000,000,020 | ---- | C] () -- C:\Windows\DùR
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
Logfiles bitte immer in CODE-Tags posten

Alt 02.01.2012, 18:34   #13
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Hier das Log:
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "hxxp://www.google.de/#sclient=psy-ab&hl=de&site=&source=hp&q=" removed from keyword.URL
Prefs.js: "" removed from network.proxy.http
Prefs.js: 8118 removed from network.proxy.http_port
Prefs.js: "" removed from network.proxy.no_proxies_on
Prefs.js: "" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: "" removed from network.proxy.ssl
Prefs.js: 8118 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File C:\Users\***\Desktop\patcher_cf.exe not found.
C:\Windows\põ‚ moved successfully.
C:\Windows\DùR moved successfully.
========== COMMANDS ==========
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: ***
->Temp folder emptied: 14312852 bytes
->Temporary Internet Files folder emptied: 23992236 bytes
->Java cache emptied: 8383236 bytes
->FireFox cache emptied: 40165227 bytes
->Flash cache emptied: 57317 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33436802 bytes
RecycleBin emptied: 37291606 bytes
Total Files Cleaned = 150.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version log created on 01022012_182951

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alt 02.01.2012, 21:06   #14
/// Winkelfunktion
/// TB-Süch-Tiger™
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
Logfiles bitte immer in CODE-Tags posten

Alt 05.01.2012, 13:45   #15
Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos - Standard

Rechner langsam// Kaspersky - Schwarze Liste beschädigt - Update erfolglos

Hier der Log (mein Rechner ist noch langsamer geworden):

13:37:11.0753 3228	TDSS rootkit removing tool Dec 23 2011 14:51:16
13:37:11.0875 3228	============================================================
13:37:11.0875 3228	Current date / time: 2012/01/05 13:37:11.0875
13:37:11.0876 3228	SystemInfo:
13:37:11.0876 3228	
13:37:11.0876 3228	OS Version: 6.1.7601 ServicePack: 1.0
13:37:11.0876 3228	Product type: Workstation
13:37:11.0876 3228	ComputerName: TOBIAS-PC
13:37:11.0876 3228	UserName: Tobias
13:37:11.0876 3228	Windows directory: C:\Windows
13:37:11.0876 3228	System windows directory: C:\Windows
13:37:11.0877 3228	Processor architecture: Intel x86
13:37:11.0877 3228	Number of processors: 2
13:37:11.0877 3228	Page size: 0x1000
13:37:11.0877 3228	Boot type: Normal boot
13:37:11.0877 3228	============================================================
13:37:12.0440 3228	Initialize success
13:40:21.0334 4568	============================================================
13:40:21.0334 4568	Scan started
13:40:21.0334 4568	Mode: Manual; SigCheck; TDLFS; 
13:40:21.0334 4568	============================================================
13:40:23.0191 4568	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:40:23.0315 4568	1394ohci - ok
13:40:23.0347 4568	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:40:23.0362 4568	ACPI - ok
13:40:23.0378 4568	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:40:23.0471 4568	AcpiPmi - ok
13:40:23.0627 4568	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:23.0690 4568	adp94xx - ok
13:40:23.0721 4568	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:40:23.0737 4568	adpahci - ok
13:40:23.0768 4568	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:40:23.0783 4568	adpu320 - ok
13:40:23.0893 4568	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:40:23.0971 4568	AFD - ok
13:40:24.0017 4568	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:40:24.0033 4568	agp440 - ok
13:40:24.0127 4568	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:40:24.0158 4568	aic78xx - ok
13:40:24.0205 4568	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:40:24.0220 4568	aliide - ok
13:40:24.0251 4568	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:40:24.0267 4568	amdagp - ok
13:40:24.0361 4568	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:40:24.0376 4568	amdide - ok
13:40:24.0423 4568	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:40:24.0485 4568	AmdK8 - ok
13:40:24.0579 4568	amdkmdag        (51610b74a9a1d84dc86fce1019beaff4) C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:24.0735 4568	amdkmdag - ok
13:40:24.0829 4568	amdkmdap        (cd1d86ab81eece67d7bd6f7ef9786ccc) C:\Windows\system32\DRIVERS\atikmpag.sys
13:40:24.0891 4568	amdkmdap - ok
13:40:24.0922 4568	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:40:24.0953 4568	AmdPPM - ok
13:40:24.0985 4568	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:40:25.0031 4568	amdsata - ok
13:40:25.0094 4568	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:25.0125 4568	amdsbs - ok
13:40:25.0141 4568	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:40:25.0172 4568	amdxata - ok
13:40:25.0203 4568	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:40:25.0328 4568	AppID - ok
13:40:25.0375 4568	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:40:25.0390 4568	arc - ok
13:40:25.0531 4568	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:40:25.0577 4568	arcsas - ok
13:40:25.0624 4568	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:25.0718 4568	AsyncMac - ok
13:40:25.0874 4568	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:40:25.0905 4568	atapi - ok
13:40:25.0967 4568	AtiHdmiService  (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
13:40:25.0999 4568	AtiHdmiService - ok
13:40:26.0123 4568	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:40:26.0186 4568	b06bdrv - ok
13:40:26.0217 4568	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:40:26.0248 4568	b57nd60x - ok
13:40:26.0264 4568	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:40:26.0311 4568	Beep - ok
13:40:26.0435 4568	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:26.0482 4568	blbdrive - ok
13:40:26.0529 4568	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:40:26.0607 4568	bowser - ok
13:40:26.0638 4568	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:26.0685 4568	BrFiltLo - ok
13:40:26.0763 4568	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:26.0825 4568	BrFiltUp - ok
13:40:26.0857 4568	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:40:26.0888 4568	Brserid - ok
13:40:26.0919 4568	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:26.0966 4568	BrSerWdm - ok
13:40:27.0106 4568	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:27.0153 4568	BrUsbMdm - ok
13:40:27.0184 4568	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:27.0215 4568	BrUsbSer - ok
13:40:27.0231 4568	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:27.0262 4568	BTHMODEM - ok
13:40:27.0387 4568	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:40:27.0465 4568	cdfs - ok
13:40:27.0512 4568	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:40:27.0543 4568	cdrom - ok
13:40:27.0683 4568	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:40:27.0761 4568	circlass - ok
13:40:27.0777 4568	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:40:27.0824 4568	CLFS - ok
13:40:28.0027 4568	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:28.0105 4568	CmBatt - ok
13:40:28.0120 4568	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:40:28.0136 4568	cmdide - ok
13:40:28.0198 4568	CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:40:28.0245 4568	CNG - ok
13:40:28.0261 4568	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:40:28.0292 4568	Compbatt - ok
13:40:28.0354 4568	CompFilter      (bc6b87086ff0d99f87fe8af9a919a1e7) C:\Windows\system32\DRIVERS\lvbusflt.sys
13:40:28.0385 4568	CompFilter - ok
13:40:28.0526 4568	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:40:28.0604 4568	CompositeBus - ok
13:40:28.0635 4568	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:28.0651 4568	crcdisk - ok
13:40:28.0729 4568	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:40:28.0791 4568	DfsC - ok
13:40:28.0947 4568	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:40:28.0994 4568	discache - ok
13:40:29.0056 4568	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:40:29.0087 4568	Disk - ok
13:40:29.0150 4568	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:40:29.0181 4568	drmkaud - ok
13:40:29.0212 4568	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:40:29.0243 4568	DXGKrnl - ok
13:40:29.0321 4568	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:40:29.0399 4568	ebdrv - ok
13:40:29.0571 4568	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:40:29.0602 4568	elxstor - ok
13:40:29.0649 4568	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:40:29.0696 4568	ErrDev - ok
13:40:29.0743 4568	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:40:29.0774 4568	exfat - ok
13:40:29.0836 4568	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:40:29.0899 4568	fastfat - ok
13:40:29.0930 4568	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:40:29.0961 4568	fdc - ok
13:40:30.0023 4568	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:40:30.0039 4568	FileInfo - ok
13:40:30.0101 4568	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:40:30.0148 4568	Filetrace - ok
13:40:30.0179 4568	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:30.0211 4568	flpydisk - ok
13:40:30.0242 4568	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:40:30.0273 4568	FltMgr - ok
13:40:30.0304 4568	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:40:30.0320 4568	FsDepends - ok
13:40:30.0413 4568	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:40:30.0445 4568	Fs_Rec - ok
13:40:30.0476 4568	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:40:30.0523 4568	fvevol - ok
13:40:30.0569 4568	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:40:30.0585 4568	gagp30kx - ok
13:40:30.0616 4568	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:40:30.0647 4568	hcw85cir - ok
13:40:30.0725 4568	HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:40:30.0788 4568	HdAudAddService - ok
13:40:30.0835 4568	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:40:30.0897 4568	HDAudBus - ok
13:40:30.0928 4568	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:40:30.0975 4568	HidBatt - ok
13:40:31.0037 4568	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:40:31.0084 4568	HidBth - ok
13:40:31.0131 4568	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:40:31.0178 4568	HidIr - ok
13:40:31.0225 4568	HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
13:40:31.0271 4568	HidUsb - ok
13:40:31.0396 4568	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:40:31.0427 4568	HpSAMD - ok
13:40:31.0474 4568	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:40:31.0537 4568	HTTP - ok
13:40:31.0568 4568	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:40:31.0599 4568	hwpolicy - ok
13:40:31.0677 4568	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:40:31.0693 4568	i8042prt - ok
13:40:31.0724 4568	iaStor          (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:40:31.0755 4568	iaStor - ok
13:40:31.0786 4568	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:40:31.0802 4568	iaStorV - ok
13:40:32.0051 4568	igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:40:32.0161 4568	igfx - ok
13:40:32.0254 4568	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:40:32.0285 4568	iirsp - ok
13:40:32.0379 4568	IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
13:40:32.0441 4568	IntcAzAudAddService - ok
13:40:32.0488 4568	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:40:32.0535 4568	intelide - ok
13:40:32.0566 4568	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:40:32.0597 4568	intelppm - ok
13:40:32.0629 4568	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:32.0691 4568	IpFilterDriver - ok
13:40:32.0785 4568	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:40:32.0847 4568	IPMIDRV - ok
13:40:32.0878 4568	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:40:32.0956 4568	IPNAT - ok
13:40:33.0019 4568	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:40:33.0097 4568	IRENUM - ok
13:40:33.0143 4568	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:40:33.0175 4568	isapnp - ok
13:40:33.0190 4568	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:40:33.0221 4568	iScsiPrt - ok
13:40:33.0268 4568	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:40:33.0284 4568	kbdclass - ok
13:40:33.0315 4568	kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
13:40:33.0331 4568	kbdhid - ok
13:40:33.0424 4568	KL1             (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
13:40:33.0455 4568	KL1 - ok
13:40:33.0487 4568	kl2             (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
13:40:33.0487 4568	kl2 - ok
13:40:33.0533 4568	KLIF            (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
13:40:33.0549 4568	KLIF - ok
13:40:33.0596 4568	KLIM6           (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
13:40:33.0611 4568	KLIM6 - ok
13:40:33.0736 4568	klmouflt        (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
13:40:33.0752 4568	klmouflt - ok
13:40:33.0799 4568	KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:40:33.0830 4568	KSecDD - ok
13:40:33.0845 4568	KSecPkg         (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:40:33.0861 4568	KSecPkg - ok
13:40:33.0955 4568	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:40:34.0017 4568	lltdio - ok
13:40:34.0079 4568	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:40:34.0095 4568	LSI_FC - ok
13:40:34.0126 4568	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:40:34.0142 4568	LSI_SAS - ok
13:40:34.0204 4568	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:40:34.0235 4568	LSI_SAS2 - ok
13:40:34.0235 4568	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:40:34.0251 4568	LSI_SCSI - ok
13:40:34.0267 4568	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:40:34.0313 4568	luafv - ok
13:40:34.0438 4568	LVRS            (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
13:40:34.0485 4568	LVRS - ok
13:40:34.0625 4568	LVUVC           (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
13:40:34.0719 4568	LVUVC - ok
13:40:34.0969 4568	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:40:35.0015 4568	megasas - ok
13:40:35.0031 4568	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:40:35.0047 4568	MegaSR - ok
13:40:35.0078 4568	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:40:35.0109 4568	Modem - ok
13:40:35.0234 4568	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:40:35.0281 4568	monitor - ok
13:40:35.0327 4568	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:40:35.0359 4568	mouclass - ok
13:40:35.0390 4568	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:40:35.0421 4568	mouhid - ok
13:40:35.0515 4568	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:40:35.0546 4568	mountmgr - ok
13:40:35.0561 4568	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:40:35.0577 4568	mpio - ok
13:40:35.0624 4568	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:40:35.0686 4568	mpsdrv - ok
13:40:35.0733 4568	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:40:35.0780 4568	MRxDAV - ok
13:40:35.0889 4568	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:35.0936 4568	mrxsmb - ok
13:40:35.0967 4568	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:36.0014 4568	mrxsmb10 - ok
13:40:36.0029 4568	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:36.0061 4568	mrxsmb20 - ok
13:40:36.0201 4568	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:40:36.0232 4568	msahci - ok
13:40:36.0248 4568	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:40:36.0279 4568	msdsm - ok
13:40:36.0295 4568	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:40:36.0341 4568	Msfs - ok
13:40:36.0404 4568	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:40:36.0466 4568	mshidkmdf - ok
13:40:36.0497 4568	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:40:36.0513 4568	msisadrv - ok
13:40:36.0544 4568	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:40:36.0575 4568	MSKSSRV - ok
13:40:36.0653 4568	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:36.0731 4568	MSPCLOCK - ok
13:40:36.0747 4568	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:40:36.0778 4568	MSPQM - ok
13:40:36.0825 4568	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:40:36.0841 4568	MsRPC - ok
13:40:36.0919 4568	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:40:36.0950 4568	mssmbios - ok
13:40:36.0997 4568	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:40:37.0028 4568	MSTEE - ok
13:40:37.0059 4568	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:40:37.0121 4568	MTConfig - ok
13:40:37.0231 4568	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:40:37.0262 4568	Mup - ok
13:40:37.0309 4568	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:40:37.0355 4568	NativeWifiP - ok
13:40:37.0387 4568	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:40:37.0402 4568	NDIS - ok
13:40:37.0511 4568	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:40:37.0589 4568	NdisCap - ok
13:40:37.0636 4568	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:37.0699 4568	NdisTapi - ok
13:40:37.0792 4568	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:37.0855 4568	Ndisuio - ok
13:40:37.0917 4568	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:37.0995 4568	NdisWan - ok
13:40:38.0042 4568	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:40:38.0104 4568	NDProxy - ok
13:40:38.0182 4568	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:40:38.0245 4568	NetBIOS - ok
13:40:38.0276 4568	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:40:38.0323 4568	NetBT - ok
13:40:38.0385 4568	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:40:38.0401 4568	nfrd960 - ok
13:40:38.0479 4568	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:40:38.0525 4568	Npfs - ok
13:40:38.0557 4568	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:40:38.0588 4568	nsiproxy - ok
13:40:38.0650 4568	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:40:38.0697 4568	Ntfs - ok
13:40:38.0775 4568	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:40:38.0837 4568	Null - ok
13:40:38.0869 4568	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:40:38.0884 4568	nvraid - ok
13:40:38.0900 4568	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:40:38.0915 4568	nvstor - ok
13:40:38.0947 4568	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:40:38.0962 4568	nv_agp - ok
13:40:39.0040 4568	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:40:39.0103 4568	ohci1394 - ok
13:40:39.0134 4568	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:40:39.0181 4568	Parport - ok
13:40:39.0212 4568	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:40:39.0243 4568	partmgr - ok
13:40:39.0337 4568	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:40:39.0399 4568	Parvdm - ok
13:40:39.0430 4568	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:40:39.0446 4568	pci - ok
13:40:39.0461 4568	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:40:39.0477 4568	pciide - ok
13:40:39.0508 4568	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:40:39.0524 4568	pcmcia - ok
13:40:39.0539 4568	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:40:39.0555 4568	pcw - ok
13:40:39.0633 4568	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:40:39.0695 4568	PEAUTH - ok
13:40:39.0742 4568	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:40:39.0789 4568	PptpMiniport - ok
13:40:39.0836 4568	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:40:39.0867 4568	Processor - ok
13:40:39.0976 4568	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:40:40.0039 4568	Psched - ok
13:40:40.0101 4568	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:40:40.0148 4568	ql2300 - ok
13:40:40.0163 4568	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:40:40.0179 4568	ql40xx - ok
13:40:40.0273 4568	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:40:40.0335 4568	QWAVEdrv - ok
13:40:40.0351 4568	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:40:40.0397 4568	RasAcd - ok
13:40:40.0475 4568	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:40:40.0553 4568	RasAgileVpn - ok
13:40:40.0631 4568	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:40:40.0694 4568	Rasl2tp - ok
13:40:40.0725 4568	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:40:40.0772 4568	RasPppoe - ok
13:40:40.0787 4568	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:40:40.0850 4568	RasSstp - ok
13:40:41.0193 4568	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:40:41.0240 4568	rdbss - ok
13:40:41.0302 4568	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:40:41.0365 4568	rdpbus - ok
13:40:41.0443 4568	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:40:41.0521 4568	RDPCDD - ok
13:40:41.0599 4568	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:40:41.0645 4568	RDPENCDD - ok
13:40:41.0677 4568	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:40:41.0723 4568	RDPREFMP - ok
13:40:41.0786 4568	RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:40:41.0864 4568	RDPWD - ok
13:40:41.0895 4568	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:40:41.0911 4568	rdyboost - ok
13:40:41.0989 4568	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:40:42.0067 4568	rspndr - ok
13:40:42.0113 4568	RTL8167         (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:40:42.0160 4568	RTL8167 - ok
13:40:42.0207 4568	RTL8192su       (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys
13:40:42.0223 4568	RTL8192su - ok
13:40:42.0301 4568	SbieDrv         (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Programme\Sandboxie\SbieDrv.sys
13:40:42.0347 4568	SbieDrv - ok
13:40:42.0472 4568	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:40:42.0519 4568	sbp2port - ok
13:40:42.0550 4568	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:40:42.0613 4568	scfilter - ok
13:40:42.0722 4568	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:40:42.0769 4568	secdrv - ok
13:40:42.0800 4568	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:40:42.0831 4568	Serenum - ok
13:40:42.0878 4568	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:40:42.0925 4568	Serial - ok
13:40:43.0003 4568	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:40:43.0049 4568	sermouse - ok
13:40:43.0081 4568	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:40:43.0112 4568	sffdisk - ok
13:40:43.0127 4568	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:40:43.0159 4568	sffp_mmc - ok
13:40:43.0174 4568	sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
13:40:43.0221 4568	sffp_sd - ok
13:40:43.0486 4568	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:40:43.0549 4568	sfloppy - ok
13:40:43.0658 4568	Sftfs           (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:40:43.0689 4568	Sftfs - ok
13:40:43.0751 4568	Sftplay         (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:40:43.0798 4568	Sftplay - ok
13:40:43.0814 4568	Sftredir        (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:40:43.0829 4568	Sftredir - ok
13:40:43.0892 4568	Sftvol          (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:40:43.0923 4568	Sftvol - ok
13:40:43.0970 4568	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:40:44.0017 4568	sisagp - ok
13:40:44.0063 4568	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:40:44.0079 4568	SiSRaid2 - ok
13:40:44.0157 4568	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:40:44.0204 4568	SiSRaid4 - ok
13:40:44.0251 4568	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:40:44.0282 4568	Smb - ok
13:40:44.0329 4568	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:40:44.0344 4568	spldr - ok
13:40:44.0438 4568	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:40:44.0500 4568	srv - ok
13:40:44.0531 4568	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:40:44.0594 4568	srv2 - ok
13:40:44.0625 4568	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:40:44.0656 4568	srvnet - ok
13:40:44.0812 4568	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:40:44.0843 4568	stexstor - ok
13:40:44.0999 4568	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:40:45.0031 4568	swenum - ok
13:40:45.0187 4568	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:40:45.0233 4568	Tcpip - ok
13:40:45.0265 4568	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:40:45.0296 4568	TCPIP6 - ok
13:40:45.0311 4568	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:40:45.0343 4568	tcpipreg - ok
13:40:45.0389 4568	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:40:45.0467 4568	TDPIPE - ok
13:40:45.0530 4568	TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:40:45.0608 4568	TDTCP - ok
13:40:45.0655 4568	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:40:45.0701 4568	tdx - ok
13:40:45.0748 4568	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:40:45.0779 4568	TermDD - ok
13:40:45.0998 4568	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:40:46.0076 4568	tssecsrv - ok
13:40:46.0123 4568	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:40:46.0169 4568	TsUsbFlt - ok
13:40:46.0294 4568	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:40:46.0357 4568	tunnel - ok
13:40:46.0388 4568	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:40:46.0403 4568	uagp35 - ok
13:40:46.0435 4568	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:40:46.0513 4568	udfs - ok
13:40:46.0669 4568	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:40:46.0700 4568	uliagpkx - ok
13:40:46.0731 4568	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:40:46.0762 4568	umbus - ok
13:40:46.0778 4568	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:40:46.0809 4568	UmPass - ok
13:40:47.0012 4568	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:40:47.0105 4568	usbaudio - ok
13:40:47.0293 4568	usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:40:47.0355 4568	usbccgp - ok
13:40:47.0402 4568	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:40:47.0433 4568	usbcir - ok
13:40:47.0542 4568	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:40:47.0605 4568	usbehci - ok
13:40:47.0651 4568	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:40:47.0714 4568	usbhub - ok
13:40:47.0870 4568	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:40:47.0932 4568	usbohci - ok
13:40:47.0995 4568	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:40:48.0057 4568	usbprint - ok
13:40:48.0229 4568	USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:40:48.0291 4568	USBSTOR - ok
13:40:48.0338 4568	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:40:48.0385 4568	usbuhci - ok
13:40:48.0431 4568	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:40:48.0478 4568	usbvideo - ok
13:40:48.0509 4568	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:40:48.0525 4568	vdrvroot - ok
13:40:48.0572 4568	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:40:48.0634 4568	vga - ok
13:40:48.0665 4568	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:40:48.0697 4568	VgaSave - ok
13:40:48.0728 4568	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:40:48.0743 4568	vhdmp - ok
13:40:48.0790 4568	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:40:48.0837 4568	viaagp - ok
13:40:48.0884 4568	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:40:48.0915 4568	ViaC7 - ok
13:40:48.0962 4568	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:40:48.0977 4568	viaide - ok
13:40:48.0993 4568	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:40:49.0009 4568	volmgr - ok
13:40:49.0040 4568	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:40:49.0087 4568	volmgrx - ok
13:40:49.0149 4568	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:40:49.0180 4568	volsnap - ok
13:40:49.0211 4568	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:40:49.0227 4568	vsmraid - ok
13:40:49.0243 4568	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:40:49.0274 4568	vwifibus - ok
13:40:49.0305 4568	vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:40:49.0336 4568	vwififlt - ok
13:40:49.0523 4568	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:40:49.0586 4568	WacomPen - ok
13:40:49.0664 4568	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0726 4568	WANARP - ok
13:40:49.0726 4568	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:49.0757 4568	Wanarpv6 - ok
13:40:49.0867 4568	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:40:49.0898 4568	Wd - ok
13:40:50.0023 4568	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:40:50.0054 4568	Wdf01000 - ok
13:40:50.0132 4568	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:40:50.0179 4568	WfpLwf - ok
13:40:50.0257 4568	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:40:50.0288 4568	WIMMount - ok
13:40:50.0335 4568	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:40:50.0366 4568	WmiAcpi - ok
13:40:50.0397 4568	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:40:50.0444 4568	ws2ifsl - ok
13:40:50.0491 4568	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:40:50.0522 4568	WudfPf - ok
13:40:50.0600 4568	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:40:50.0647 4568	WUDFRd - ok
13:40:50.0678 4568	XDva391 - ok
13:40:50.0709 4568	MBR (0x1B8)     (4624822e540ec83cd0819525c65846ba) \Device\Harddisk0\DR0
13:40:51.0395 4568	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:40:51.0395 4568	\Device\Harddisk0\DR0 - detected TDSS File System (1)
13:40:51.0411 4568	Boot (0x1200)   (e4598dd304b5c05e27e3c867efb0eb0c) \Device\Harddisk0\DR0\Partition0
13:40:51.0411 4568	\Device\Harddisk0\DR0\Partition0 - ok
13:40:51.0427 4568	Boot (0x1200)   (046bbd7303f14eb983a3f0c302651470) \Device\Harddisk0\DR0\Partition1
13:40:51.0442 4568	\Device\Harddisk0\DR0\Partition1 - ok
13:40:51.0473 4568	Boot (0x1200)   (376b50b18dd730f4a63e4b8227f4638c) \Device\Harddisk0\DR0\Partition2
13:40:51.0473 4568	\Device\Harddisk0\DR0\Partition2 - ok
13:40:51.0473 4568	============================================================
13:40:51.0473 4568	Scan finished
13:40:51.0473 4568	============================================================
13:40:51.0489 4236	Detected object count: 1
13:40:51.0489 4236	Actual detected object count: 1
13:41:45.0902 4236	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:41:45.0902 4236	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
