Windowsystem aus sichheitsgründen geperrt

filanor · 14.01.2012, 00:55

ich hoffe jetz aber ... jetz muss es stimmen

danke

cosinus · 14.01.2012, 14:07

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {00725d68-069b-4095-9ff1-e7469c0e95df} - C:\Program Files (x86)\Software_Master\prxtbSoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 56 1E 36 2B B6 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {00725d68-069b-4095-9ff1-e7469c0e95df} - C:\Program Files (x86)\Software_Master\prxtbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/sk27211/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&q="
[2010.12.06 18:50:10 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.01.22 23:22:05 | 000,000,000 | ---D | M] (Eazel-DE Community Toolbar) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}
[2011.03.12 23:44:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.23 22:21:57 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
[2011.01.22 01:13:46 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.13 00:56:27 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.01.22 01:13:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com
[2011.01.23 22:28:37 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com
[2011.01.17 14:40:58 | 000,000,909 | ---- | M] () -- C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\conduit.xml
[2011.06.15 13:44:21 | 000,000,950 | ---- | M] () -- C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\icqplugin-1.xml
[2011.02.22 19:55:04 | 000,001,034 | ---- | M] () -- C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\icqplugin.xml
[2011.04.06 18:19:30 | 000,003,915 | ---- | M] () -- C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\SweetIM Search.xml
[2011.03.13 00:56:17 | 000,003,915 | ---- | M] () -- C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\sweetim.xml
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
O2 - BHO: (Software Master Toolbar) - {00725d68-069b-4095-9ff1-e7469c0e95df} - C:\Program Files (x86)\Software_Master\prxtbSoft.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Users\FILANOR\Downloads\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Software Master Toolbar) - {00725d68-069b-4095-9ff1-e7469c0e95df} - C:\Program Files (x86)\Software_Master\prxtbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Software Master Toolbar) - {00725D68-069B-4095-9FF1-E7469C0E95DF} - C:\Program Files (x86)\Software_Master\prxtbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Game Master 1.1 Toolbar) - {7846AE31-BEA2-438A-8F5E-2D899361656C} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKCU..\Run: [Mozilla Firefox] C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.12 12:05:25 | 001,003,520 | R--- | M] (Microsoft Corporation) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.09.12 12:08:36 | 000,000,166 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{78c80b08-9743-11e0-be1e-0025223aa460}\Shell - "" = AutoRun
O33 - MountPoints2\{78c80b08-9743-11e0-be1e-0025223aa460}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2006.09.12 12:05:25 | 001,003,520 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\Shell\setup\command - "" = E:\setup.exe -- [2006.09.20 15:16:48 | 000,253,952 | R--- | M] ()
:Files
C:\Program Files (x86)\facemoods.com
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

filanor · 14.01.2012, 17:11

Code:

ATTFilter

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00725d68-069b-4095-9ff1-e7469c0e95df} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00725d68-069b-4095-9ff1-e7469c0e95df}\ deleted successfully.
C:\Program Files (x86)\Software_Master\prxtbSoft.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ deleted successfully.
C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7846ae31-bea2-438a-8f5e-2d899361656c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7846ae31-bea2-438a-8f5e-2d899361656c}\ deleted successfully.
C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c2db4fe6-8409-45ce-8010-189a7b5cce86} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\ deleted successfully.
C:\Program Files (x86)\NCH\tbNCH.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
C:\Program Files (x86)\softonic-de3\tbsoft.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00725d68-069b-4095-9ff1-e7469c0e95df} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00725d68-069b-4095-9ff1-e7469c0e95df}\ not found.
File C:\Program Files (x86)\Software_Master\prxtbSoft.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ not found.
File C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7846ae31-bea2-438a-8f5e-2d899361656c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7846ae31-bea2-438a-8f5e-2d899361656c}\ not found.
File C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c2db4fe6-8409-45ce-8010-189a7b5cce86} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\ not found.
File C:\Program Files (x86)\NCH\tbNCH.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files (x86)\softonic-de3\tbsoft.dll not found.
Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename
Prefs.js: "NCH Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "moz2-ytff-" removed from browser.search.param.yahoo-fr
Prefs.js: "moz2-ytff-" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://home.sweetim.com" removed from browser.startup.homepage
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
Prefs.js: ffxtlbr@Facemoods.com:1.2.1 removed from extensions.enabledItems
Prefs.js: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "SweetIM Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "hxxp://start.icq.com/sk27211/" removed from browser.startup.homepage
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\searchplugin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\lib folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\searchplugin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\lib folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\searchplugin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\lib folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\defaults folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\content\preferences folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\content\images folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\content folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\components folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com\chrome folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\mozilla\Firefox\Profiles\o4x14hau.default\extensions\ffxtlbr@Facemoods.com folder moved successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\conduit.xml moved successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\SweetIM Search.xml moved successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\searchplugins\sweetim.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00725d68-069b-4095-9ff1-e7469c0e95df}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00725d68-069b-4095-9ff1-e7469c0e95df}\ not found.
File C:\Program Files (x86)\Software_Master\prxtbSoft.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ not found.
File C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7846ae31-bea2-438a-8f5e-2d899361656c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7846ae31-bea2-438a-8f5e-2d899361656c}\ not found.
File C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\ not found.
File C:\Program Files (x86)\NCH\tbNCH.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files (x86)\softonic-de3\tbsoft.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}\ deleted successfully.
C:\Users\FILANOR\Downloads\Free Download Manager\iefdm2.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{00725d68-069b-4095-9ff1-e7469c0e95df} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00725d68-069b-4095-9ff1-e7469c0e95df}\ not found.
File C:\Program Files (x86)\Software_Master\prxtbSoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{51a86bb3-6602-4c85-92a5-130ee4864f13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ not found.
File C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7846ae31-bea2-438a-8f5e-2d899361656c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7846ae31-bea2-438a-8f5e-2d899361656c}\ not found.
File C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c2db4fe6-8409-45ce-8010-189a7b5cce86} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\ not found.
File C:\Program Files (x86)\NCH\tbNCH.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00725D68-069B-4095-9FF1-E7469C0E95DF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00725D68-069B-4095-9FF1-E7469C0E95DF}\ not found.
File C:\Program Files (x86)\Software_Master\prxtbSoft.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{51A86BB3-6602-4C85-92A5-130EE4864F13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}\ not found.
File C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7846AE31-BEA2-438A-8F5E-2D899361656C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7846AE31-BEA2-438A-8F5E-2D899361656C}\ not found.
File C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}\ not found.
File C:\Program Files (x86)\NCH\tbNCH.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\facemoods deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mozilla Firefox deleted successfully.
C:\Users\FILANOR\AppData\Roaming\Mozilla\Firefox\firefox.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78c80b08-9743-11e0-be1e-0025223aa460}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78c80b08-9743-11e0-be1e-0025223aa460}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78c80b08-9743-11e0-be1e-0025223aa460}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78c80b08-9743-11e0-be1e-0025223aa460}\ not found.
File F:\iStudio.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ not found.
File move failed. E:\autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1282973-e42e-11df-8fdc-806e6f6e6963}\ not found.
File move failed. E:\setup.exe scheduled to be moved on reboot.
========== FILES ==========
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh folder moved successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3 folder moved successfully.
C:\Program Files (x86)\facemoods.com\facemoods folder moved successfully.
C:\Program Files (x86)\facemoods.com folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: FILANOR
->Temp folder emptied: 55499836 bytes
->Temporary Internet Files folder emptied: 2408666312 bytes
->Java cache emptied: 53304518 bytes
->FireFox cache emptied: 69430821 bytes
->Google Chrome cache emptied: 11114840 bytes
->Flash cache emptied: 194160 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 1564672 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 235419482 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67966 bytes
RecycleBin emptied: 792 bytes
 
Total Files Cleaned = 2.704,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01142012_170212

Files\Folders moved on Reboot...
File move failed. E:\autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup.exe scheduled to be moved on reboot.
File move failed. C:\Users\FILANOR\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

filanor · 14.01.2012, 17:12

ok danke
gruß

cosinus · 14.01.2012, 17:29

Geht der normale Modus wieder?

filanor · 15.01.2012, 01:46

ok ich probiers antworte aber erst morgen wenn es nich funktioniert hat ... wars das dann schon?
das wär toll
danke gruß

filanor · 15.01.2012, 12:13

so bist jetz funkioniert (10min)
dauert ja bei den trojaner un virus immer ein bisschen
aber es sieht gut aus
bin glücklich 1000 dank
hab ma noch fragen...
sind die viren un trojaner jetz entfernt oder nur unschädlich gemacht
kann ich jetz was auf mein stick ziehn ohne gefahr
is jetzt wieder alles beim alten oder muss ich was beachten
nochma 1000dank
gruß

cosinus · 15.01.2012, 18:07

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

filanor · 18.01.2012, 23:32

Code:

ATTFilter

23:27:33.0558 4120	TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
23:27:33.0636 4120	============================================================
23:27:33.0636 4120	Current date / time: 2012/01/18 23:27:33.0636
23:27:33.0636 4120	SystemInfo:
23:27:33.0636 4120	
23:27:33.0636 4120	OS Version: 6.1.7600 ServicePack: 0.0
23:27:33.0636 4120	Product type: Workstation
23:27:33.0636 4120	ComputerName: FILANOR-PC
23:27:33.0636 4120	UserName: FILANOR
23:27:33.0636 4120	Windows directory: C:\Windows
23:27:33.0636 4120	System windows directory: C:\Windows
23:27:33.0636 4120	Running under WOW64
23:27:33.0636 4120	Processor architecture: Intel x64
23:27:33.0636 4120	Number of processors: 2
23:27:33.0636 4120	Page size: 0x1000
23:27:33.0636 4120	Boot type: Normal boot
23:27:33.0636 4120	============================================================
23:27:35.0027 4120	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
23:27:35.0136 4120	Initialize success
23:28:11.0230 3364	============================================================
23:28:11.0230 3364	Scan started
23:28:11.0230 3364	Mode: Manual; 
23:28:11.0230 3364	============================================================
23:28:11.0714 3364	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:28:11.0730 3364	1394ohci - ok
23:28:11.0761 3364	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:28:11.0761 3364	ACPI - ok
23:28:11.0777 3364	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:28:11.0777 3364	AcpiPmi - ok
23:28:11.0792 3364	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:28:11.0808 3364	adp94xx - ok
23:28:11.0839 3364	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:28:11.0839 3364	adpahci - ok
23:28:11.0855 3364	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:28:11.0871 3364	adpu320 - ok
23:28:11.0902 3364	AFD             (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
23:28:11.0917 3364	AFD - ok
23:28:11.0933 3364	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:28:11.0949 3364	agp440 - ok
23:28:11.0964 3364	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:28:11.0964 3364	aliide - ok
23:28:11.0980 3364	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:28:11.0980 3364	amdide - ok
23:28:11.0996 3364	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:28:11.0996 3364	AmdK8 - ok
23:28:12.0027 3364	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:28:12.0027 3364	AmdPPM - ok
23:28:12.0058 3364	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
23:28:12.0058 3364	amdsata - ok
23:28:12.0089 3364	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:28:12.0089 3364	amdsbs - ok
23:28:12.0105 3364	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
23:28:12.0105 3364	amdxata - ok
23:28:12.0121 3364	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:28:12.0136 3364	AppID - ok
23:28:12.0152 3364	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:28:12.0167 3364	arc - ok
23:28:12.0183 3364	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:28:12.0199 3364	arcsas - ok
23:28:12.0214 3364	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:28:12.0214 3364	AsyncMac - ok
23:28:12.0230 3364	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:28:12.0230 3364	atapi - ok
23:28:12.0261 3364	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
23:28:12.0261 3364	avgntflt - ok
23:28:12.0277 3364	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
23:28:12.0277 3364	avipbb - ok
23:28:12.0324 3364	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:28:12.0324 3364	b06bdrv - ok
23:28:12.0339 3364	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:28:12.0355 3364	b57nd60a - ok
23:28:12.0371 3364	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:28:12.0371 3364	Beep - ok
23:28:12.0402 3364	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:28:12.0402 3364	blbdrive - ok
23:28:12.0433 3364	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:28:12.0449 3364	bowser - ok
23:28:12.0464 3364	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:28:12.0464 3364	BrFiltLo - ok
23:28:12.0480 3364	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:28:12.0480 3364	BrFiltUp - ok
23:28:12.0511 3364	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:28:12.0511 3364	Brserid - ok
23:28:12.0527 3364	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:28:12.0527 3364	BrSerWdm - ok
23:28:12.0542 3364	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:28:12.0558 3364	BrUsbMdm - ok
23:28:12.0558 3364	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:28:12.0574 3364	BrUsbSer - ok
23:28:12.0589 3364	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:28:12.0589 3364	BTHMODEM - ok
23:28:12.0621 3364	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:28:12.0621 3364	cdfs - ok
23:28:12.0636 3364	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:28:12.0652 3364	cdrom - ok
23:28:12.0667 3364	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:28:12.0667 3364	circlass - ok
23:28:12.0699 3364	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:28:12.0699 3364	CLFS - ok
23:28:12.0730 3364	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:28:12.0746 3364	CmBatt - ok
23:28:12.0761 3364	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:28:12.0761 3364	cmdide - ok
23:28:12.0792 3364	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
23:28:12.0792 3364	CNG - ok
23:28:12.0808 3364	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:28:12.0824 3364	Compbatt - ok
23:28:12.0824 3364	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:28:12.0839 3364	CompositeBus - ok
23:28:12.0855 3364	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:28:12.0855 3364	crcdisk - ok
23:28:12.0917 3364	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:28:12.0917 3364	DfsC - ok
23:28:12.0949 3364	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:28:12.0949 3364	discache - ok
23:28:12.0964 3364	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:28:12.0964 3364	Disk - ok
23:28:12.0996 3364	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:28:12.0996 3364	Dot4 - ok
23:28:13.0027 3364	Dot4Print       (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:28:13.0027 3364	Dot4Print - ok
23:28:13.0042 3364	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:28:13.0058 3364	dot4usb - ok
23:28:13.0074 3364	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:28:13.0074 3364	drmkaud - ok
23:28:13.0136 3364	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:28:13.0167 3364	DXGKrnl - ok
23:28:13.0261 3364	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:28:13.0324 3364	ebdrv - ok
23:28:13.0355 3364	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:28:13.0355 3364	elxstor - ok
23:28:13.0371 3364	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:28:13.0386 3364	ErrDev - ok
23:28:13.0417 3364	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:28:13.0433 3364	exfat - ok
23:28:13.0449 3364	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:28:13.0449 3364	fastfat - ok
23:28:13.0480 3364	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:28:13.0480 3364	fdc - ok
23:28:13.0511 3364	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:28:13.0511 3364	FileInfo - ok
23:28:13.0511 3364	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:28:13.0527 3364	Filetrace - ok
23:28:13.0542 3364	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:28:13.0542 3364	flpydisk - ok
23:28:13.0574 3364	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:28:13.0574 3364	FltMgr - ok
23:28:13.0589 3364	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:28:13.0605 3364	FsDepends - ok
23:28:13.0605 3364	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:28:13.0621 3364	Fs_Rec - ok
23:28:13.0636 3364	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:28:13.0636 3364	fvevol - ok
23:28:13.0652 3364	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:28:13.0667 3364	gagp30kx - ok
23:28:13.0683 3364	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:28:13.0699 3364	hcw85cir - ok
23:28:13.0714 3364	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:28:13.0730 3364	HdAudAddService - ok
23:28:13.0746 3364	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:28:13.0746 3364	HDAudBus - ok
23:28:13.0777 3364	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:28:13.0777 3364	HidBatt - ok
23:28:13.0777 3364	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:28:13.0792 3364	HidBth - ok
23:28:13.0808 3364	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:28:13.0808 3364	HidIr - ok
23:28:13.0824 3364	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:28:13.0824 3364	HidUsb - ok
23:28:13.0871 3364	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:28:13.0871 3364	HpSAMD - ok
23:28:13.0902 3364	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:28:13.0902 3364	HTTP - ok
23:28:13.0917 3364	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:28:13.0917 3364	hwpolicy - ok
23:28:13.0933 3364	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:28:13.0949 3364	i8042prt - ok
23:28:13.0980 3364	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
23:28:13.0996 3364	iaStorV - ok
23:28:14.0011 3364	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:28:14.0027 3364	iirsp - ok
23:28:14.0042 3364	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:28:14.0042 3364	intelide - ok
23:28:14.0058 3364	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:28:14.0074 3364	intelppm - ok
23:28:14.0089 3364	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:28:14.0089 3364	IpFilterDriver - ok
23:28:14.0121 3364	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:28:14.0121 3364	IPMIDRV - ok
23:28:14.0136 3364	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:28:14.0136 3364	IPNAT - ok
23:28:14.0152 3364	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:28:14.0152 3364	IRENUM - ok
23:28:14.0167 3364	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:28:14.0167 3364	isapnp - ok
23:28:14.0199 3364	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:28:14.0214 3364	iScsiPrt - ok
23:28:14.0246 3364	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:28:14.0246 3364	kbdclass - ok
23:28:14.0277 3364	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:28:14.0277 3364	kbdhid - ok
23:28:14.0308 3364	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
23:28:14.0308 3364	KSecDD - ok
23:28:14.0339 3364	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
23:28:14.0339 3364	KSecPkg - ok
23:28:14.0355 3364	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:28:14.0355 3364	ksthunk - ok
23:28:14.0433 3364	Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
23:28:14.0433 3364	Lavasoft Kernexplorer - ok
23:28:14.0464 3364	Lbd             (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
23:28:14.0496 3364	Lbd - ok
23:28:14.0527 3364	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:28:14.0527 3364	lltdio - ok
23:28:14.0574 3364	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:28:14.0574 3364	LSI_FC - ok
23:28:14.0605 3364	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:28:14.0605 3364	LSI_SAS - ok
23:28:14.0621 3364	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:28:14.0621 3364	LSI_SAS2 - ok
23:28:14.0636 3364	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:28:14.0636 3364	LSI_SCSI - ok
23:28:14.0652 3364	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:28:14.0652 3364	luafv - ok
23:28:14.0667 3364	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:28:14.0683 3364	megasas - ok
23:28:14.0699 3364	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:28:14.0699 3364	MegaSR - ok
23:28:14.0730 3364	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:28:14.0730 3364	Modem - ok
23:28:14.0746 3364	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:28:14.0746 3364	monitor - ok
23:28:14.0761 3364	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:28:14.0777 3364	mouclass - ok
23:28:14.0792 3364	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:28:14.0792 3364	mouhid - ok
23:28:14.0808 3364	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:28:14.0808 3364	mountmgr - ok
23:28:14.0839 3364	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:28:14.0839 3364	mpio - ok
23:28:14.0855 3364	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:28:14.0871 3364	mpsdrv - ok
23:28:14.0886 3364	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:28:14.0902 3364	MRxDAV - ok
23:28:14.0933 3364	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:28:14.0933 3364	mrxsmb - ok
23:28:14.0964 3364	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:28:14.0980 3364	mrxsmb10 - ok
23:28:14.0996 3364	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:28:14.0996 3364	mrxsmb20 - ok
23:28:15.0011 3364	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:28:15.0011 3364	msahci - ok
23:28:15.0027 3364	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:28:15.0042 3364	msdsm - ok
23:28:15.0058 3364	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:28:15.0058 3364	Msfs - ok
23:28:15.0074 3364	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:28:15.0074 3364	mshidkmdf - ok
23:28:15.0105 3364	MSHUSBVideo     (bb590070d606ae6f008341fc9a7b2ad7) C:\Windows\system32\Drivers\nx6000.sys
23:28:15.0105 3364	MSHUSBVideo - ok
23:28:15.0121 3364	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:28:15.0136 3364	msisadrv - ok
23:28:15.0152 3364	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:28:15.0152 3364	MSKSSRV - ok
23:28:15.0167 3364	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:28:15.0167 3364	MSPCLOCK - ok
23:28:15.0167 3364	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:28:15.0183 3364	MSPQM - ok
23:28:15.0199 3364	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:28:15.0199 3364	MsRPC - ok
23:28:15.0214 3364	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:28:15.0214 3364	mssmbios - ok
23:28:15.0230 3364	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:28:15.0246 3364	MSTEE - ok
23:28:15.0246 3364	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:28:15.0261 3364	MTConfig - ok
23:28:15.0261 3364	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:28:15.0261 3364	Mup - ok
23:28:15.0292 3364	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:28:15.0308 3364	NativeWifiP - ok
23:28:15.0339 3364	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:28:15.0355 3364	NDIS - ok
23:28:15.0371 3364	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:28:15.0371 3364	NdisCap - ok
23:28:15.0386 3364	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:28:15.0402 3364	NdisTapi - ok
23:28:15.0417 3364	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:28:15.0417 3364	Ndisuio - ok
23:28:15.0433 3364	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:28:15.0433 3364	NdisWan - ok
23:28:15.0449 3364	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:28:15.0449 3364	NDProxy - ok
23:28:15.0480 3364	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:28:15.0480 3364	NetBIOS - ok
23:28:15.0496 3364	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:28:15.0496 3364	NetBT - ok
23:28:15.0527 3364	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:28:15.0527 3364	nfrd960 - ok
23:28:15.0558 3364	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:28:15.0558 3364	Npfs - ok
23:28:15.0574 3364	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:28:15.0574 3364	nsiproxy - ok
23:28:15.0621 3364	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
23:28:15.0652 3364	Ntfs - ok
23:28:15.0667 3364	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:28:15.0667 3364	Null - ok
23:28:15.0714 3364	NVENETFD        (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
23:28:15.0714 3364	NVENETFD - ok
23:28:15.0933 3364	nvlddmkm        (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:28:16.0167 3364	nvlddmkm - ok
23:28:16.0214 3364	NVNET           (956a1f47826514c1ea0c295fe13c7377) C:\Windows\system32\DRIVERS\nvmf6264.sys
23:28:16.0214 3364	NVNET - ok
23:28:16.0261 3364	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
23:28:16.0277 3364	nvraid - ok
23:28:16.0292 3364	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
23:28:16.0308 3364	nvstor - ok
23:28:16.0339 3364	nvstor64        (662a129cebb4c0b01f95612a7f6dcc9a) C:\Windows\system32\DRIVERS\nvstor64.sys
23:28:16.0339 3364	nvstor64 - ok
23:28:16.0371 3364	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:28:16.0386 3364	nv_agp - ok
23:28:16.0417 3364	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:28:16.0417 3364	ohci1394 - ok
23:28:16.0464 3364	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:28:16.0464 3364	Parport - ok
23:28:16.0480 3364	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
23:28:16.0480 3364	partmgr - ok
23:28:16.0511 3364	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:28:16.0511 3364	pci - ok
23:28:16.0527 3364	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:28:16.0542 3364	pciide - ok
23:28:16.0574 3364	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:28:16.0589 3364	pcmcia - ok
23:28:16.0605 3364	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:28:16.0605 3364	pcw - ok
23:28:16.0621 3364	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:28:16.0636 3364	PEAUTH - ok
23:28:16.0699 3364	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:28:16.0714 3364	PptpMiniport - ok
23:28:16.0730 3364	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:28:16.0730 3364	Processor - ok
23:28:16.0761 3364	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:28:16.0761 3364	Psched - ok
23:28:16.0792 3364	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:28:16.0839 3364	ql2300 - ok
23:28:16.0855 3364	Scan interrupted by user!
23:28:16.0855 3364	Scan interrupted by user!
23:28:16.0855 3364	Scan interrupted by user!
23:28:16.0855 3364	============================================================
23:28:16.0855 3364	Scan finished
23:28:16.0855 3364	============================================================
23:28:16.0855 4136	Detected object count: 0
23:28:16.0855 4136	Actual detected object count: 0
23:28:50.0886 5104	============================================================
23:28:50.0886 5104	Scan started
23:28:50.0886 5104	Mode: Manual; SigCheck; TDLFS; 
23:28:50.0886 5104	============================================================
23:28:51.0105 5104	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:28:51.0261 5104	1394ohci - ok
23:28:51.0308 5104	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:28:51.0339 5104	ACPI - ok
23:28:51.0355 5104	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:28:51.0480 5104	AcpiPmi - ok
23:28:51.0496 5104	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:28:51.0527 5104	adp94xx - ok
23:28:51.0542 5104	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:28:51.0558 5104	adpahci - ok
23:28:51.0574 5104	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:28:51.0589 5104	adpu320 - ok
23:28:51.0621 5104	AFD             (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
23:28:51.0746 5104	AFD - ok
23:28:51.0792 5104	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:28:51.0808 5104	agp440 - ok
23:28:51.0839 5104	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:28:51.0855 5104	aliide - ok
23:28:51.0871 5104	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:28:51.0886 5104	amdide - ok
23:28:51.0902 5104	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:28:51.0949 5104	AmdK8 - ok
23:28:51.0980 5104	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:28:52.0042 5104	AmdPPM - ok
23:28:52.0089 5104	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
23:28:52.0105 5104	amdsata - ok
23:28:52.0136 5104	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:28:52.0136 5104	amdsbs - ok
23:28:52.0167 5104	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
23:28:52.0167 5104	amdxata - ok
23:28:52.0199 5104	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:28:52.0292 5104	AppID - ok
23:28:52.0339 5104	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:28:52.0355 5104	arc - ok
23:28:52.0371 5104	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:28:52.0386 5104	arcsas - ok
23:28:52.0417 5104	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:28:52.0558 5104	AsyncMac - ok
23:28:52.0558 5104	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:28:52.0574 5104	atapi - ok
23:28:52.0621 5104	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
23:28:52.0683 5104	avgntflt - ok
23:28:52.0699 5104	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
23:28:52.0699 5104	avipbb - ok
23:28:52.0730 5104	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:28:52.0824 5104	b06bdrv - ok
23:28:52.0886 5104	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:28:52.0964 5104	b57nd60a - ok
23:28:52.0996 5104	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:28:53.0042 5104	Beep - ok
23:28:53.0058 5104	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:28:53.0089 5104	blbdrive - ok
23:28:53.0152 5104	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:28:53.0246 5104	bowser - ok
23:28:53.0261 5104	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:28:53.0308 5104	BrFiltLo - ok
23:28:53.0324 5104	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:28:53.0339 5104	BrFiltUp - ok
23:28:53.0386 5104	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:28:53.0449 5104	Brserid - ok
23:28:53.0464 5104	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:28:53.0511 5104	BrSerWdm - ok
23:28:53.0527 5104	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:28:53.0589 5104	BrUsbMdm - ok
23:28:53.0621 5104	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:28:53.0652 5104	BrUsbSer - ok
23:28:53.0667 5104	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:28:53.0714 5104	BTHMODEM - ok
23:28:53.0730 5104	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:28:53.0777 5104	cdfs - ok
23:28:53.0792 5104	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:28:53.0808 5104	cdrom - ok
23:28:53.0855 5104	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:28:53.0886 5104	circlass - ok
23:28:53.0917 5104	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:28:53.0933 5104	CLFS - ok
23:28:53.0964 5104	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:28:53.0980 5104	CmBatt - ok
23:28:53.0996 5104	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:28:54.0011 5104	cmdide - ok
23:28:54.0027 5104	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
23:28:54.0042 5104	CNG - ok
23:28:54.0058 5104	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:28:54.0074 5104	Compbatt - ok
23:28:54.0105 5104	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:28:54.0136 5104	CompositeBus - ok
23:28:54.0167 5104	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:28:54.0167 5104	crcdisk - ok
23:28:54.0214 5104	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:28:54.0261 5104	DfsC - ok
23:28:54.0277 5104	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:28:54.0324 5104	discache - ok
23:28:54.0339 5104	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:28:54.0339 5104	Disk - ok
23:28:54.0386 5104	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:28:54.0402 5104	Dot4 - ok
23:28:54.0433 5104	Dot4Print       (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:28:54.0464 5104	Dot4Print - ok
23:28:54.0480 5104	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:28:54.0511 5104	dot4usb - ok
23:28:54.0527 5104	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:28:54.0558 5104	drmkaud - ok
23:28:54.0605 5104	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:28:54.0636 5104	DXGKrnl - ok
23:28:54.0730 5104	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:28:54.0792 5104	ebdrv - ok
23:28:54.0824 5104	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:28:54.0839 5104	elxstor - ok
23:28:54.0855 5104	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:28:54.0886 5104	ErrDev - ok
23:28:54.0917 5104	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:28:54.0949 5104	exfat - ok
23:28:54.0980 5104	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:28:55.0011 5104	fastfat - ok
23:28:55.0042 5104	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:28:55.0074 5104	fdc - ok
23:28:55.0105 5104	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:28:55.0136 5104	FileInfo - ok
23:28:55.0152 5104	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:28:55.0199 5104	Filetrace - ok
23:28:55.0214 5104	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:28:55.0246 5104	flpydisk - ok
23:28:55.0261 5104	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:28:55.0277 5104	FltMgr - ok
23:28:55.0292 5104	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:28:55.0308 5104	FsDepends - ok
23:28:55.0339 5104	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:28:55.0355 5104	Fs_Rec - ok
23:28:55.0371 5104	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:28:55.0386 5104	fvevol - ok
23:28:55.0402 5104	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:28:55.0417 5104	gagp30kx - ok
23:28:55.0449 5104	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:28:55.0527 5104	hcw85cir - ok
23:28:55.0558 5104	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:28:55.0605 5104	HdAudAddService - ok
23:28:55.0636 5104	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:28:55.0652 5104	HDAudBus - ok
23:28:55.0683 5104	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:28:55.0699 5104	HidBatt - ok
23:28:55.0730 5104	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:28:55.0761 5104	HidBth - ok
23:28:55.0777 5104	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:28:55.0808 5104	HidIr - ok
23:28:55.0855 5104	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:28:55.0871 5104	HidUsb - ok
23:28:55.0917 5104	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:28:55.0933 5104	HpSAMD - ok
23:28:55.0980 5104	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:28:56.0058 5104	HTTP - ok
23:28:56.0074 5104	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:28:56.0074 5104	hwpolicy - ok
23:28:56.0105 5104	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:28:56.0105 5104	i8042prt - ok
23:28:56.0152 5104	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
23:28:56.0167 5104	iaStorV - ok
23:28:56.0183 5104	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:28:56.0199 5104	iirsp - ok
23:28:56.0214 5104	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:28:56.0230 5104	intelide - ok
23:28:56.0261 5104	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:28:56.0292 5104	intelppm - ok
23:28:56.0339 5104	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:28:56.0417 5104	IpFilterDriver - ok
23:28:56.0449 5104	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:28:56.0496 5104	IPMIDRV - ok
23:28:56.0511 5104	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:28:56.0574 5104	IPNAT - ok
23:28:56.0605 5104	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:28:56.0699 5104	IRENUM - ok
23:28:56.0714 5104	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:28:56.0714 5104	isapnp - ok
23:28:56.0761 5104	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:28:56.0792 5104	iScsiPrt - ok
23:28:56.0808 5104	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:28:56.0824 5104	kbdclass - ok
23:28:56.0855 5104	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:28:56.0871 5104	kbdhid - ok
23:28:56.0886 5104	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
23:28:56.0902 5104	KSecDD - ok
23:28:56.0949 5104	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
23:28:56.0980 5104	KSecPkg - ok
23:28:56.0996 5104	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:28:57.0027 5104	ksthunk - ok
23:28:57.0089 5104	Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
23:28:57.0105 5104	Lavasoft Kernexplorer - ok
23:28:57.0136 5104	Lbd             (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
23:28:57.0152 5104	Lbd - ok
23:28:57.0183 5104	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:28:57.0214 5104	lltdio - ok
23:28:57.0246 5104	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:28:57.0246 5104	LSI_FC - ok
23:28:57.0261 5104	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:28:57.0277 5104	LSI_SAS - ok
23:28:57.0308 5104	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:28:57.0324 5104	LSI_SAS2 - ok
23:28:57.0339 5104	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:28:57.0339 5104	LSI_SCSI - ok
23:28:57.0371 5104	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:28:57.0417 5104	luafv - ok
23:28:57.0449 5104	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:28:57.0449 5104	megasas - ok
23:28:57.0480 5104	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:28:57.0480 5104	MegaSR - ok
23:28:57.0511 5104	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:28:57.0542 5104	Modem - ok
23:28:57.0558 5104	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:28:57.0574 5104	monitor - ok
23:28:57.0589 5104	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:28:57.0605 5104	mouclass - ok
23:28:57.0636 5104	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:28:57.0652 5104	mouhid - ok
23:28:57.0667 5104	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:28:57.0683 5104	mountmgr - ok
23:28:57.0699 5104	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:28:57.0699 5104	mpio - ok
23:28:57.0714 5104	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:28:57.0824 5104	mpsdrv - ok
23:28:57.0855 5104	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:28:57.0886 5104	MRxDAV - ok
23:28:57.0917 5104	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:28:57.0980 5104	mrxsmb - ok
23:28:58.0027 5104	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:28:58.0074 5104	mrxsmb10 - ok
23:28:58.0089 5104	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:28:58.0121 5104	mrxsmb20 - ok
23:28:58.0136 5104	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:28:58.0152 5104	msahci - ok
23:28:58.0183 5104	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:28:58.0183 5104	msdsm - ok
23:28:58.0214 5104	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:28:58.0246 5104	Msfs - ok
23:28:58.0261 5104	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:28:58.0308 5104	mshidkmdf - ok
23:28:58.0339 5104	MSHUSBVideo     (bb590070d606ae6f008341fc9a7b2ad7) C:\Windows\system32\Drivers\nx6000.sys
23:28:58.0355 5104	MSHUSBVideo - ok
23:28:58.0386 5104	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:28:58.0402 5104	msisadrv - ok
23:28:58.0433 5104	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:28:58.0480 5104	MSKSSRV - ok
23:28:58.0496 5104	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:28:58.0542 5104	MSPCLOCK - ok
23:28:58.0542 5104	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:28:58.0589 5104	MSPQM - ok
23:28:58.0605 5104	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:28:58.0621 5104	MsRPC - ok
23:28:58.0636 5104	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:28:58.0636 5104	mssmbios - ok
23:28:58.0667 5104	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:28:58.0730 5104	MSTEE - ok
23:28:58.0839 5104	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:28:58.0933 5104	MTConfig - ok
23:28:58.0949 5104	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:28:58.0964 5104	Mup - ok
23:28:58.0996 5104	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:28:59.0027 5104	NativeWifiP - ok
23:28:59.0058 5104	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:28:59.0074 5104	NDIS - ok
23:28:59.0089 5104	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:28:59.0121 5104	NdisCap - ok
23:28:59.0136 5104	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:28:59.0167 5104	NdisTapi - ok
23:28:59.0183 5104	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:28:59.0230 5104	Ndisuio - ok
23:28:59.0261 5104	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:28:59.0308 5104	NdisWan - ok
23:28:59.0324 5104	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:28:59.0355 5104	NDProxy - ok
23:28:59.0386 5104	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:28:59.0417 5104	NetBIOS - ok
23:28:59.0433 5104	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:28:59.0464 5104	NetBT - ok
23:28:59.0496 5104	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:28:59.0496 5104	nfrd960 - ok
23:28:59.0542 5104	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:28:59.0605 5104	Npfs - ok
23:28:59.0621 5104	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:28:59.0652 5104	nsiproxy - ok
23:28:59.0730 5104	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
23:28:59.0808 5104	Ntfs - ok
23:28:59.0839 5104	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:28:59.0871 5104	Null - ok
23:28:59.0902 5104	NVENETFD        (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
23:28:59.0917 5104	NVENETFD - ok
23:29:00.0136 5104	nvlddmkm        (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:29:00.0308 5104	nvlddmkm - ok
23:29:00.0339 5104	NVNET           (956a1f47826514c1ea0c295fe13c7377) C:\Windows\system32\DRIVERS\nvmf6264.sys
23:29:00.0355 5104	NVNET - ok
23:29:00.0386 5104	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
23:29:00.0402 5104	nvraid - ok
23:29:00.0417 5104	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
23:29:00.0433 5104	nvstor - ok
23:29:00.0449 5104	nvstor64        (662a129cebb4c0b01f95612a7f6dcc9a) C:\Windows\system32\DRIVERS\nvstor64.sys
23:29:00.0464 5104	nvstor64 - ok
23:29:00.0496 5104	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:29:00.0496 5104	nv_agp - ok
23:29:00.0511 5104	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:29:00.0542 5104	ohci1394 - ok
23:29:00.0558 5104	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:29:00.0574 5104	Parport - ok
23:29:00.0605 5104	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
23:29:00.0605 5104	partmgr - ok
23:29:00.0636 5104	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:29:00.0636 5104	pci - ok
23:29:00.0652 5104	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:29:00.0652 5104	pciide - ok
23:29:00.0699 5104	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:29:00.0730 5104	pcmcia - ok
23:29:00.0746 5104	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:29:00.0761 5104	pcw - ok
23:29:00.0792 5104	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:29:00.0855 5104	PEAUTH - ok
23:29:00.0902 5104	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:29:00.0949 5104	PptpMiniport - ok
23:29:00.0949 5104	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:29:00.0964 5104	Processor - ok
23:29:01.0011 5104	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:29:01.0074 5104	Psched - ok
23:29:01.0121 5104	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:29:01.0136 5104	ql2300 - ok
23:29:01.0152 5104	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:29:01.0167 5104	ql40xx - ok
23:29:01.0183 5104	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:29:01.0230 5104	QWAVEdrv - ok
23:29:01.0246 5104	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:29:01.0292 5104	RasAcd - ok
23:29:01.0308 5104	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:29:01.0339 5104	RasAgileVpn - ok
23:29:01.0371 5104	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:29:01.0417 5104	Rasl2tp - ok
23:29:01.0433 5104	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:29:01.0480 5104	RasPppoe - ok
23:29:01.0496 5104	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:29:01.0527 5104	RasSstp - ok
23:29:01.0558 5104	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:29:01.0605 5104	rdbss - ok
23:29:01.0621 5104	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:29:01.0636 5104	rdpbus - ok
23:29:01.0652 5104	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:29:01.0699 5104	RDPCDD - ok
23:29:01.0714 5104	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:29:01.0746 5104	RDPENCDD - ok
23:29:01.0761 5104	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:29:01.0792 5104	RDPREFMP - ok
23:29:01.0824 5104	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
23:29:01.0871 5104	RDPWD - ok
23:29:01.0886 5104	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:29:01.0902 5104	rdyboost - ok
23:29:01.0933 5104	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:29:01.0980 5104	rspndr - ok
23:29:02.0027 5104	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
23:29:02.0042 5104	sbp2port - ok
23:29:02.0058 5104	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:29:02.0105 5104	scfilter - ok
23:29:02.0136 5104	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:29:02.0183 5104	secdrv - ok
23:29:02.0214 5104	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:29:02.0230 5104	Serenum - ok
23:29:02.0246 5104	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:29:02.0277 5104	Serial - ok
23:29:02.0292 5104	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:29:02.0308 5104	sermouse - ok
23:29:02.0339 5104	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
23:29:02.0371 5104	sffdisk - ok
23:29:02.0386 5104	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:29:02.0402 5104	sffp_mmc - ok
23:29:02.0417 5104	sffp_sd         (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:29:02.0433 5104	sffp_sd - ok
23:29:02.0449 5104	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:29:02.0464 5104	sfloppy - ok
23:29:02.0527 5104	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:29:02.0527 5104	SiSRaid2 - ok
23:29:02.0542 5104	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:29:02.0558 5104	SiSRaid4 - ok
23:29:02.0574 5104	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:29:02.0621 5104	Smb - ok
23:29:02.0652 5104	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:29:02.0667 5104	spldr - ok
23:29:02.0714 5104	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:29:02.0746 5104	srv - ok
23:29:02.0792 5104	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:29:02.0808 5104	srv2 - ok
23:29:02.0824 5104	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:29:02.0839 5104	srvnet - ok
23:29:02.0886 5104	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:29:02.0902 5104	stexstor - ok
23:29:02.0917 5104	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:29:02.0933 5104	swenum - ok
23:29:03.0011 5104	Tcpip           (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
23:29:03.0089 5104	Tcpip - ok
23:29:03.0121 5104	TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
23:29:03.0152 5104	TCPIP6 - ok
23:29:03.0183 5104	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:29:03.0214 5104	tcpipreg - ok
23:29:03.0230 5104	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:29:03.0261 5104	TDPIPE - ok
23:29:03.0261 5104	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:29:03.0308 5104	TDTCP - ok
23:29:03.0324 5104	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:29:03.0371 5104	tdx - ok
23:29:03.0386 5104	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
23:29:03.0402 5104	TermDD - ok
23:29:03.0433 5104	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:29:03.0464 5104	tssecsrv - ok
23:29:03.0511 5104	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:29:03.0558 5104	tunnel - ok
23:29:03.0589 5104	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:29:03.0589 5104	uagp35 - ok
23:29:03.0621 5104	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:29:03.0667 5104	udfs - ok
23:29:03.0699 5104	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:29:03.0714 5104	uliagpkx - ok
23:29:03.0730 5104	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:29:03.0746 5104	umbus - ok
23:29:03.0761 5104	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:29:03.0777 5104	UmPass - ok
23:29:03.0824 5104	usbaudio        (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
23:29:03.0839 5104	usbaudio - ok
23:29:03.0886 5104	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
23:29:03.0949 5104	usbccgp - ok
23:29:03.0980 5104	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
23:29:04.0027 5104	usbcir - ok
23:29:04.0058 5104	usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
23:29:04.0074 5104	usbehci - ok
23:29:04.0121 5104	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
23:29:04.0183 5104	usbhub - ok
23:29:04.0230 5104	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
23:29:04.0277 5104	usbohci - ok
23:29:04.0308 5104	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:29:04.0324 5104	usbprint - ok
23:29:04.0355 5104	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:29:04.0371 5104	usbscan - ok
23:29:04.0417 5104	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:29:04.0480 5104	USBSTOR - ok
23:29:04.0496 5104	usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
23:29:04.0527 5104	usbuhci - ok
23:29:04.0558 5104	usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
23:29:04.0605 5104	usbvideo - ok
23:29:04.0636 5104	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:29:04.0652 5104	vdrvroot - ok
23:29:04.0667 5104	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:29:04.0683 5104	vga - ok
23:29:04.0714 5104	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:29:04.0746 5104	VgaSave - ok
23:29:04.0761 5104	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
23:29:04.0777 5104	vhdmp - ok
23:29:04.0824 5104	VIAHdAudAddService (7999b714275315da05a2ec3c0f80d9d2) C:\Windows\system32\drivers\viahduaa.sys
23:29:04.0902 5104	VIAHdAudAddService - ok
23:29:04.0933 5104	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
23:29:04.0933 5104	viaide - ok
23:29:04.0996 5104	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
23:29:05.0011 5104	volmgr - ok
23:29:05.0042 5104	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:29:05.0058 5104	volmgrx - ok
23:29:05.0074 5104	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
23:29:05.0089 5104	volsnap - ok
23:29:05.0105 5104	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:29:05.0121 5104	vsmraid - ok
23:29:05.0152 5104	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
23:29:05.0167 5104	vwifibus - ok
23:29:05.0183 5104	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:29:05.0214 5104	WacomPen - ok
23:29:05.0230 5104	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:29:05.0261 5104	WANARP - ok
23:29:05.0261 5104	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:29:05.0292 5104	Wanarpv6 - ok
23:29:05.0324 5104	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:29:05.0339 5104	Wd - ok
23:29:05.0355 5104	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:29:05.0386 5104	Wdf01000 - ok
23:29:05.0417 5104	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:29:05.0433 5104	WfpLwf - ok
23:29:05.0449 5104	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:29:05.0464 5104	WIMMount - ok
23:29:05.0496 5104	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:29:05.0527 5104	WmiAcpi - ok
23:29:05.0558 5104	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:29:05.0589 5104	ws2ifsl - ok
23:29:05.0621 5104	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:29:05.0667 5104	WudfPf - ok
23:29:05.0683 5104	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:29:05.0730 5104	WUDFRd - ok
23:29:05.0746 5104	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:29:05.0824 5104	\Device\Harddisk0\DR0 - ok
23:29:05.0839 5104	Boot (0x1200)   (c8da0d3a58fd606b046c41951422be12) \Device\Harddisk0\DR0\Partition0
23:29:05.0839 5104	\Device\Harddisk0\DR0\Partition0 - ok
23:29:05.0855 5104	Boot (0x1200)   (691321492c20cbaf6e7251efa936d577) \Device\Harddisk0\DR0\Partition1
23:29:05.0855 5104	\Device\Harddisk0\DR0\Partition1 - ok
23:29:05.0855 5104	============================================================
23:29:05.0855 5104	Scan finished
23:29:05.0855 5104	============================================================
23:29:05.0871 4676	Detected object count: 0
23:29:05.0871 4676	Actual detected object count: 0

cosinus · 19.01.2012, 10:19

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

filanor · 20.01.2012, 12:01

Code:

ATTFilter

ComboFix 12-01-19.02 - FILANOR 20.01.2012  11:40:09.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.2047.1068 [GMT 1:00]
ausgeführt von:: c:\users\FILANOR\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Virenschutz *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FILANOR\AppData\Roaming\Adobe\plugs
c:\users\FILANOR\AppData\Roaming\Adobe\shed
c:\windows\iun6002.exe
c:\windows\system32\java.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-20 bis 2012-01-20  ))))))))))))))))))))))))))))))
.
.
2012-01-20 10:44 . 2012-01-20 10:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-19 10:52 . 2012-01-20 09:57	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CB8C37B-44B8-4B30-A971-7C3F7DE9B548}\offreg.dll
2012-01-17 05:57 . 2011-11-21 11:40	8822856	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CB8C37B-44B8-4B30-A971-7C3F7DE9B548}\mpengine.dll
2012-01-15 11:07 . 2011-10-26 05:22	1572864	----a-w-	c:\windows\system32\quartz.dll
2012-01-15 11:07 . 2011-10-26 04:28	1328640	----a-w-	c:\windows\SysWow64\quartz.dll
2012-01-15 11:07 . 2011-10-26 05:22	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-01-15 11:07 . 2011-10-26 04:28	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-01-15 11:07 . 2011-11-17 07:14	1739160	----a-w-	c:\windows\system32\ntdll.dll
2012-01-15 11:07 . 2011-11-17 05:41	1292592	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-01-14 16:02 . 2012-01-14 16:02	--------	d-----w-	C:\_OTL
2012-01-11 12:59 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2012-01-11 12:59 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-01-10 23:01 . 2012-01-10 23:01	--------	d-----w-	c:\program files (x86)\ESET
2012-01-10 22:47 . 2012-01-10 22:47	--------	d-----w-	c:\users\FILANOR\AppData\Roaming\Malwarebytes
2012-01-10 22:47 . 2012-01-10 22:47	--------	d-----w-	c:\programdata\Malwarebytes
2012-01-10 18:11 . 2012-01-10 18:11	--------	d-----w-	c:\windows\Sun
2012-01-09 19:19 . 2012-01-09 19:19	--------	d-----w-	c:\program files (x86)\7-Zip
2012-01-09 15:09 . 2012-01-09 15:12	--------	d-----w-	c:\users\FILANOR\AppData\Roaming\Wise Registry Cleaner
2012-01-09 15:08 . 2012-01-09 15:08	--------	d-----w-	c:\program files (x86)\Wise Registry Cleaner
2012-01-05 15:26 . 2012-01-19 16:21	--------	d-----w-	c:\users\FILANOR\AppData\Roaming\HpUpdate
2012-01-05 15:26 . 2012-01-05 15:26	--------	d-----w-	c:\windows\Hewlett-Packard
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 05:00 . 2011-12-14 22:05	3141632	----a-w-	c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2010-10-30 14:40	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-11-15 08:34 . 2011-05-19 05:02	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-05 05:17 . 2011-12-14 22:04	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-05 04:30 . 2011-12-14 22:04	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-04 01:53 . 2011-12-15 00:31	2309120	----a-w-	c:\windows\system32\jscript9.dll
2011-11-04 01:44 . 2011-12-15 00:31	1390080	----a-w-	c:\windows\system32\wininet.dll
2011-11-04 01:44 . 2011-12-15 00:31	1493504	----a-w-	c:\windows\system32\inetcpl.cpl
2011-11-04 01:34 . 2011-12-15 00:31	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-11-03 22:47 . 2011-12-15 00:31	1798144	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-11-03 22:40 . 2011-12-15 00:31	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-11-03 22:39 . 2011-12-15 00:31	1127424	----a-w-	c:\windows\SysWow64\wininet.dll
2011-11-03 22:31 . 2011-12-15 00:31	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-10-26 05:19 . 2011-12-14 22:05	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-10-22 19:22 . 2010-11-03 22:16	111928	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-10-22 19:22 . 2011-10-22 19:22	2793768	----a-w-	c:\windows\SysWow64\pbsvc.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-12-04 2792448]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-09-21 439536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SweetIM"=c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-09-02 2152152]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - Lavasoft Kernexplorer
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 07:40]
.
2012-01-20 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-05-14 15:24]
.
2012-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 16:18]
.
2012-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 16:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = 
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Alles mit FDM herunterladen - file://c:\users\FILANOR\Downloads\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\users\FILANOR\Downloads\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\users\FILANOR\Downloads\Free Download Manager\dllink.htm
IE: Nach Microsoft &Excel exportieren - d:\msoffi~1\OFFICE11\EXCEL.EXE/3000
IE: Videos mit FDM herunterladen - file://c:\users\FILANOR\Downloads\Free Download Manager\dlfvideo.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\users\FILANOR\Downloads\icq\ICQ7.4\ICQ.exe
LSP: xfire_lsp_9028.dll
TCP: DhcpNameServer = 194.94.192.35
FF - ProfilePath - c:\users\FILANOR\AppData\Roaming\Mozilla\Firefox\Profiles\o4x14hau.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - 
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-AceGain_LiveUpdate - c:\windows\iun6002.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-City Club Casino - c:\casino\City Club Casino\_SetupCasino_6f1101.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2592652925-1170305692-2772238810-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2592652925-1170305692-2772238810-1000\Software\SecuROM\License information*]
"datasecu"=hex:b3,7d,b2,7e,c4,40,70,03,2d,dd,43,2c,d1,af,cc,29,33,1b,1e,4b,db,
   3f,5c,fc,97,37,c9,17,47,28,30,2b,46,e0,62,e2,12,2c,7a,fe,73,49,cb,e9,63,68,\
"rkeysecu"=hex:9b,a0,58,07,e6,38,61,b8,b4,6e,22,8b,31,49,d7,e2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\@–.*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Àà?*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-01-20  11:47:48
ComboFix-quarantined-files.txt  2012-01-20 10:47
.
Vor Suchlauf: 9 Verzeichnis(se), 73.576.259.584 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 73.648.668.672 Bytes frei
.
- - End Of File - - 9414958888EE1A69027F1FC89BE3C96B

filanor · 20.01.2012, 12:02

danke
gruß

cosinus · 20.01.2012, 12:32

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

filanor · 22.01.2012, 12:25

Code:

ATTFilter

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-22 12:18:04
-----------------------------
12:18:04.064    OS Version: Windows x64 6.1.7600 
12:18:04.064    Number of processors: 2 586 0x602
12:18:04.064    ComputerName: FILANOR-PC  UserName: FILANOR
12:18:08.408    Initialize success
12:18:54.432    AVAST engine defs: 12012200
12:19:07.776    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000054
12:19:07.776    Disk 0 Vendor: ST350041 CC38 Size: 476940MB BusType: 3
12:19:07.791    Disk 0 MBR read successfully
12:19:07.791    Disk 0 MBR scan
12:19:07.807    Disk 0 Windows 7 default MBR code
12:19:07.807    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       199900 MB offset 206848
12:19:07.838    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       276938 MB offset 409602048
12:19:07.838    Service scanning
12:19:13.510    Modules scanning
12:19:13.510    Disk 0 trace - called modules:
12:19:13.541    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys 
12:19:13.541    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80029d13d0]
12:19:13.557    3 CLASSPNP.SYS[fffff8800199d43f] -> nt!IofCallDriver -> [0xfffffa8002285e40]
12:19:13.573    5 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\00000054[0xfffffa800228b770]
12:19:15.073    AVAST engine scan C:\Windows
12:19:20.276    AVAST engine scan C:\Windows\system32
12:21:19.385    AVAST engine scan C:\Windows\system32\drivers
12:21:31.588    AVAST engine scan C:\Users\FILANOR
12:21:44.526    Disk 0 MBR has been saved successfully to "C:\Users\FILANOR\Desktop\MBR.dat"
12:21:44.541    The log file has been saved successfully to "C:\Users\FILANOR\Desktop\aswMBR.txt"

cosinus · 23.01.2012, 12:17

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

14.01.2012, 17:29	#20
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windowsystem aus sichheitsgründen geperrt Geht der normale Modus wieder? __________________ Logfiles bitte immer in CODE-Tags posten

Windowsystem aus sichheitsgründen geperrt

Log-Analyse und Auswertung: Windowsystem aus sichheitsgründen geperrt