| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Plötzlich erscheinender ton + falsche google weiterleitungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.02.2012, 09:22
| #1 |
| |  Plötzlich erscheinender ton + falsche google weiterleitung Hallo, ein jahr habe ich meinen pc nun. bisher gabs keine probleme, aber jetzt hat mein pc sich glaube ich was eingefangen  1. in den letzten tag erscheint plötzlich ein ton. hört sich nach werbung auf englisch an in der ein mann und ne frau labern. auch wenn ich alles schließe, wovon dieser ton kommen könnte(firefox,IE,media player etc.), läuft er noch weiter. 2. google zeigt mir zwar die richtigen suchergebnisse an. wenn ich jedoch draufklicke auf einen link, werd ich zu einer falschen seite weitergeleitet. meistens hat sie mit werbung zu tun. ich habe schon alles versucht, um diese probleme zu beheben,(foren durchstöbert, norton und malware programme scannen lassen...) jedoch hat sich nichts getan. ich bitte um hilfe  |
|
09.02.2012, 11:00
| #2 |
| /// Malware-holic   | Plötzlich erscheinender ton + falsche google weiterleitung hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
09.02.2012, 13:40
| #3 |
| | Plötzlich erscheinender ton + falsche google weiterleitung Hallo, habe deine Anleitung befolgt. Das kam dabei raus:
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 09.02.2012 13:08:41 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sang\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 25,44% Memory free 4,00 Gb Paging File | 1,60 Gb Available in Paging File | 40,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 274,95 Gb Free Space | 59,04% Space Free | Partition Type: NTFS Computer Name: SANG-PC | User Name: Sang | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Sang\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe (Advanced Micro Devices, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\SysWOW64\sdiagnhost.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\msdt.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (NAV) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\ccSvcHst.exe (Symantec Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symefa64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ironx64.sys (Symantec Corporation) DRV:64bit: - (ccSet_NAV) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ccsetx64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\symnets.sys (Symantec Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symds64.sys (Symantec Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc) DRV:64bit: - (sscemdm) -- C:\Windows\SysNative\drivers\sscemdm.sys (MCCI Corporation) DRV:64bit: - (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) -- C:\Windows\SysNative\drivers\sscebus.sys (MCCI Corporation) DRV:64bit: - (sscemdfl) -- C:\Windows\SysNative\drivers\sscemdfl.sys (MCCI Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120208.019\ex64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120208.019\eng64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120208.002\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120207.003\BHDrvx64.sys (Symantec Corporation) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 99 0A 95 19 1A CC 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "www.bild.de" FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Windows\system32\config\systemprofile\AppData\Roaming\09005 [2012.02.08 13:43:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2012.02.09 08:53:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.07 19:18:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.19 18:36:12 | 000,000,000 | ---D | M] [2011.05.24 15:12:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sang\AppData\Roaming\mozilla\Extensions [2012.02.07 19:27:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions [2011.11.19 18:36:40 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011.05.26 00:20:38 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.12.26 10:35:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.01.26 14:26:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.06.08 02:08:00 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Sang\AppData\Roaming\mozilla\Firefox\Profiles\mvlyzgc7.default\extensions\vshare@toolbar [2011.05.18 15:18:08 | 000,000,917 | ---- | M] () -- C:\Users\Sang\AppData\Roaming\Mozilla\Firefox\Profiles\mvlyzgc7.default\searchplugins\conduit.xml [2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Sang\AppData\Roaming\Mozilla\Firefox\Profiles\mvlyzgc7.default\searchplugins\startsear.xml [2012.02.07 19:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.07.13 21:55:12 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (VshareComplete) - {08337871-0e50-4031-9110-3bd21ca3c065} - C:\Users\Sang\AppData\Roaming\VshareComplete\64\VshareComplete64.dll (SimplyGen) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.0.28\IPS\IPSBHO.DLL (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sang\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sang\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.62.62 78.42.43.62 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7762E530-932B-4A16-9E26-6E0B561D42BF}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA7FFE6C-3C37-42EB-8C4A-F2E3A0DCD324}: DhcpNameServer = 82.212.62.62 78.42.43.62 192.168.0.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.02.09 09:14:11 | 000,405,624 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symnets.sys [2012.02.09 09:14:10 | 001,092,728 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symefa64.sys [2012.02.09 09:14:10 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symds64.sys [2012.02.09 09:14:09 | 000,738,936 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtsp64.sys [2012.02.09 09:14:09 | 000,190,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ironx64.sys [2012.02.09 09:14:09 | 000,167,048 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ccsetx64.sys [2012.02.09 09:14:09 | 000,037,496 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtspx64.sys [2012.02.09 09:13:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1305000.091 [2012.02.08 23:48:32 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\Malwarebytes [2012.02.08 23:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.08 23:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.02.08 15:21:55 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.02.08 15:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2012.02.08 15:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012.02.08 15:21:10 | 001,084,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymEFA64.sys [2012.02.08 15:21:10 | 000,729,720 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtsp64.sys [2012.02.08 15:21:10 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymDS64.sys [2012.02.08 15:21:10 | 000,401,016 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\symnets.sys [2012.02.08 15:21:10 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtspx64.sys [2012.02.08 15:21:09 | 000,189,560 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\Ironx64.sys [2012.02.08 15:21:08 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\ccSetx64.sys [2012.02.08 15:19:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C [2012.02.08 15:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus [2012.02.08 15:19:04 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus [2012.02.08 13:49:15 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\kock [2012.02.08 13:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2012.02.08 13:35:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64 [2012.02.08 13:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2012.02.08 13:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2012.02.08 13:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2012.02.07 13:20:49 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\UAs [2012.02.07 13:17:43 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\xmldm [2012.02.07 13:17:33 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\Geyf [2012.02.07 13:17:33 | 000,000,000 | ---D | C] -- C:\Users\Sang\AppData\Roaming\Akgio [2012.02.05 23:12:32 | 000,000,000 | ---D | C] -- C:\Users\Sang\Desktop\OP [2012.02.05 23:10:37 | 000,000,000 | ---D | C] -- C:\Users\Sang\Desktop\school [2012.02.05 23:04:27 | 000,000,000 | ---D | C] -- C:\Users\Sang\Desktop\PICS [2012.02.05 23:01:45 | 000,000,000 | ---D | C] -- C:\Users\Sang\Desktop\Ps [2012.01.22 11:27:35 | 000,000,000 | ---D | C] -- C:\Users\Sang\Desktop\RECHNUNGEN [2012.01.13 20:37:31 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.13 20:37:31 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.13 20:37:31 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.13 20:37:31 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.13 20:37:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.13 20:37:31 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.11 15:42:35 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 15:42:35 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 15:42:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 15:42:35 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 15:42:30 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 15:42:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 15:42:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [39 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [39 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Sang\AppData\Roaming\*.tmp files -> C:\Users\Sang\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.09 12:54:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.09 09:14:39 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.02.09 09:14:39 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.02.09 09:14:39 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.02.09 08:57:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.09 08:57:43 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.09 08:52:10 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys [2012.02.09 00:04:44 | 000,004,782 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\VT20111023.023 [2012.02.08 17:03:16 | 001,809,904 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\Cat.DB [2012.02.08 15:21:42 | 000,002,469 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2012.02.07 19:18:52 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.02.07 19:14:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.02.07 13:17:52 | 000,000,032 | ---- | M] () -- C:\Users\Sang\AppData\Roaming\blckdom.res [2012.01.27 05:33:46 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\isolate.ini [39 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [39 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Sang\AppData\Roaming\*.tmp files -> C:\Users\Sang\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.09 09:14:10 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symefa64.cat [2012.02.09 09:14:10 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symnet64.cat [2012.02.09 09:14:10 | 000,003,434 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symefa.inf [2012.02.09 09:14:10 | 000,001,441 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symnet.inf [2012.02.09 09:14:09 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symds64.cat [2012.02.09 09:14:09 | 000,007,468 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ccsetx64.cat [2012.02.09 09:14:09 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtspx64.cat [2012.02.09 09:14:09 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtsp64.cat [2012.02.09 09:14:09 | 000,007,450 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\iron.cat [2012.02.09 09:14:09 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symds.inf [2012.02.09 09:14:09 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtsp64.inf [2012.02.09 09:14:09 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\srtspx64.inf [2012.02.09 09:14:09 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\ccsetx64.inf [2012.02.09 09:14:09 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\iron.inf [2012.02.09 09:13:43 | 000,004,782 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\symvtcer.dat [2012.02.09 09:13:43 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1305000.091\isolate.ini [2012.02.09 00:05:57 | 000,004,782 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\VT20111023.023 [2012.02.08 17:02:47 | 001,809,904 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\Cat.DB [2012.02.08 15:21:55 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.02.08 15:21:55 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.02.08 15:21:42 | 000,002,469 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2012.02.08 15:19:50 | 000,003,433 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymEFA.inf [2012.02.08 15:19:50 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymDS.inf [2012.02.08 15:19:50 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymNet.inf [2012.02.08 15:19:50 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtsp64.inf [2012.02.08 15:19:50 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtspx64.inf [2012.02.08 15:19:50 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\Iron.inf [2012.02.08 15:19:49 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\ccSetx64.inf [2012.02.08 15:19:26 | 000,002,801 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymVTcer.dat [2012.02.08 15:19:24 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\symnet64.cat [2012.02.08 15:19:23 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\ccSetx64.cat [2012.02.08 15:19:23 | 000,007,504 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtspx64.cat [2012.02.08 15:19:23 | 000,007,502 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymEFA64.cat [2012.02.08 15:19:23 | 000,007,500 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\srtsp64.cat [2012.02.08 15:19:23 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\SymDS64.cat [2012.02.08 15:19:23 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\iron.cat [2012.02.08 15:19:22 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301000.01C\isolate.ini [2012.02.07 13:17:52 | 000,000,032 | ---- | C] () -- C:\Users\Sang\AppData\Roaming\blckdom.res [2012.01.12 20:03:33 | 000,053,715 | ---- | C] () -- C:\Users\Sang\Desktop\38251_1335650111329_1233363039_765191_770913_n.jpg [2011.10.10 19:17:10 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.09.01 21:38:34 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2011.05.26 14:34:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.05.24 15:00:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.04.19 21:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.01.04 15:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.01.04 15:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.01.04 15:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.01.04 15:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.01.04 15:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.14 00:24:58 | 000,833,024 | ---- | C] () -- C:\Windows\SysWow64\user.dat [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2012.02.08 13:58:30 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\Akgio [2011.08.07 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\DVDVideoSoft [2011.08.07 21:18:04 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\DVDVideoSoftIEHelpers [2012.02.08 13:52:23 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\Geyf [2012.02.07 13:03:49 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\ICQ [2012.02.08 13:49:15 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\kock [2011.07.20 16:38:49 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\LolClient [2011.07.07 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\Opera [2012.01.12 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\PhotoScape [2011.05.27 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\Samsung [2012.02.07 13:21:36 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\UAs [2011.11.19 18:36:30 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\VshareComplete [2011.05.24 16:39:25 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\Windows Live Writer [2012.02.07 13:21:53 | 000,000,000 | ---D | M] -- C:\Users\Sang\AppData\Roaming\xmldm [2009.07.14 06:08:49 | 000,030,870 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.07.04 16:19:56 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.10.13 23:03:25 | 000,000,000 | ---D | M] -- C:\2a1f2323a3d6c195c413e1 [2012.02.05 23:23:57 | 000,000,000 | ---D | M] -- C:\alaplaya [2011.05.24 14:53:24 | 000,000,000 | ---D | M] -- C:\ATI [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.05.24 14:46:38 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.19 00:25:20 | 000,000,000 | ---D | M] -- C:\f49ca3523201372b27b5579cee [2011.06.10 22:21:37 | 000,000,000 | ---D | M] -- C:\Microgaming [2011.06.05 21:35:40 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.01.02 18:56:41 | 000,000,000 | ---D | M] -- C:\output [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.02.08 15:21:55 | 000,000,000 | R--D | M] -- C:\Program Files [2012.02.09 08:52:09 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.02.09 13:13:22 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.05.24 14:46:38 | 000,000,000 | -HSD | M] -- C:\Programme [2011.05.24 14:46:39 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.07.19 00:50:36 | 000,000,000 | ---D | M] -- C:\Riot Games [2012.02.09 13:11:08 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.07.04 16:19:42 | 000,000,000 | R--D | M] -- C:\Users [2012.02.06 22:15:13 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys [2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys [2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 02:11:24 | 000,858,112 | ---- | M] (Microsoft Corporation) MD5=818E0728A162E1C617796E875BCBA3FD -- C:\Windows\SysWOW64\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2011.11.03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll [2009.07.14 02:16:02 | 000,200,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ndfapi.dll < %USERPROFILE%\*.* > [2012.02.09 13:10:13 | 002,621,440 | -HS- | M] () -- C:\Users\Sang\NTUSER.DAT [2012.02.09 13:10:12 | 000,262,144 | -HS- | M] () -- C:\Users\Sang\ntuser.dat.LOG1 [2011.05.24 14:49:50 | 000,000,000 | -HS- | M] () -- C:\Users\Sang\ntuser.dat.LOG2 [2011.05.24 14:59:14 | 000,065,536 | -HS- | M] () -- C:\Users\Sang\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2011.05.24 14:59:14 | 000,524,288 | -HS- | M] () -- C:\Users\Sang\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2011.05.24 14:59:14 | 000,524,288 | -HS- | M] () -- C:\Users\Sang\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2011.05.24 14:49:51 | 000,000,020 | -HS- | M] () -- C:\Users\Sang\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > ========== Files - Unicode (All) ========== [2012.01.17 09:27:57 | 000,000,988 | ---- | M] ()(C:\Users\Sang\AppData\Local\PMB Filer?pa) -- C:\Users\Sang\AppData\Local\PMB Filer耯pa [2011.11.14 08:55:52 | 000,000,988 | ---- | C] ()(C:\Users\Sang\AppData\Local\PMB Filer?pa) -- C:\Users\Sang\AppData\Local\PMB Filer耯pa ========== Alternate Data Streams ========== @Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:F63A059B @Alternate Data Stream - 24 bytes -> C:\Windows:C6CCCD618BDDE453 < End of report > |
|
09.02.2012, 13:42
| #4 |
| | Plötzlich erscheinender ton + falsche google weiterleitung OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.02.2012 13:08:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sang\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 25,44% Memory free
4,00 Gb Paging File | 1,60 Gb Available in Paging File | 40,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 274,95 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Computer Name: SANG-PC | User Name: Sang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1393C72B-B30C-6F19-256E-44FCB007F364}" = WMV9/VC-1 Video Playback
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{70A3B2EC-C568-4B01-9F44-9F186B6B06F6}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B46238A8-16C7-8E63-4F5A-1D6EF70ACBBB}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8EB9499-B607-3770-67C7-56514666B51C}" = AMD Fuel
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E33AC780-456C-6295-E0F3-10A8D39A09FB}" = AMD Drag and Drop Transcoding
"{ECC840AB-FC9C-4DFA-A26A-C639CDA005BD}" = HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1B1F625D-4AF5-4721-5720-94EB8923A730}" = Catalyst Control Center InstallProxy
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Hilfe
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{73D29183-E068-980B-EC85-DEDA371F7988}" = CCC Help English
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89ADBB8E-8600-D026-9662-84CCB3D9F60A}" = AMD VISION Engine Control Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF82FB45-F415-53A0-A5AE-B6A09A8BEA51}" = Catalyst Control Center Graphics Previews Common
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CloneCD" = CloneCD
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.5.722
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Messenger Plus!" = Messenger Plus! 5
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"NAV" = Norton AntiVirus
"PhotoScape" = PhotoScape
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.10
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.02.2012 03:58:23 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: ws2_32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb4a Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c1da ID des fehlerhaften
Prozesses: 0x17cc Startzeit der fehlerhaften Anwendung: 0x01cce7008ff594b8 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\ws2_32.dll Berichtskennung: d63858b6-52f3-11e1-8602-0025229e2507
Error - 09.02.2012 03:59:35 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: iertutil.dll, Version: 9.0.8112.16440,
Zeitstempel: 0x4eb31664 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00126b4f ID des fehlerhaften
Prozesses: 0x1f54 Startzeit der fehlerhaften Anwendung: 0x01cce700beb1df4d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\iertutil.dll Berichtskennung: 01448013-52f4-11e1-8602-0025229e2507
Error - 09.02.2012 04:06:49 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: ws2_32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb4a Ausnahmecode: 0xc0000005 Fehleroffset: 0x00006af9 ID des fehlerhaften
Prozesses: 0x1674 Startzeit der fehlerhaften Anwendung: 0x01cce701c57dc8aa Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\ws2_32.dll Berichtskennung: 03bd1b49-52f5-11e1-8602-0025229e2507
Error - 09.02.2012 07:56:39 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00020da2 ID des fehlerhaften
Prozesses: 0xdb8 Startzeit der fehlerhaften Anwendung: 0x01cce70438260bcf Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 1f5dd178-5315-11e1-8602-0025229e2507
Error - 09.02.2012 07:56:42 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00020da2 ID des fehlerhaften
Prozesses: 0x1484 Startzeit der fehlerhaften Anwendung: 0x01cce70438db8ad2 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 21822e54-5315-11e1-8602-0025229e2507
Error - 09.02.2012 07:58:05 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: ws2_32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb4a Ausnahmecode: 0xc0000005 Fehleroffset: 0x00006b44 ID des fehlerhaften
Prozesses: 0x1c60 Startzeit der fehlerhaften Anwendung: 0x01cce721fc663905 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\ws2_32.dll Berichtskennung: 52a30f1e-5315-11e1-8602-0025229e2507
Error - 09.02.2012 07:58:06 | Computer Name = Sang-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: ws2_32.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb4a Ausnahmecode: 0xc0000005 Fehleroffset: 0x00006af9 ID des fehlerhaften
Prozesses: 0x1500 Startzeit der fehlerhaften Anwendung: 0x01cce721ed43794a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\ws2_32.dll Berichtskennung: 536ba0f1-5315-11e1-8602-0025229e2507
Error - 09.02.2012 07:58:07 | Computer Name = Sang-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
mDNS_reentrancy (0)
Error - 09.02.2012 07:58:08 | Computer Name = Sang-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1)
!= mDNS_reentrancy (0)
Error - 09.02.2012 08:01:38 | Computer Name = Sang-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Sang\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
[ System Events ]
Error - 08.02.2012 12:01:25 | Computer Name = Sang-PC | Source = DCOM | ID = 10010
Description =
Error - 08.02.2012 17:59:21 | Computer Name = Sang-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?02.?2012 um 22:57:11 unerwartet heruntergefahren.
Error - 08.02.2012 18:15:50 | Computer Name = Sang-PC | Source = DCOM | ID = 10010
Description =
Error - 08.02.2012 19:08:01 | Computer Name = Sang-PC | Source = DCOM | ID = 10010
Description =
Error - 08.02.2012 19:14:29 | Computer Name = Sang-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Media Player-Netzwerkfreigabedienst erreicht.
Error - 08.02.2012 19:14:29 | Computer Name = Sang-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1053
Error - 08.02.2012 20:12:16 | Computer Name = Sang-PC | Source = DCOM | ID = 10010
Description =
Error - 09.02.2012 03:57:46 | Computer Name = Sang-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
Error - 09.02.2012 07:56:08 | Computer Name = Sang-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
Error - 09.02.2012 07:56:28 | Computer Name = Sang-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst MBAMService erreicht.
< End of report >
|
|
09.02.2012, 13:58
| #5 |
| /// Malware-holic | Plötzlich erscheinender ton + falsche google weiterleitungCombofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.02.2012, 20:21
| #6 |
| | Plötzlich erscheinender ton + falsche google weiterleitung hallo, endlich fertig^^ ComboFix 12-02-09.02 - Sang 09.02.2012 19:35:01.4.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2047.681 [GMT 1:00] ausgeführt von:: C:\Users\Sang\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) C:\ProgramData\cfhgbaa.tmp C:\ProgramData\cnrvaaa.tmp C:\ProgramData\dfhgbaa.tmp C:\ProgramData\dnrvaaa.tmp C:\ProgramData\enrvaaa.tmp C:\ProgramData\ffhgbaa.tmp C:\ProgramData\fnrvaaa.tmp C:\ProgramData\gfhgbaa.tmp C:\ProgramData\gnrvaaa.tmp ((((((((((((((((((((((( Dateien erstellt von 2012-01-09 bis 2012-02-09 )))))))))))))))))))))))))))))) 2012-02-09 18:59:58 . 2012-02-09 18:59:58 921 ----a-w- C:\ProgramData\tegebaa.tmp 2012-02-09 18:59:53 . 2012-02-09 18:59:53 862 ----a-w- C:\ProgramData\segebaa.tmp 2012-02-09 18:59:48 . 2012-02-09 18:59:48 805 ----a-w- C:\ProgramData\regebaa.tmp 2012-02-09 18:51:55 . 2012-02-09 18:51:55 -------- d-----w- C:\Users\Gast\AppData\Local\temp 2012-02-09 18:51:55 . 2012-02-09 18:51:55 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-02-09 18:39:05 . 2012-02-09 18:50:37 869 ----a-w- C:\ProgramData\eubocaa.tmp 2012-02-09 18:38:25 . 2012-02-09 18:49:22 809 ----a-w- C:\ProgramData\iubocaa.tmp 2012-02-09 18:38:20 . 2012-02-09 18:51:45 884 ----a-w- C:\ProgramData\hubocaa.tmp 2012-02-09 18:38:15 . 2012-02-09 18:51:31 828 ----a-w- C:\ProgramData\gubocaa.tmp 2012-02-09 18:38:11 . 2012-02-09 18:49:05 830 ----a-w- C:\ProgramData\fubocaa.tmp 2012-02-09 15:35:28 . 2012-02-09 18:34:05 -------- d-----w- C:\Users\Sang\AppData\Local\CrashDumps 2012-02-08 22:48:32 . 2012-02-08 22:48:32 -------- d-----w- C:\Users\Sang\AppData\Roaming\Malwarebytes 2012-02-08 22:47:49 . 2012-02-08 22:47:49 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-08 12:49:15 . 2012-02-08 12:49:15 -------- d-----w- C:\Users\Sang\AppData\Roaming\kock 2012-02-08 12:39:35 . 2012-02-09 15:29:28 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-02-08 12:35:11 . 2012-02-09 15:32:07 -------- d-----w- C:\ProgramData\Norton 2012-02-08 12:12:34 . 2012-01-06 05:15:20 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34DBE80E-FA85-4B3D-9D44-D390822B191A}\mpengine.dll 2012-02-07 18:05:39 . 2011-12-21 07:42:28 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll 2012-02-07 12:20:49 . 2012-02-07 12:21:36 -------- d-----w- C:\Users\Sang\AppData\Roaming\UAs 2012-02-07 12:17:43 . 2012-02-07 12:21:53 -------- d-----w- C:\Users\Sang\AppData\Roaming\xmldm 2012-02-07 12:17:33 . 2012-02-08 12:58:30 -------- d-----w- C:\Users\Sang\AppData\Roaming\Akgio 2012-02-07 12:17:33 . 2012-02-08 12:52:23 -------- d-----w- C:\Users\Sang\AppData\Roaming\Geyf 2012-01-13 19:37:32 . 2011-11-17 07:10:58 340992 ----a-w- C:\Windows\system32\schannel.dll 2012-01-11 14:42:35 . 2011-10-26 05:22:37 366592 ----a-w- C:\Windows\system32\qdvd.dll 2012-01-11 14:42:35 . 2011-10-26 05:22:37 1572864 ----a-w- C:\Windows\system32\quartz.dll 2012-01-11 14:42:35 . 2011-10-26 04:28:26 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 14:42:35 . 2011-10-26 04:28:25 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 14:42:30 . 2011-11-17 07:14:10 1739160 ----a-w- C:\Windows\system32\ntdll.dll 2012-01-11 14:42:30 . 2011-11-17 05:41:38 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 14:42:29 . 2011-11-19 15:07:41 77312 ----a-w- C:\Windows\system32\packager.dll 2012-01-11 14:42:29 . 2011-11-19 14:06:13 67072 ----a-w- C:\Windows\SysWow64\packager.dll . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-02-09 19:07:05 . 2012-02-09 19:00:03 817 ----a-w- C:\ProgramData\uegebaa.tmp 2012-02-09 19:04:22 . 2012-02-09 19:00:44 807 ----a-w- C:\ProgramData\qegebaa.tmp 2012-01-26 23:52:58 . 2011-05-24 14:18:19 279656 ------w- C:\Windows\system32\MpSigStub.exe 2011-11-25 04:04:18 . 2011-11-25 04:04:18 158056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin 2011-11-24 21:23:32 . 2011-11-24 21:23:32 203320 ----a-w- C:\Windows\system32\drivers\ssudmdm.sys 2011-11-24 21:23:28 . 2011-11-24 21:23:28 98616 ----a-w- C:\Windows\system32\drivers\ssudbus.sys 2011-11-24 05:00:47 . 2011-12-14 10:46:44 3141632 ----a-w- C:\Windows\system32\win32k.sys ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. [7] 2010-11-20 12:08:57 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [-] 2009-07-14 01:11:24 . 818E0728A162E1C617796E875BCBA3FD . 858112 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\SysWOW64\user32.dll [7] 2009-07-14 01:11:24 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:39:41 1475072] "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe" [2011-01-05 20:18:58 860472] "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-01-05 20:19:02 3370296] "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-18 23:16:24 3077528] "ICQ"="C:\Program Files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 08:28:16 124480] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2011-10-13 07:27:14 17351304] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 20:11:22 336384] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 10:42:36 2583040] "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 14:14:56 281768] "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 09:44:34 31072] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2011-07-05 16:36:48 421888] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 23:07:38 421736] "CloneCDTray"="C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 22:20:49 57344] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [x] R3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys [x] R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\Windows\system32\DRIVERS\sscebus.sys [x] R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\Windows\system32\DRIVERS\sscemdfl.sys [x] R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\Windows\system32\DRIVERS\sscemdm.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-19 20:18:20 365568] S2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 14:15:04 136360] S3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [x] S3 TFsExDisk;TFsExDisk;C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-04 14:11:16 16392] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [x] --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 ------- Zusätzlicher Suchlauf ------- uLocal Page = C:\Windows\system32\blank.htm uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = C:\Windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Free YouTube to MP3 Converter - C:\Users\Sang\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe TCP: DhcpNameServer = 82.212.62.62 78.42.43.62 192.168.0.1 FF - ProfilePath - C:\Users\Sang\AppData\Roaming\Mozilla\Firefox\Profiles\mvlyzgc7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - Aktuelle Nachrichten - Bild.de FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q= FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false - - - - Entfernte verwaiste Registrierungseinträge - - - - URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file) Wow6432Node-HKU-Default-Run-Firefox helper - C:\Windows\system32\config\systemprofile\AppData\Local\Mozilla\Firefox\firefox.exe WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file) AddRemove-Uninstall_is1 - C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe --------------------- Gesperrte Registrierungsschluessel --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:f8,71,f0,a4,8f,e5,cc,01 [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,20,1f,29,19,b0,05,84,48,b0,2b,4c,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,20,1f,29,19,b0,05,84,48,b0,2b,4c,\ [HKEY_USERS\S-1-5-21-2969947066-941547400-612552705-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (S-1-5-21-2969947066-941547400-612552705-1001) @Denied: (2) (LocalSystem) "Progid"="Microsoft Internet Mail Message WLMail" [HKEY_USERS\S-1-5-21-2969947066-941547400-612552705-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2969947066-941547400-612552705-1001) @Denied: (2) (LocalSystem) "Progid"="Microsoft Internet Mail VCard WLMail" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) ------------------------ Weitere laufende Prozesse ------------------------ C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe ************************************************************************** Zeit der Fertigstellung: 2012-02-09 20:19:38 - PC wurde neu gestartet |
|
09.02.2012, 20:26
| #7 |
| /// Malware-holic | Plötzlich erscheinender ton + falsche google weiterleitung download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.02.2012, 20:46
| #8 |
| | Plötzlich erscheinender ton + falsche google weiterleitung |
|
09.02.2012, 20:49
| #9 |
| | Plötzlich erscheinender ton + falsche google weiterleitung Habe Continue gedrückt, aber der scan lief dann nicht weiter. weiß nicht, ob er schon fertig war |
|
09.02.2012, 20:49
| #10 |
| /// Malware-holic | Plötzlich erscheinender ton + falsche google weiterleitung ich möchte die textdatei. liegt auf c:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.02.2012, 20:51
| #11 |
| | Plötzlich erscheinender ton + falsche google weiterleitung 20:41:59.0293 5648 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57 20:41:59.0460 5648 ============================================================ 20:41:59.0461 5648 Current date / time: 2012/02/09 20:41:59.0460 20:41:59.0461 5648 SystemInfo: 20:41:59.0461 5648 20:41:59.0461 5648 OS Version: 6.1.7600 ServicePack: 0.0 20:41:59.0461 5648 Product type: Workstation 20:41:59.0461 5648 ComputerName: SANG-PC 20:41:59.0462 5648 UserName: Sang 20:41:59.0462 5648 Windows directory: C:\Windows 20:41:59.0462 5648 System windows directory: C:\Windows 20:41:59.0462 5648 Running under WOW64 20:41:59.0462 5648 Processor architecture: Intel x64 20:41:59.0462 5648 Number of processors: 2 20:41:59.0462 5648 Page size: 0x1000 20:41:59.0462 5648 Boot type: Normal boot 20:41:59.0462 5648 ============================================================ 20:42:00.0807 5648 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040 20:42:00.0810 5648 \Device\Harddisk0\DR0: 20:42:00.0816 5648 MBR used 20:42:00.0816 5648 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:42:00.0816 5648 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 20:42:00.0840 5648 Initialize success 20:42:00.0840 5648 ============================================================ 20:42:28.0348 5736 ============================================================ 20:42:28.0348 5736 Scan started 20:42:28.0348 5736 Mode: Manual; SigCheck; TDLFS; 20:42:28.0348 5736 ============================================================ 20:42:31.0885 5736 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 20:42:31.0992 5736 1394ohci - ok 20:42:32.0035 5736 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:42:32.0049 5736 ACPI - ok 20:42:32.0060 5736 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:42:32.0110 5736 AcpiPmi - ok 20:42:32.0144 5736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:42:32.0161 5736 adp94xx - ok 20:42:32.0172 5736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:42:32.0187 5736 adpahci - ok 20:42:32.0210 5736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:42:32.0221 5736 adpu320 - ok 20:42:32.0276 5736 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 20:42:32.0333 5736 AFD - ok 20:42:32.0347 5736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:42:32.0356 5736 agp440 - ok 20:42:32.0368 5736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:42:32.0376 5736 aliide - ok 20:42:32.0431 5736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:42:32.0441 5736 amdide - ok 20:42:32.0466 5736 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 20:42:32.0519 5736 amdiox64 - ok 20:42:32.0542 5736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:42:32.0566 5736 AmdK8 - ok 20:42:32.0762 5736 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys 20:42:33.0028 5736 amdkmdag - ok 20:42:33.0061 5736 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys 20:42:33.0095 5736 amdkmdap - ok 20:42:33.0134 5736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:42:33.0160 5736 AmdPPM - ok 20:42:33.0208 5736 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 20:42:33.0218 5736 amdsata - ok 20:42:33.0240 5736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:42:33.0250 5736 amdsbs - ok 20:42:33.0270 5736 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 20:42:33.0279 5736 amdxata - ok 20:42:33.0319 5736 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:42:33.0419 5736 AppID - ok 20:42:33.0458 5736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:42:33.0470 5736 arc - ok 20:42:33.0479 5736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:42:33.0490 5736 arcsas - ok 20:42:33.0505 5736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:42:33.0674 5736 AsyncMac - ok 20:42:33.0702 5736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:42:33.0709 5736 atapi - ok 20:42:33.0756 5736 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 20:42:33.0817 5736 athr - ok 20:42:33.0856 5736 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys 20:42:33.0865 5736 AtiHDAudioService - ok 20:42:33.0908 5736 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 20:42:33.0916 5736 avgntflt - ok 20:42:33.0945 5736 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 20:42:33.0954 5736 avipbb - ok 20:42:33.0986 5736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:42:34.0022 5736 b06bdrv - ok 20:42:34.0042 5736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:42:34.0074 5736 b57nd60a - ok 20:42:34.0108 5736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:42:34.0143 5736 Beep - ok 20:42:34.0191 5736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:42:34.0220 5736 blbdrive - ok 20:42:34.0265 5736 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:42:34.0325 5736 bowser - ok 20:42:34.0337 5736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:42:34.0367 5736 BrFiltLo - ok 20:42:34.0375 5736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:42:34.0388 5736 BrFiltUp - ok 20:42:34.0421 5736 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:42:34.0466 5736 BridgeMP - ok 20:42:34.0485 5736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:42:34.0510 5736 Brserid - ok 20:42:34.0518 5736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:42:34.0546 5736 BrSerWdm - ok 20:42:34.0564 5736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:42:34.0592 5736 BrUsbMdm - ok 20:42:34.0604 5736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:42:34.0631 5736 BrUsbSer - ok 20:42:34.0649 5736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:42:34.0667 5736 BTHMODEM - ok 20:42:34.0700 5736 catchme - ok 20:42:34.0724 5736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:42:34.0755 5736 cdfs - ok 20:42:34.0780 5736 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:42:34.0800 5736 cdrom - ok 20:42:34.0823 5736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:42:34.0855 5736 circlass - ok 20:42:34.0894 5736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:42:34.0909 5736 CLFS - ok 20:42:34.0958 5736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:42:34.0981 5736 CmBatt - ok 20:42:35.0003 5736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:42:35.0011 5736 cmdide - ok 20:42:35.0036 5736 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 20:42:35.0087 5736 CNG - ok 20:42:35.0108 5736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:42:35.0116 5736 Compbatt - ok 20:42:35.0157 5736 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:42:35.0174 5736 CompositeBus - ok 20:42:35.0185 5736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:42:35.0194 5736 crcdisk - ok 20:42:35.0220 5736 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 20:42:35.0263 5736 CSC - ok 20:42:35.0304 5736 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:42:35.0340 5736 DfsC - ok 20:42:35.0383 5736 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys 20:42:35.0393 5736 dg_ssudbus - ok 20:42:35.0424 5736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:42:35.0459 5736 discache - ok 20:42:35.0504 5736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:42:35.0528 5736 Disk - ok 20:42:35.0582 5736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:42:35.0613 5736 drmkaud - ok 20:42:35.0654 5736 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 20:42:35.0687 5736 DXGKrnl - ok 20:42:35.0760 5736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:42:35.0856 5736 ebdrv - ok 20:42:35.0905 5736 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 20:42:35.0914 5736 ElbyCDFL - ok 20:42:35.0972 5736 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys 20:42:35.0995 5736 ElbyCDIO - ok 20:42:36.0070 5736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:42:36.0109 5736 elxstor - ok 20:42:36.0119 5736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:42:36.0140 5736 ErrDev - ok 20:42:36.0157 5736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:42:36.0189 5736 exfat - ok 20:42:36.0216 5736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:42:36.0259 5736 fastfat - ok 20:42:36.0271 5736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:42:36.0294 5736 fdc - ok 20:42:36.0328 5736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:42:36.0336 5736 FileInfo - ok 20:42:36.0345 5736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:42:36.0391 5736 Filetrace - ok 20:42:36.0402 5736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:42:36.0413 5736 flpydisk - ok 20:42:36.0424 5736 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:42:36.0437 5736 FltMgr - ok 20:42:36.0451 5736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:42:36.0459 5736 FsDepends - ok 20:42:36.0480 5736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 20:42:36.0488 5736 Fs_Rec - ok 20:42:36.0510 5736 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:42:36.0524 5736 fvevol - ok 20:42:36.0558 5736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:42:36.0567 5736 gagp30kx - ok 20:42:36.0591 5736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:42:36.0603 5736 GEARAspiWDM - ok 20:42:36.0622 5736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:42:36.0678 5736 hcw85cir - ok 20:42:36.0732 5736 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 20:42:36.0769 5736 HdAudAddService - ok 20:42:36.0946 5736 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:42:36.0998 5736 HDAudBus - ok 20:42:37.0011 5736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:42:37.0027 5736 HidBatt - ok 20:42:37.0036 5736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:42:37.0061 5736 HidBth - ok 20:42:37.0083 5736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:42:37.0118 5736 HidIr - ok 20:42:37.0148 5736 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:42:37.0207 5736 HidUsb - ok 20:42:37.0243 5736 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:42:37.0254 5736 HpSAMD - ok 20:42:37.0297 5736 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 20:42:37.0325 5736 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning 20:42:37.0325 5736 HTCAND64 - detected UnsignedFile.Multi.Generic (1) 20:42:37.0362 5736 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:42:37.0420 5736 HTTP - ok 20:42:37.0441 5736 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:42:37.0449 5736 hwpolicy - ok 20:42:37.0464 5736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:42:37.0476 5736 i8042prt - ok 20:42:37.0512 5736 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 20:42:37.0528 5736 iaStorV - ok 20:42:37.0548 5736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:42:37.0557 5736 iirsp - ok 20:42:37.0570 5736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:42:37.0579 5736 intelide - ok 20:42:37.0596 5736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:42:37.0669 5736 intelppm - ok 20:42:37.0679 5736 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:42:37.0739 5736 IpFilterDriver - ok 20:42:37.0750 5736 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:42:37.0773 5736 IPMIDRV - ok 20:42:37.0806 5736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:42:37.0850 5736 IPNAT - ok 20:42:37.0887 5736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:42:37.0924 5736 IRENUM - ok 20:42:37.0932 5736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:42:37.0941 5736 isapnp - ok 20:42:37.0966 5736 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:42:37.0978 5736 iScsiPrt - ok 20:42:37.0998 5736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:42:38.0007 5736 kbdclass - ok 20:42:38.0028 5736 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:42:38.0071 5736 kbdhid - ok 20:42:38.0103 5736 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 20:42:38.0115 5736 KSecDD - ok 20:42:38.0132 5736 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 20:42:38.0142 5736 KSecPkg - ok 20:42:38.0152 5736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:42:38.0188 5736 ksthunk - ok 20:42:38.0237 5736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:42:38.0280 5736 lltdio - ok 20:42:38.0314 5736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:42:38.0324 5736 LSI_FC - ok 20:42:38.0343 5736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:42:38.0354 5736 LSI_SAS - ok 20:42:38.0372 5736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:42:38.0380 5736 LSI_SAS2 - ok 20:42:38.0390 5736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:42:38.0400 5736 LSI_SCSI - ok 20:42:38.0412 5736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:42:38.0464 5736 luafv - ok 20:42:38.0475 5736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:42:38.0484 5736 megasas - ok 20:42:38.0511 5736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:42:38.0524 5736 MegaSR - ok 20:42:38.0564 5736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:42:38.0610 5736 Modem - ok 20:42:38.0634 5736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:42:38.0659 5736 monitor - ok 20:42:38.0683 5736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:42:38.0692 5736 mouclass - ok 20:42:38.0709 5736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:42:38.0731 5736 mouhid - ok 20:42:38.0741 5736 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:42:38.0750 5736 mountmgr - ok 20:42:38.0768 5736 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:42:38.0779 5736 mpio - ok 20:42:38.0788 5736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:42:38.0846 5736 mpsdrv - ok 20:42:38.0858 5736 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:42:38.0885 5736 MRxDAV - ok 20:42:38.0914 5736 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:42:38.0935 5736 mrxsmb - ok 20:42:38.0972 5736 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:42:39.0024 5736 mrxsmb10 - ok 20:42:39.0057 5736 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:42:39.0089 5736 mrxsmb20 - ok 20:42:39.0120 5736 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 20:42:39.0129 5736 msahci - ok 20:42:39.0148 5736 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:42:39.0161 5736 msdsm - ok 20:42:39.0183 5736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:42:39.0219 5736 Msfs - ok 20:42:39.0233 5736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:42:39.0283 5736 mshidkmdf - ok 20:42:39.0298 5736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:42:39.0307 5736 msisadrv - ok 20:42:39.0333 5736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:42:39.0373 5736 MSKSSRV - ok 20:42:39.0381 5736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:42:39.0429 5736 MSPCLOCK - ok 20:42:39.0439 5736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:42:39.0479 5736 MSPQM - ok 20:42:39.0501 5736 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:42:39.0516 5736 MsRPC - ok 20:42:39.0530 5736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:42:39.0539 5736 mssmbios - ok 20:42:39.0546 5736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:42:39.0586 5736 MSTEE - ok 20:42:39.0596 5736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:42:39.0614 5736 MTConfig - ok 20:42:39.0623 5736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:42:39.0631 5736 Mup - ok 20:42:39.0655 5736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:42:39.0685 5736 NativeWifiP - ok 20:42:39.0718 5736 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:42:39.0743 5736 NDIS - ok 20:42:39.0757 5736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:42:39.0788 5736 NdisCap - ok 20:42:39.0806 5736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:42:39.0850 5736 NdisTapi - ok 20:42:39.0861 5736 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:42:39.0905 5736 Ndisuio - ok 20:42:39.0916 5736 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:42:39.0966 5736 NdisWan - ok 20:42:39.0975 5736 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:42:40.0023 5736 NDProxy - ok 20:42:40.0040 5736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:42:40.0070 5736 NetBIOS - ok 20:42:40.0081 5736 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:42:40.0136 5736 NetBT - ok 20:42:40.0177 5736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:42:40.0186 5736 nfrd960 - ok 20:42:40.0205 5736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:42:40.0249 5736 Npfs - ok 20:42:40.0259 5736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:42:40.0304 5736 nsiproxy - ok 20:42:40.0350 5736 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 20:42:40.0402 5736 Ntfs - ok 20:42:40.0419 5736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:42:40.0476 5736 Null - ok 20:42:40.0532 5736 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 20:42:40.0560 5736 NVENETFD - ok 20:42:40.0602 5736 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 20:42:40.0629 5736 nvraid - ok 20:42:40.0651 5736 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 20:42:40.0663 5736 nvstor - ok 20:42:40.0750 5736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:42:40.0777 5736 nv_agp - ok 20:42:40.0794 5736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:42:40.0826 5736 ohci1394 - ok 20:42:40.0859 5736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:42:40.0871 5736 Parport - ok 20:42:40.0887 5736 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 20:42:40.0896 5736 partmgr - ok 20:42:40.0909 5736 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:42:40.0919 5736 pci - ok 20:42:40.0959 5736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:42:40.0983 5736 pciide - ok 20:42:41.0002 5736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:42:41.0021 5736 pcmcia - ok 20:42:41.0035 5736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:42:41.0046 5736 pcw - ok 20:42:41.0060 5736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:42:41.0099 5736 PEAUTH - ok 20:42:41.0157 5736 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:42:41.0193 5736 PptpMiniport - ok 20:42:41.0208 5736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:42:41.0238 5736 Processor - ok 20:42:41.0269 5736 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:42:41.0312 5736 Psched - ok 20:42:41.0366 5736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:42:41.0401 5736 ql2300 - ok 20:42:41.0412 5736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:42:41.0421 5736 ql40xx - ok 20:42:41.0434 5736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:42:41.0460 5736 QWAVEdrv - ok 20:42:41.0468 5736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:42:41.0516 5736 RasAcd - ok 20:42:41.0545 5736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:42:41.0582 5736 RasAgileVpn - ok 20:42:41.0597 5736 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:42:41.0632 5736 Rasl2tp - ok 20:42:41.0666 5736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:42:41.0705 5736 RasPppoe - ok 20:42:41.0712 5736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:42:41.0760 5736 RasSstp - ok 20:42:41.0771 5736 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:42:41.0814 5736 rdbss - ok 20:42:41.0835 5736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:42:41.0885 5736 rdpbus - ok 20:42:41.0912 5736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:42:41.0951 5736 RDPCDD - ok 20:42:42.0002 5736 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 20:42:42.0042 5736 RDPDR - ok 20:42:42.0062 5736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:42:42.0092 5736 RDPENCDD - ok 20:42:42.0114 5736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:42:42.0144 5736 RDPREFMP - ok 20:42:42.0165 5736 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 20:42:42.0231 5736 RDPWD - ok 20:42:42.0267 5736 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:42:42.0278 5736 rdyboost - ok 20:42:42.0312 5736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:42:42.0356 5736 rspndr - ok 20:42:42.0378 5736 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 20:42:42.0438 5736 s3cap - ok 20:42:42.0473 5736 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:42:42.0486 5736 sbp2port - ok 20:42:42.0505 5736 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:42:42.0559 5736 scfilter - ok 20:42:42.0622 5736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:42:42.0666 5736 secdrv - ok 20:42:42.0715 5736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:42:42.0726 5736 Serenum - ok 20:42:42.0744 5736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:42:42.0775 5736 Serial - ok 20:42:42.0794 5736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:42:42.0825 5736 sermouse - ok 20:42:42.0865 5736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:42:42.0909 5736 sffdisk - ok 20:42:42.0924 5736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:42:42.0948 5736 sffp_mmc - ok 20:42:42.0957 5736 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:42:42.0977 5736 sffp_sd - ok 20:42:43.0006 5736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:42:43.0039 5736 sfloppy - ok 20:42:43.0081 5736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:42:43.0089 5736 SiSRaid2 - ok 20:42:43.0098 5736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:42:43.0108 5736 SiSRaid4 - ok 20:42:43.0124 5736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:42:43.0179 5736 Smb - ok 20:42:43.0236 5736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:42:43.0245 5736 spldr - ok 20:42:43.0311 5736 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:42:43.0354 5736 srv - ok 20:42:43.0383 5736 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:42:43.0399 5736 srv2 - ok 20:42:43.0416 5736 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:42:43.0439 5736 srvnet - ok 20:42:43.0469 5736 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys 20:42:43.0478 5736 sscebus - ok 20:42:43.0538 5736 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys 20:42:43.0545 5736 sscemdfl - ok 20:42:43.0565 5736 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys 20:42:43.0575 5736 sscemdm - ok 20:42:43.0625 5736 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys 20:42:43.0650 5736 ssudmdm - ok 20:42:43.0671 5736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:42:43.0679 5736 stexstor - ok 20:42:43.0702 5736 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 20:42:43.0710 5736 storflt - ok 20:42:43.0732 5736 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 20:42:43.0741 5736 storvsc - ok 20:42:43.0758 5736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:42:43.0766 5736 swenum - ok 20:42:43.0963 5736 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys 20:42:44.0018 5736 Tcpip - ok 20:42:44.0080 5736 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys 20:42:44.0112 5736 TCPIP6 - ok 20:42:44.0152 5736 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:42:44.0183 5736 tcpipreg - ok 20:42:44.0214 5736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:42:44.0263 5736 TDPIPE - ok 20:42:44.0273 5736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 20:42:44.0319 5736 TDTCP - ok 20:42:44.0328 5736 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:42:44.0362 5736 tdx - ok 20:42:44.0376 5736 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:42:44.0385 5736 TermDD - ok 20:42:44.0434 5736 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys 20:42:44.0455 5736 TFsExDisk - ok 20:42:44.0484 5736 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:42:44.0533 5736 tssecsrv - ok 20:42:44.0561 5736 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:42:44.0618 5736 tunnel - ok 20:42:44.0656 5736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:42:44.0665 5736 uagp35 - ok 20:42:44.0677 5736 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 20:42:44.0715 5736 udfs - ok 20:42:44.0746 5736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:42:44.0755 5736 uliagpkx - ok 20:42:44.0778 5736 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:42:44.0805 5736 umbus - ok 20:42:44.0827 5736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:42:44.0857 5736 UmPass - ok 20:42:44.0888 5736 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 20:42:44.0916 5736 usbccgp - ok 20:42:44.0935 5736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:42:44.0958 5736 usbcir - ok 20:42:44.0982 5736 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 20:42:45.0004 5736 usbehci - ok 20:42:45.0052 5736 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 20:42:45.0097 5736 usbhub - ok 20:42:45.0108 5736 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys 20:42:45.0132 5736 usbohci - ok 20:42:45.0160 5736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:42:45.0173 5736 usbprint - ok 20:42:45.0207 5736 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 20:42:45.0219 5736 usbscan - ok 20:42:45.0250 5736 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:42:45.0288 5736 USBSTOR - ok 20:42:45.0314 5736 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 20:42:45.0325 5736 usbuhci - ok 20:42:45.0381 5736 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 20:42:45.0410 5736 usb_rndisx - ok 20:42:45.0456 5736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:42:45.0463 5736 vdrvroot - ok 20:42:45.0475 5736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:42:45.0489 5736 vga - ok 20:42:45.0498 5736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:42:45.0548 5736 VgaSave - ok 20:42:45.0561 5736 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:42:45.0573 5736 vhdmp - ok 20:42:45.0701 5736 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys 20:42:45.0757 5736 VIAHdAudAddService - ok 20:42:45.0780 5736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:42:45.0792 5736 viaide - ok 20:42:45.0810 5736 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 20:42:45.0822 5736 vmbus - ok 20:42:45.0831 5736 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 20:42:45.0849 5736 VMBusHID - ok 20:42:45.0861 5736 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:42:45.0871 5736 volmgr - ok 20:42:45.0883 5736 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:42:45.0897 5736 volmgrx - ok 20:42:45.0909 5736 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:42:45.0921 5736 volsnap - ok 20:42:45.0938 5736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:42:45.0949 5736 vsmraid - ok 20:42:45.0975 5736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:42:45.0988 5736 vwifibus - ok 20:42:46.0007 5736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:42:46.0022 5736 vwififlt - ok 20:42:46.0035 5736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:42:46.0057 5736 WacomPen - ok 20:42:46.0068 5736 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:42:46.0099 5736 WANARP - ok 20:42:46.0103 5736 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:42:46.0134 5736 Wanarpv6 - ok 20:42:46.0177 5736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:42:46.0186 5736 Wd - ok 20:42:46.0201 5736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:42:46.0220 5736 Wdf01000 - ok 20:42:46.0267 5736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:42:46.0296 5736 WfpLwf - ok 20:42:46.0304 5736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:42:46.0313 5736 WIMMount - ok 20:42:46.0392 5736 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 20:42:46.0414 5736 WinUsb - ok 20:42:46.0424 5736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:42:46.0442 5736 WmiAcpi - ok 20:42:46.0479 5736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:42:46.0554 5736 ws2ifsl - ok 20:42:46.0652 5736 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 20:42:46.0725 5736 WudfPf - ok 20:42:46.0755 5736 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:42:46.0804 5736 WUDFRd - ok 20:42:46.0852 5736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:42:47.0182 5736 \Device\Harddisk0\DR0 - ok 20:42:47.0194 5736 Boot (0x1200) (ad2031107fc4eafcb8b5a51d4dab523a) \Device\Harddisk0\DR0\Partition0 20:42:47.0195 5736 \Device\Harddisk0\DR0\Partition0 - ok 20:42:47.0216 5736 Boot (0x1200) (bfefe8ef619c870d782c98af5e974cd2) \Device\Harddisk0\DR0\Partition1 20:42:47.0217 5736 \Device\Harddisk0\DR0\Partition1 - ok 20:42:47.0219 5736 ============================================================ 20:42:47.0219 5736 Scan finished 20:42:47.0219 5736 ============================================================ 20:42:47.0240 6712 Detected object count: 1 20:42:47.0240 6712 Actual detected object count: 1 20:43:02.0764 6712 HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user 20:43:02.0764 6712 HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:43:12.0107 6860 ============================================================ 20:43:12.0107 6860 Scan started 20:43:12.0107 6860 Mode: Manual; SigCheck; TDLFS; 20:43:12.0107 6860 ============================================================ 20:43:12.0875 6860 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 20:43:12.0918 6860 1394ohci - ok 20:43:12.0946 6860 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:43:12.0960 6860 ACPI - ok 20:43:12.0969 6860 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:43:12.0982 6860 AcpiPmi - ok 20:43:12.0994 6860 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:43:13.0008 6860 adp94xx - ok 20:43:13.0028 6860 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:43:13.0040 6860 adpahci - ok 20:43:13.0066 6860 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:43:13.0076 6860 adpu320 - ok 20:43:13.0108 6860 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 20:43:13.0124 6860 AFD - ok 20:43:13.0132 6860 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:43:13.0140 6860 agp440 - ok 20:43:13.0151 6860 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:43:13.0158 6860 aliide - ok 20:43:13.0170 6860 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:43:13.0178 6860 amdide - ok 20:43:13.0210 6860 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 20:43:13.0218 6860 amdiox64 - ok 20:43:13.0231 6860 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:43:13.0242 6860 AmdK8 - ok 20:43:13.0425 6860 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys 20:43:13.0527 6860 amdkmdag - ok 20:43:13.0560 6860 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys 20:43:13.0576 6860 amdkmdap - ok 20:43:13.0589 6860 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:43:13.0601 6860 AmdPPM - ok 20:43:13.0620 6860 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 20:43:13.0628 6860 amdsata - ok 20:43:13.0650 6860 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:43:13.0661 6860 amdsbs - ok 20:43:13.0681 6860 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 20:43:13.0689 6860 amdxata - ok 20:43:13.0702 6860 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:43:13.0716 6860 AppID - ok 20:43:13.0735 6860 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:43:13.0743 6860 arc - ok 20:43:13.0751 6860 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:43:13.0760 6860 arcsas - ok 20:43:13.0767 6860 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:43:13.0796 6860 AsyncMac - ok 20:43:13.0804 6860 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:43:13.0812 6860 atapi - ok 20:43:13.0868 6860 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 20:43:13.0893 6860 athr - ok 20:43:13.0922 6860 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys 20:43:13.0932 6860 AtiHDAudioService - ok 20:43:13.0962 6860 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 20:43:13.0971 6860 avgntflt - ok 20:43:13.0989 6860 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 20:43:13.0998 6860 avipbb - ok 20:43:14.0019 6860 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:43:14.0036 6860 b06bdrv - ok 20:43:14.0046 6860 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:43:14.0061 6860 b57nd60a - ok 20:43:14.0085 6860 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:43:14.0116 6860 Beep - ok 20:43:14.0128 6860 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:43:14.0140 6860 blbdrive - ok 20:43:14.0175 6860 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:43:14.0212 6860 bowser - ok 20:43:14.0224 6860 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:43:14.0241 6860 BrFiltLo - ok 20:43:14.0249 6860 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:43:14.0261 6860 BrFiltUp - ok 20:43:14.0270 6860 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:43:14.0300 6860 BridgeMP - ok 20:43:14.0329 6860 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:43:14.0343 6860 Brserid - ok 20:43:14.0352 6860 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:43:14.0365 6860 BrSerWdm - ok 20:43:14.0373 6860 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:43:14.0386 6860 BrUsbMdm - ok 20:43:14.0393 6860 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:43:14.0404 6860 BrUsbSer - ok 20:43:14.0426 6860 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:43:14.0440 6860 BTHMODEM - ok 20:43:14.0456 6860 catchme - ok 20:43:14.0479 6860 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:43:14.0510 6860 cdfs - ok 20:43:14.0524 6860 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:43:14.0537 6860 cdrom - ok 20:43:14.0555 6860 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:43:14.0568 6860 circlass - ok 20:43:14.0594 6860 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:43:14.0610 6860 CLFS - ok 20:43:14.0646 6860 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:43:14.0656 6860 CmBatt - ok 20:43:14.0670 6860 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:43:14.0678 6860 cmdide - ok 20:43:14.0702 6860 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 20:43:14.0719 6860 CNG - ok 20:43:14.0727 6860 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:43:14.0736 6860 Compbatt - ok 20:43:14.0756 6860 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:43:14.0769 6860 CompositeBus - ok 20:43:14.0779 6860 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:43:14.0788 6860 crcdisk - ok 20:43:14.0820 6860 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 20:43:14.0852 6860 CSC - ok 20:43:14.0882 6860 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:43:14.0907 6860 DfsC - ok 20:43:14.0939 6860 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys 20:43:14.0947 6860 dg_ssudbus - ok 20:43:14.0958 6860 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:43:14.0987 6860 discache - ok 20:43:15.0003 6860 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:43:15.0011 6860 Disk - ok 20:43:15.0048 6860 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:43:15.0060 6860 drmkaud - ok 20:43:15.0106 6860 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 20:43:15.0146 6860 DXGKrnl - ok 20:43:15.0214 6860 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:43:15.0255 6860 ebdrv - ok 20:43:15.0293 6860 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 20:43:15.0302 6860 ElbyCDFL - ok 20:43:15.0337 6860 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys 20:43:15.0345 6860 ElbyCDIO - ok 20:43:15.0375 6860 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:43:15.0390 6860 elxstor - ok 20:43:15.0399 6860 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:43:15.0409 6860 ErrDev - ok 20:43:15.0426 6860 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:43:15.0458 6860 exfat - ok 20:43:15.0471 6860 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:43:15.0502 6860 fastfat - ok 20:43:15.0512 6860 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:43:15.0523 6860 fdc - ok 20:43:15.0537 6860 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:43:15.0544 6860 FileInfo - ok 20:43:15.0552 6860 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:43:15.0582 6860 Filetrace - ok 20:43:15.0590 6860 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:43:15.0600 6860 flpydisk - ok 20:43:15.0611 6860 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:43:15.0623 6860 FltMgr - ok 20:43:15.0635 6860 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:43:15.0644 6860 FsDepends - ok 20:43:15.0652 6860 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 20:43:15.0660 6860 Fs_Rec - ok 20:43:15.0687 6860 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:43:15.0700 6860 fvevol - ok 20:43:15.0713 6860 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:43:15.0722 6860 gagp30kx - ok 20:43:15.0747 6860 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:43:15.0753 6860 GEARAspiWDM - ok 20:43:15.0777 6860 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:43:15.0787 6860 hcw85cir - ok 20:43:15.0820 6860 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 20:43:15.0834 6860 HdAudAddService - ok 20:43:15.0844 6860 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:43:15.0858 6860 HDAudBus - ok 20:43:15.0866 6860 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:43:15.0875 6860 HidBatt - ok 20:43:15.0884 6860 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:43:15.0897 6860 HidBth - ok 20:43:15.0906 6860 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:43:15.0918 6860 HidIr - ok 20:43:15.0929 6860 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:43:15.0940 6860 HidUsb - ok 20:43:15.0957 6860 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:43:15.0965 6860 HpSAMD - ok 20:43:15.0997 6860 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 20:43:16.0001 6860 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning 20:43:16.0001 6860 HTCAND64 - detected UnsignedFile.Multi.Generic (1) 20:43:16.0027 6860 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:43:16.0063 6860 HTTP - ok 20:43:16.0074 6860 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:43:16.0082 6860 hwpolicy - ok 20:43:16.0097 6860 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:43:16.0108 6860 i8042prt - ok 20:43:16.0148 6860 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 20:43:16.0163 6860 iaStorV - ok 20:43:16.0182 6860 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:43:16.0190 6860 iirsp - ok 20:43:16.0203 6860 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:43:16.0210 6860 intelide - ok 20:43:16.0218 6860 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:43:16.0229 6860 intelppm - ok 20:43:16.0240 6860 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:43:16.0271 6860 IpFilterDriver - ok 20:43:16.0282 6860 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:43:16.0292 6860 IPMIDRV - ok 20:43:16.0317 6860 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:43:16.0347 6860 IPNAT - ok 20:43:16.0357 6860 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:43:16.0372 6860 IRENUM - ok 20:43:16.0379 6860 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:43:16.0387 6860 isapnp - ok 20:43:16.0411 6860 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:43:16.0420 6860 iScsiPrt - ok 20:43:16.0430 6860 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:43:16.0438 6860 kbdclass - ok 20:43:16.0446 6860 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:43:16.0457 6860 kbdhid - ok 20:43:16.0480 6860 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 20:43:16.0489 6860 KSecDD - ok 20:43:16.0509 6860 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 20:43:16.0519 6860 KSecPkg - ok 20:43:16.0534 6860 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:43:16.0563 6860 ksthunk - ok 20:43:16.0581 6860 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:43:16.0611 6860 lltdio - ok 20:43:16.0636 6860 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:43:16.0645 6860 LSI_FC - ok 20:43:16.0654 6860 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:43:16.0663 6860 LSI_SAS - ok 20:43:16.0682 6860 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:43:16.0691 6860 LSI_SAS2 - ok 20:43:16.0700 6860 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:43:16.0708 6860 LSI_SCSI - ok 20:43:16.0717 6860 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:43:16.0748 6860 luafv - ok 20:43:16.0758 6860 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:43:16.0766 6860 megasas - ok 20:43:16.0789 6860 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:43:16.0800 6860 MegaSR - ok 20:43:16.0819 6860 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:43:16.0849 6860 Modem - ok 20:43:16.0858 6860 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:43:16.0871 6860 monitor - ok 20:43:16.0878 6860 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:43:16.0887 6860 mouclass - ok 20:43:16.0895 6860 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:43:16.0906 6860 mouhid - ok 20:43:16.0916 6860 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:43:16.0924 6860 mountmgr - ok 20:43:16.0934 6860 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:43:16.0943 6860 mpio - ok 20:43:16.0952 6860 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:43:16.0982 6860 mpsdrv - ok 20:43:17.0005 6860 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:43:17.0020 6860 MRxDAV - ok 20:43:17.0046 6860 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:43:17.0058 6860 mrxsmb - ok 20:43:17.0093 6860 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:43:17.0106 6860 mrxsmb10 - ok 20:43:17.0124 6860 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:43:17.0134 6860 mrxsmb20 - ok 20:43:17.0153 6860 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 20:43:17.0160 6860 msahci - ok 20:43:17.0169 6860 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:43:17.0178 6860 msdsm - ok 20:43:17.0196 6860 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:43:17.0226 6860 Msfs - ok 20:43:17.0244 6860 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:43:17.0273 6860 mshidkmdf - ok 20:43:17.0288 6860 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:43:17.0294 6860 msisadrv - ok 20:43:17.0308 6860 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:43:17.0337 6860 MSKSSRV - ok 20:43:17.0345 6860 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:43:17.0375 6860 MSPCLOCK - ok 20:43:17.0382 6860 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:43:17.0412 6860 MSPQM - ok 20:43:17.0434 6860 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:43:17.0446 6860 MsRPC - ok 20:43:17.0458 6860 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:43:17.0465 6860 mssmbios - ok 20:43:17.0482 6860 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:43:17.0510 6860 MSTEE - ok 20:43:17.0519 6860 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:43:17.0529 6860 MTConfig - ok 20:43:17.0538 6860 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:43:17.0546 6860 Mup - ok 20:43:17.0560 6860 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:43:17.0577 6860 NativeWifiP - ok 20:43:17.0595 6860 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:43:17.0617 6860 NDIS - ok 20:43:17.0625 6860 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:43:17.0655 6860 NdisCap - ok 20:43:17.0663 6860 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:43:17.0692 6860 NdisTapi - ok 20:43:17.0701 6860 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:43:17.0730 6860 Ndisuio - ok 20:43:17.0740 6860 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:43:17.0771 6860 NdisWan - ok 20:43:17.0779 6860 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:43:17.0809 6860 NDProxy - ok 20:43:17.0818 6860 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:43:17.0846 6860 NetBIOS - ok 20:43:17.0857 6860 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:43:17.0889 6860 NetBT - ok 20:43:17.0921 6860 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:43:17.0929 6860 nfrd960 - ok 20:43:17.0940 6860 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:43:17.0970 6860 Npfs - ok 20:43:17.0980 6860 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:43:18.0010 6860 nsiproxy - ok 20:43:18.0061 6860 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 20:43:18.0090 6860 Ntfs - ok 20:43:18.0098 6860 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:43:18.0127 6860 Null - ok 20:43:18.0166 6860 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 20:43:18.0179 6860 NVENETFD - ok 20:43:18.0213 6860 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 20:43:18.0242 6860 nvraid - ok 20:43:18.0272 6860 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 20:43:18.0288 6860 nvstor - ok 20:43:18.0305 6860 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:43:18.0314 6860 nv_agp - ok 20:43:18.0326 6860 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:43:18.0336 6860 ohci1394 - ok 20:43:18.0370 6860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:43:18.0380 6860 Parport - ok 20:43:18.0389 6860 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 20:43:18.0398 6860 partmgr - ok 20:43:18.0411 6860 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:43:18.0420 6860 pci - ok 20:43:18.0437 6860 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:43:18.0444 6860 pciide - ok 20:43:18.0455 6860 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:43:18.0464 6860 pcmcia - ok 20:43:18.0477 6860 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:43:18.0486 6860 pcw - ok 20:43:18.0500 6860 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:43:18.0536 6860 PEAUTH - ok 20:43:18.0579 6860 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:43:18.0609 6860 PptpMiniport - ok 20:43:18.0629 6860 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:43:18.0640 6860 Processor - ok 20:43:18.0658 6860 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:43:18.0688 6860 Psched - ok 20:43:18.0746 6860 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:43:18.0793 6860 ql2300 - ok 20:43:18.0804 6860 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:43:18.0817 6860 ql40xx - ok 20:43:18.0828 6860 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:43:18.0842 6860 QWAVEdrv - ok 20:43:18.0850 6860 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:43:18.0879 6860 RasAcd - ok 20:43:18.0900 6860 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:43:18.0929 6860 RasAgileVpn - ok 20:43:18.0942 6860 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:43:18.0972 6860 Rasl2tp - ok 20:43:18.0984 6860 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:43:19.0013 6860 RasPppoe - ok 20:43:19.0023 6860 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:43:19.0053 6860 RasSstp - ok 20:43:19.0066 6860 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:43:19.0098 6860 rdbss - ok 20:43:19.0113 6860 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:43:19.0125 6860 rdpbus - ok 20:43:19.0145 6860 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:43:19.0174 6860 RDPCDD - ok 20:43:19.0199 6860 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 20:43:19.0209 6860 RDPDR - ok |
|
09.02.2012, 20:51
| #12 |
| | Plötzlich erscheinender ton + falsche google weiterleitung 20:43:19.0218 6860 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:43:19.0248 6860 RDPENCDD - ok 20:43:19.0269 6860 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:43:19.0297 6860 RDPREFMP - ok 20:43:19.0320 6860 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 20:43:19.0350 6860 RDPWD - ok 20:43:19.0363 6860 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:43:19.0374 6860 rdyboost - ok 20:43:19.0395 6860 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:43:19.0425 6860 rspndr - ok 20:43:19.0445 6860 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 20:43:19.0455 6860 s3cap - ok 20:43:19.0472 6860 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:43:19.0482 6860 sbp2port - ok 20:43:19.0493 6860 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:43:19.0522 6860 scfilter - ok 20:43:19.0544 6860 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:43:19.0574 6860 secdrv - ok 20:43:19.0592 6860 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:43:19.0605 6860 Serenum - ok 20:43:19.0623 6860 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:43:19.0634 6860 Serial - ok 20:43:19.0661 6860 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:43:19.0671 6860 sermouse - ok 20:43:19.0697 6860 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:43:19.0709 6860 sffdisk - ok 20:43:19.0717 6860 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:43:19.0729 6860 sffp_mmc - ok 20:43:19.0738 6860 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:43:19.0750 6860 sffp_sd - ok 20:43:19.0758 6860 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:43:19.0769 6860 sfloppy - ok 20:43:19.0786 6860 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:43:19.0793 6860 SiSRaid2 - ok 20:43:19.0802 6860 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:43:19.0810 6860 SiSRaid4 - ok 20:43:19.0820 6860 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:43:19.0850 6860 Smb - ok 20:43:19.0869 6860 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:43:19.0875 6860 spldr - ok 20:43:19.0921 6860 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:43:19.0935 6860 srv - ok 20:43:19.0959 6860 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:43:19.0973 6860 srv2 - ok 20:43:19.0994 6860 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:43:20.0005 6860 srvnet - ok 20:43:20.0035 6860 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys 20:43:20.0042 6860 sscebus - ok 20:43:20.0065 6860 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys 20:43:20.0071 6860 sscemdfl - ok 20:43:20.0096 6860 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys 20:43:20.0106 6860 sscemdm - ok 20:43:20.0145 6860 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys 20:43:20.0155 6860 ssudmdm - ok 20:43:20.0169 6860 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:43:20.0177 6860 stexstor - ok 20:43:20.0201 6860 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 20:43:20.0208 6860 storflt - ok 20:43:20.0231 6860 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 20:43:20.0239 6860 storvsc - ok 20:43:20.0248 6860 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:43:20.0255 6860 swenum - ok 20:43:20.0343 6860 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys 20:43:20.0386 6860 Tcpip - ok 20:43:20.0428 6860 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys 20:43:20.0460 6860 TCPIP6 - ok 20:43:20.0485 6860 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:43:20.0514 6860 tcpipreg - ok 20:43:20.0535 6860 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:43:20.0564 6860 TDPIPE - ok 20:43:20.0572 6860 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 20:43:20.0603 6860 TDTCP - ok 20:43:20.0613 6860 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:43:20.0643 6860 tdx - ok 20:43:20.0652 6860 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:43:20.0661 6860 TermDD - ok 20:43:20.0688 6860 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys 20:43:20.0695 6860 TFsExDisk - ok 20:43:20.0719 6860 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:43:20.0749 6860 tssecsrv - ok 20:43:20.0758 6860 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:43:20.0790 6860 tunnel - ok 20:43:20.0798 6860 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:43:20.0806 6860 uagp35 - ok 20:43:20.0818 6860 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 20:43:20.0851 6860 udfs - ok 20:43:20.0877 6860 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:43:20.0887 6860 uliagpkx - ok 20:43:20.0896 6860 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:43:20.0907 6860 umbus - ok 20:43:20.0919 6860 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:43:20.0929 6860 UmPass - ok 20:43:20.0964 6860 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 20:43:20.0975 6860 usbccgp - ok 20:43:20.0989 6860 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:43:21.0002 6860 usbcir - ok 20:43:21.0037 6860 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 20:43:21.0046 6860 usbehci - ok 20:43:21.0070 6860 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 20:43:21.0083 6860 usbhub - ok 20:43:21.0091 6860 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys 20:43:21.0101 6860 usbohci - ok 20:43:21.0110 6860 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:43:21.0123 6860 usbprint - ok 20:43:21.0161 6860 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 20:43:21.0174 6860 usbscan - ok 20:43:21.0204 6860 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:43:21.0215 6860 USBSTOR - ok 20:43:21.0236 6860 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 20:43:21.0245 6860 usbuhci - ok 20:43:21.0280 6860 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 20:43:21.0291 6860 usb_rndisx - ok 20:43:21.0321 6860 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:43:21.0329 6860 vdrvroot - ok 20:43:21.0339 6860 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:43:21.0352 6860 vga - ok 20:43:21.0360 6860 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:43:21.0390 6860 VgaSave - ok 20:43:21.0413 6860 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:43:21.0424 6860 vhdmp - ok 20:43:21.0474 6860 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys 20:43:21.0496 6860 VIAHdAudAddService - ok 20:43:21.0512 6860 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:43:21.0520 6860 viaide - ok 20:43:21.0530 6860 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 20:43:21.0540 6860 vmbus - ok 20:43:21.0550 6860 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 20:43:21.0560 6860 VMBusHID - ok 20:43:21.0570 6860 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:43:21.0578 6860 volmgr - ok 20:43:21.0591 6860 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:43:21.0606 6860 volmgrx - ok 20:43:21.0620 6860 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:43:21.0631 6860 volsnap - ok 20:43:21.0662 6860 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:43:21.0671 6860 vsmraid - ok 20:43:21.0696 6860 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:43:21.0708 6860 vwifibus - ok 20:43:21.0750 6860 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:43:21.0786 6860 vwififlt - ok 20:43:21.0803 6860 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:43:21.0818 6860 WacomPen - ok 20:43:21.0827 6860 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:43:21.0857 6860 WANARP - ok 20:43:21.0862 6860 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:43:21.0892 6860 Wanarpv6 - ok 20:43:21.0916 6860 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:43:21.0923 6860 Wd - ok 20:43:21.0942 6860 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:43:21.0958 6860 Wdf01000 - ok 20:43:21.0988 6860 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:43:22.0017 6860 WfpLwf - ok 20:43:22.0025 6860 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:43:22.0033 6860 WIMMount - ok 20:43:22.0080 6860 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 20:43:22.0093 6860 WinUsb - ok 20:43:22.0104 6860 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:43:22.0114 6860 WmiAcpi - ok 20:43:22.0144 6860 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:43:22.0173 6860 ws2ifsl - ok 20:43:22.0194 6860 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 20:43:22.0224 6860 WudfPf - ok 20:43:22.0243 6860 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:43:22.0274 6860 WUDFRd - ok 20:43:22.0294 6860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:43:22.0394 6860 \Device\Harddisk0\DR0 - ok 20:43:22.0402 6860 Boot (0x1200) (ad2031107fc4eafcb8b5a51d4dab523a) \Device\Harddisk0\DR0\Partition0 20:43:22.0404 6860 \Device\Harddisk0\DR0\Partition0 - ok 20:43:22.0437 6860 Boot (0x1200) (bfefe8ef619c870d782c98af5e974cd2) \Device\Harddisk0\DR0\Partition1 20:43:22.0439 6860 \Device\Harddisk0\DR0\Partition1 - ok 20:43:22.0440 6860 ============================================================ 20:43:22.0440 6860 Scan finished 20:43:22.0440 6860 ============================================================ 20:43:22.0465 6432 Detected object count: 1 20:43:22.0465 6432 Actual detected object count: 1 20:43:58.0500 6432 HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user 20:43:58.0500 6432 HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:44:07.0402 3784 ============================================================ 20:44:07.0402 3784 Scan started 20:44:07.0402 3784 Mode: Manual; SigCheck; TDLFS; 20:44:07.0402 3784 ============================================================ 20:44:07.0651 3784 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 20:44:07.0686 3784 1394ohci - ok 20:44:07.0711 3784 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:44:07.0732 3784 ACPI - ok 20:44:07.0741 3784 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:44:07.0754 3784 AcpiPmi - ok 20:44:07.0766 3784 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:44:07.0781 3784 adp94xx - ok 20:44:07.0804 3784 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:44:07.0817 3784 adpahci - ok 20:44:07.0841 3784 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:44:07.0852 3784 adpu320 - ok 20:44:07.0884 3784 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 20:44:07.0900 3784 AFD - ok 20:44:07.0908 3784 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:44:07.0917 3784 agp440 - ok 20:44:07.0927 3784 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:44:07.0935 3784 aliide - ok 20:44:07.0948 3784 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:44:07.0956 3784 amdide - ok 20:44:07.0987 3784 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys 20:44:07.0997 3784 amdiox64 - ok 20:44:08.0007 3784 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:44:08.0018 3784 AmdK8 - ok 20:44:08.0186 3784 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys 20:44:08.0292 3784 amdkmdag - ok 20:44:08.0315 3784 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys 20:44:08.0332 3784 amdkmdap - ok 20:44:08.0344 3784 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:44:08.0355 3784 AmdPPM - ok 20:44:08.0385 3784 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 20:44:08.0393 3784 amdsata - ok 20:44:08.0416 3784 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:44:08.0426 3784 amdsbs - ok 20:44:08.0447 3784 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 20:44:08.0454 3784 amdxata - ok 20:44:08.0466 3784 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:44:08.0481 3784 AppID - ok 20:44:08.0500 3784 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:44:08.0507 3784 arc - ok 20:44:08.0516 3784 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:44:08.0525 3784 arcsas - ok 20:44:08.0533 3784 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:44:08.0562 3784 AsyncMac - ok 20:44:08.0570 3784 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:44:08.0578 3784 atapi - ok 20:44:08.0633 3784 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 20:44:08.0659 3784 athr - ok 20:44:08.0688 3784 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys 20:44:08.0696 3784 AtiHDAudioService - ok 20:44:08.0728 3784 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 20:44:08.0736 3784 avgntflt - ok 20:44:08.0754 3784 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 20:44:08.0762 3784 avipbb - ok 20:44:08.0785 3784 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:44:08.0798 3784 b06bdrv - ok 20:44:08.0810 3784 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:44:08.0825 3784 b57nd60a - ok 20:44:08.0851 3784 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:44:08.0879 3784 Beep - ok 20:44:08.0892 3784 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:44:08.0903 3784 blbdrive - ok 20:44:08.0941 3784 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:44:08.0951 3784 bowser - ok 20:44:08.0960 3784 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:44:08.0972 3784 BrFiltLo - ok 20:44:08.0981 3784 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:44:08.0994 3784 BrFiltUp - ok 20:44:09.0002 3784 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:44:09.0036 3784 BridgeMP - ok 20:44:09.0061 3784 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:44:09.0075 3784 Brserid - ok 20:44:09.0083 3784 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:44:09.0096 3784 BrSerWdm - ok 20:44:09.0103 3784 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:44:09.0116 3784 BrUsbMdm - ok 20:44:09.0124 3784 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:44:09.0135 3784 BrUsbSer - ok 20:44:09.0158 3784 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:44:09.0170 3784 BTHMODEM - ok 20:44:09.0190 3784 catchme - ok 20:44:09.0211 3784 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:44:09.0243 3784 cdfs - ok 20:44:09.0267 3784 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:44:09.0279 3784 cdrom - ok 20:44:09.0298 3784 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:44:09.0311 3784 circlass - ok 20:44:09.0337 3784 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:44:09.0350 3784 CLFS - ok 20:44:09.0377 3784 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:44:09.0388 3784 CmBatt - ok 20:44:09.0413 3784 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:44:09.0420 3784 cmdide - ok 20:44:09.0445 3784 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 20:44:09.0462 3784 CNG - ok 20:44:09.0471 3784 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:44:09.0480 3784 Compbatt - ok 20:44:09.0500 3784 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:44:09.0511 3784 CompositeBus - ok 20:44:09.0522 3784 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:44:09.0530 3784 crcdisk - ok 20:44:09.0563 3784 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 20:44:09.0579 3784 CSC - ok 20:44:09.0614 3784 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:44:09.0624 3784 DfsC - ok 20:44:09.0660 3784 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys 20:44:09.0667 3784 dg_ssudbus - ok 20:44:09.0678 3784 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:44:09.0708 3784 discache - ok 20:44:09.0724 3784 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:44:09.0733 3784 Disk - ok 20:44:09.0769 3784 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:44:09.0781 3784 drmkaud - ok 20:44:09.0819 3784 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 20:44:09.0839 3784 DXGKrnl - ok 20:44:09.0935 3784 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:44:09.0982 3784 ebdrv - ok 20:44:10.0014 3784 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 20:44:10.0022 3784 ElbyCDFL - ok 20:44:10.0058 3784 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys 20:44:10.0066 3784 ElbyCDIO - ok 20:44:10.0096 3784 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:44:10.0111 3784 elxstor - ok 20:44:10.0120 3784 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:44:10.0129 3784 ErrDev - ok 20:44:10.0148 3784 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:44:10.0179 3784 exfat - ok 20:44:10.0204 3784 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:44:10.0235 3784 fastfat - ok 20:44:10.0247 3784 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:44:10.0257 3784 fdc - ok 20:44:10.0271 3784 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:44:10.0280 3784 FileInfo - ok 20:44:10.0288 3784 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:44:10.0318 3784 Filetrace - ok 20:44:10.0325 3784 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:44:10.0336 3784 flpydisk - ok 20:44:10.0347 3784 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:44:10.0359 3784 FltMgr - ok 20:44:10.0373 3784 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:44:10.0381 3784 FsDepends - ok 20:44:10.0389 3784 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 20:44:10.0398 3784 Fs_Rec - ok 20:44:10.0419 3784 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:44:10.0432 3784 fvevol - ok 20:44:10.0457 3784 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:44:10.0464 3784 gagp30kx - ok 20:44:10.0490 3784 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:44:10.0496 3784 GEARAspiWDM - ok 20:44:10.0520 3784 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:44:10.0530 3784 hcw85cir - ok 20:44:10.0562 3784 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 20:44:10.0578 3784 HdAudAddService - ok 20:44:10.0587 3784 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:44:10.0601 3784 HDAudBus - ok 20:44:10.0609 3784 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:44:10.0620 3784 HidBatt - ok 20:44:10.0627 3784 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:44:10.0642 3784 HidBth - ok 20:44:10.0650 3784 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:44:10.0664 3784 HidIr - ok 20:44:10.0674 3784 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:44:10.0684 3784 HidUsb - ok 20:44:10.0700 3784 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:44:10.0708 3784 HpSAMD - ok 20:44:10.0740 3784 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 20:44:10.0745 3784 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning 20:44:10.0745 3784 HTCAND64 - detected UnsignedFile.Multi.Generic (1) 20:44:10.0770 3784 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:44:10.0807 3784 HTTP - ok 20:44:10.0828 3784 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:44:10.0835 3784 hwpolicy - ok 20:44:10.0863 3784 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:44:10.0874 3784 i8042prt - ok 20:44:10.0911 3784 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 20:44:10.0923 3784 iaStorV - ok 20:44:10.0947 3784 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:44:10.0956 3784 iirsp - ok 20:44:10.0969 3784 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:44:10.0977 3784 intelide - ok 20:44:10.0988 3784 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:44:10.0999 3784 intelppm - ok 20:44:11.0009 3784 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:44:11.0041 3784 IpFilterDriver - ok 20:44:11.0052 3784 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:44:11.0063 3784 IPMIDRV - ok 20:44:11.0083 3784 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:44:11.0112 3784 IPNAT - ok 20:44:11.0123 3784 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:44:11.0136 3784 IRENUM - ok 20:44:11.0144 3784 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:44:11.0153 3784 isapnp - ok 20:44:11.0175 3784 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:44:11.0186 3784 iScsiPrt - ok 20:44:11.0195 3784 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:44:11.0203 3784 kbdclass - ok 20:44:11.0210 3784 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:44:11.0221 3784 kbdhid - ok 20:44:11.0246 3784 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 20:44:11.0254 3784 KSecDD - ok 20:44:11.0275 3784 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 20:44:11.0285 3784 KSecPkg - ok 20:44:11.0299 3784 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:44:11.0329 3784 ksthunk - ok 20:44:11.0349 3784 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:44:11.0377 3784 lltdio - ok 20:44:11.0402 3784 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:44:11.0411 3784 LSI_FC - ok 20:44:11.0420 3784 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:44:11.0430 3784 LSI_SAS - ok 20:44:11.0448 3784 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:44:11.0456 3784 LSI_SAS2 - ok 20:44:11.0464 3784 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:44:11.0475 3784 LSI_SCSI - ok 20:44:11.0484 3784 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:44:11.0514 3784 luafv - ok 20:44:11.0525 3784 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:44:11.0534 3784 megasas - ok 20:44:11.0554 3784 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:44:11.0565 3784 MegaSR - ok 20:44:11.0584 3784 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:44:11.0614 3784 Modem - ok 20:44:11.0623 3784 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:44:11.0635 3784 monitor - ok 20:44:11.0642 3784 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:44:11.0652 3784 mouclass - ok 20:44:11.0660 3784 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:44:11.0670 3784 mouhid - ok 20:44:11.0680 3784 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:44:11.0688 3784 mountmgr - ok 20:44:11.0710 3784 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:44:11.0720 3784 mpio - ok 20:44:11.0730 3784 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:44:11.0760 3784 mpsdrv - ok 20:44:11.0773 3784 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:44:11.0789 3784 MRxDAV - ok 20:44:11.0823 3784 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:44:11.0835 3784 mrxsmb - ok 20:44:11.0870 3784 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:44:11.0882 3784 mrxsmb10 - ok 20:44:11.0900 3784 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:44:11.0911 3784 mrxsmb20 - ok 20:44:11.0929 3784 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 20:44:11.0937 3784 msahci - ok 20:44:11.0946 3784 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:44:11.0957 3784 msdsm - ok 20:44:11.0972 3784 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:44:12.0001 3784 Msfs - ok 20:44:12.0020 3784 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:44:12.0050 3784 mshidkmdf - ok 20:44:12.0064 3784 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:44:12.0071 3784 msisadrv - ok 20:44:12.0083 3784 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:44:12.0113 3784 MSKSSRV - ok 20:44:12.0121 3784 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:44:12.0151 3784 MSPCLOCK - ok 20:44:12.0159 3784 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:44:12.0188 3784 MSPQM - ok 20:44:12.0210 3784 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:44:12.0223 3784 MsRPC - ok 20:44:12.0234 3784 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:44:12.0242 3784 mssmbios - ok 20:44:12.0258 3784 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:44:12.0288 3784 MSTEE - ok 20:44:12.0295 3784 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:44:12.0306 3784 MTConfig - ok 20:44:12.0314 3784 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:44:12.0323 3784 Mup - ok 20:44:12.0336 3784 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:44:12.0356 3784 NativeWifiP - ok 20:44:12.0375 3784 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:44:12.0396 3784 NDIS - ok 20:44:12.0405 3784 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:44:12.0435 3784 NdisCap - ok 20:44:12.0443 3784 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:44:12.0474 3784 NdisTapi - ok 20:44:12.0482 3784 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:44:12.0511 3784 Ndisuio - ok 20:44:12.0521 3784 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:44:12.0552 3784 NdisWan - ok 20:44:12.0561 3784 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:44:12.0591 3784 NDProxy - ok 20:44:12.0602 3784 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:44:12.0632 3784 NetBIOS - ok 20:44:12.0643 3784 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:44:12.0676 3784 NetBT - ok 20:44:12.0698 3784 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:44:12.0706 3784 nfrd960 - ok 20:44:12.0716 3784 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:44:12.0747 3784 Npfs - ok 20:44:12.0758 3784 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:44:12.0788 3784 nsiproxy - ok 20:44:12.0837 3784 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 20:44:12.0868 3784 Ntfs - ok 20:44:12.0876 3784 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:44:12.0907 3784 Null - ok 20:44:12.0941 3784 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 20:44:12.0963 3784 NVENETFD - ok 20:44:13.0000 3784 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 20:44:13.0009 3784 nvraid - ok 20:44:13.0037 3784 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 20:44:13.0046 3784 nvstor - ok 20:44:13.0060 3784 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:44:13.0069 3784 nv_agp - ok 20:44:13.0081 3784 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:44:13.0091 3784 ohci1394 - ok 20:44:13.0124 3784 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:44:13.0135 3784 Parport - ok 20:44:13.0144 3784 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 20:44:13.0154 3784 partmgr - ok 20:44:13.0166 3784 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:44:13.0177 3784 pci - ok 20:44:13.0191 3784 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:44:13.0199 3784 pciide - ok 20:44:13.0208 3784 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:44:13.0219 3784 pcmcia - ok 20:44:13.0232 3784 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:44:13.0240 3784 pcw - ok 20:44:13.0254 3784 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:44:13.0290 3784 PEAUTH - ok 20:44:13.0332 3784 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:44:13.0363 3784 PptpMiniport - ok 20:44:13.0384 3784 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:44:13.0394 3784 Processor - ok 20:44:13.0413 3784 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:44:13.0443 3784 Psched - ok 20:44:13.0487 3784 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:44:13.0514 3784 ql2300 - ok 20:44:13.0523 3784 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:44:13.0533 3784 ql40xx - ok 20:44:13.0543 3784 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:44:13.0559 3784 QWAVEdrv - ok 20:44:13.0568 3784 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:44:13.0596 3784 RasAcd - ok 20:44:13.0610 3784 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:44:13.0639 3784 RasAgileVpn - ok 20:44:13.0651 3784 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:44:13.0683 3784 Rasl2tp - ok 20:44:13.0694 3784 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:44:13.0725 3784 RasPppoe - ok 20:44:13.0734 3784 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:44:13.0764 3784 RasSstp - ok 20:44:13.0776 3784 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:44:13.0807 3784 rdbss - ok 20:44:13.0823 3784 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:44:13.0834 3784 rdpbus - ok 20:44:13.0854 3784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:44:13.0884 3784 RDPCDD - ok 20:44:13.0908 3784 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 20:44:13.0919 3784 RDPDR - ok 20:44:13.0928 3784 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:44:13.0958 3784 RDPENCDD - ok 20:44:13.0979 3784 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:44:14.0007 3784 RDPREFMP - ok 20:44:14.0030 3784 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 20:44:14.0060 3784 RDPWD - ok 20:44:14.0073 3784 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:44:14.0083 3784 rdyboost - ok 20:44:14.0105 3784 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:44:14.0135 3784 rspndr - ok 20:44:14.0155 3784 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 20:44:14.0165 3784 s3cap - ok 20:44:14.0182 3784 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:44:14.0191 3784 sbp2port - ok 20:44:14.0203 3784 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:44:14.0232 3784 scfilter - ok 20:44:14.0253 3784 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:44:14.0284 3784 secdrv - ok 20:44:14.0302 3784 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:44:14.0312 3784 Serenum - ok 20:44:14.0333 3784 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:44:14.0344 3784 Serial - ok 20:44:14.0371 3784 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:44:14.0381 3784 sermouse - ok 20:44:14.0408 3784 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:44:14.0420 3784 sffdisk - ok 20:44:14.0429 3784 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:44:14.0441 3784 sffp_mmc - ok 20:44:14.0450 3784 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:44:14.0461 3784 sffp_sd - ok 20:44:14.0470 3784 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:44:14.0481 3784 sfloppy - ok 20:44:14.0495 3784 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:44:14.0502 3784 SiSRaid2 - ok 20:44:14.0511 3784 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:44:14.0520 3784 SiSRaid4 - ok 20:44:14.0529 3784 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:44:14.0559 3784 Smb - ok 20:44:14.0579 3784 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:44:14.0587 3784 spldr - ok 20:44:14.0631 3784 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:44:14.0646 3784 srv - ok 20:44:14.0670 3784 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:44:14.0684 3784 srv2 - ok 20:44:14.0705 3784 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:44:14.0715 3784 srvnet - ok 20:44:14.0745 3784 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys 20:44:14.0753 3784 sscebus - ok 20:44:14.0775 3784 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys 20:44:14.0782 3784 sscemdfl - ok 20:44:14.0796 3784 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys 20:44:14.0805 3784 sscemdm - ok 20:44:14.0845 3784 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys 20:44:14.0855 3784 ssudmdm - ok 20:44:14.0870 3784 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:44:14.0879 3784 stexstor - ok 20:44:14.0900 3784 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 20:44:14.0908 3784 storflt - ok 20:44:14.0931 3784 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 20:44:14.0938 3784 storvsc - ok 20:44:14.0957 3784 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:44:14.0963 3784 swenum - ok 20:44:15.0053 3784 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys 20:44:15.0098 3784 Tcpip - ok 20:44:15.0139 3784 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys 20:44:15.0171 3784 TCPIP6 - ok 20:44:15.0194 3784 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:44:15.0224 3784 tcpipreg - ok 20:44:15.0246 3784 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:44:15.0275 3784 TDPIPE - ok 20:44:15.0284 3784 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 20:44:15.0313 3784 TDTCP - ok 20:44:15.0321 3784 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:44:15.0351 3784 tdx - ok 20:44:15.0360 3784 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:44:15.0370 3784 TermDD - ok 20:44:15.0399 3784 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys 20:44:15.0406 3784 TFsExDisk - ok 20:44:15.0426 3784 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:44:15.0457 3784 tssecsrv - ok 20:44:15.0465 3784 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:44:15.0498 3784 tunnel - ok 20:44:15.0506 3784 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:44:15.0515 3784 uagp35 - ok 20:44:15.0527 3784 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 20:44:15.0559 3784 udfs - ok 20:44:15.0588 3784 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:44:15.0597 3784 uliagpkx - ok 20:44:15.0605 3784 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:44:15.0616 3784 umbus - ok 20:44:15.0630 3784 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:44:15.0640 3784 UmPass - ok 20:44:15.0675 3784 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 20:44:15.0686 3784 usbccgp - ok 20:44:15.0711 3784 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:44:15.0724 3784 usbcir - ok 20:44:15.0758 3784 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 20:44:15.0768 3784 usbehci - ok 20:44:15.0791 3784 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 20:44:15.0805 3784 usbhub - ok 20:44:15.0814 3784 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys 20:44:15.0824 3784 usbohci - ok 20:44:15.0832 3784 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:44:15.0844 3784 usbprint - ok 20:44:15.0872 3784 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 20:44:15.0884 3784 usbscan - ok 20:44:15.0926 3784 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:44:15.0938 3784 USBSTOR - ok 20:44:15.0979 3784 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 20:44:15.0989 3784 usbuhci - ok 20:44:16.0024 3784 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 20:44:16.0057 3784 usb_rndisx - ok 20:44:16.0076 3784 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:44:16.0086 3784 vdrvroot - ok 20:44:16.0097 3784 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:44:16.0110 3784 vga - ok 20:44:16.0118 3784 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:44:16.0147 3784 VgaSave - ok 20:44:16.0167 3784 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:44:16.0180 3784 vhdmp - ok 20:44:16.0218 3784 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys 20:44:16.0240 3784 VIAHdAudAddService - ok 20:44:16.0256 3784 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:44:16.0263 3784 viaide - ok 20:44:16.0274 3784 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 20:44:16.0286 3784 vmbus - ok 20:44:16.0293 3784 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 20:44:16.0304 3784 VMBusHID - ok 20:44:16.0313 3784 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:44:16.0322 3784 volmgr - ok 20:44:16.0333 3784 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:44:16.0346 3784 volmgrx - ok 20:44:16.0357 3784 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:44:16.0369 3784 volsnap - ok 20:44:16.0395 3784 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:44:16.0404 3784 vsmraid - ok 20:44:16.0429 3784 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:44:16.0442 3784 vwifibus - ok 20:44:16.0461 3784 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:44:16.0475 3784 vwififlt - ok 20:44:16.0491 3784 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:44:16.0501 3784 WacomPen - ok 20:44:16.0511 3784 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:44:16.0541 3784 WANARP - ok 20:44:16.0545 3784 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:44:16.0576 3784 Wanarpv6 - ok 20:44:16.0598 3784 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:44:16.0606 3784 Wd - ok 20:44:16.0624 3784 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:44:16.0639 3784 Wdf01000 - ok 20:44:16.0699 3784 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:44:16.0727 3784 WfpLwf - ok 20:44:16.0735 3784 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:44:16.0743 3784 WIMMount - ok 20:44:16.0791 3784 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 20:44:16.0803 3784 WinUsb - ok 20:44:16.0813 3784 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:44:16.0824 3784 WmiAcpi - ok 20:44:16.0855 3784 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:44:16.0885 3784 ws2ifsl - ok 20:44:16.0906 3784 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 20:44:16.0936 3784 WudfPf - ok 20:44:16.0954 3784 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:44:16.0985 3784 WUDFRd - ok 20:44:17.0005 3784 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:44:17.0105 3784 \Device\Harddisk0\DR0 - ok 20:44:17.0109 3784 Boot (0x1200) (ad2031107fc4eafcb8b5a51d4dab523a) \Device\Harddisk0\DR0\Partition0 20:44:17.0110 3784 \Device\Harddisk0\DR0\Partition0 - ok 20:44:17.0136 3784 Boot (0x1200) (bfefe8ef619c870d782c98af5e974cd2) \Device\Harddisk0\DR0\Partition1 20:44:17.0137 3784 \Device\Harddisk0\DR0\Partition1 - ok 20:44:17.0138 3784 ============================================================ 20:44:17.0138 3784 Scan finished 20:44:17.0138 3784 ============================================================ 20:44:17.0153 5924 Detected object count: 1 20:44:17.0153 5924 Actual detected object count: 1 20:47:11.0041 5924 HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:11.0041 5924 HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
09.02.2012, 20:54
| #13 |
| | Plötzlich erscheinender ton + falsche google weiterleitung musste in 2 posts aufteilen, da zu lang^^ Geändert von norain (09.02.2012 um 20:55 Uhr) Grund: djoppelpost |
|
09.02.2012, 20:56
| #14 |
| /// Malware-holic | Plötzlich erscheinender ton + falsche google weiterleitung hitmanpro laden: Home - SurfRight doppelklicken, settings, license, test lizense. dann scan, funde in quarantäne, xml am ende exportieren und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Plötzlich erscheinender ton + falsche google weiterleitung |
| englisch, falsche, firefox, foren, gen, google, google weiterleitung, link, malware, media, media player, nichts, norton, player, plötzlich, probleme, programme, runter, scan, scannen, seite, suchergebnisse, weiterleitung, werbung |
Linear-Darstellung
