Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Plagegeister aller Art und deren Bekämpfung: Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 24.04.2011, 16:22   #1
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Hallo liebe Spezialisten

Ich habe mir auch diesen /TRKazy.mekml.1 eingefangen.

Habe mbam.exe drüberlaufen lassen
OTL ist auch fertig
Logfiles von Ccleaner
mit unhide.exe die Ordner wieder sichtbar gemacht

Hier die verschiedenen Logfiles in der Reihenfolge:
mbam 1tes mal
mbam 2tes mal
OTL extras
OTL.txt
CCleaner

Ich hoffe ich hab alles richtig gemacht.
Hab versucht mich absolut an eure Regeln zu halten, und hoffe auf eure Hilfe.
Vielen Dank im Voraus
Grüße von der Alb

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6433

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

24.04.2011 16:28:20
mbam-log-2011-04-24 (16-28-20).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144611
Laufzeit: 5 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LyxDpHvjYMMKj (Trojan.FakeAlert) -> Value: LyxDpHvjYMMKj -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programdata\lyxdphvjymmkj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6433

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

24.04.2011 16:37:41
mbam-log-2011-04-24 (16-37-40).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144490
Laufzeit: 5 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter
OTL Extras logfile created on: 24.04.2011 17:04:55 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ziemann\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 43,07 Gb Free Space | 18,50% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 23,11 Gb Free Space | 31,01% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 0,42 Gb Free Space | 22,21% Space Free | Partition Type: FAT
Drive J: | 7,82 Gb Total Space | 7,81 Gb Free Space | 99,88% Space Free | Partition Type: FAT32
 
Computer Name: ZIEMANN-PC | User Name: Ziemann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-808143684-1996383929-3073386593-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059978B8-AF11-4939-B34B-C911E983DFB4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe | 
"{05B4BEB6-765A-41E9-92BA-15DE974200C5}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{1B829170-4ACF-4568-99EA-F4B65F21F838}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{1BA71F88-2CBE-435D-9E6E-F0A42B16F2D4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{1C3697FF-FE79-4DDD-A274-7B15BA06352C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{1D66389A-A8AC-4092-884B-A7EA0932281F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{208B3107-9265-4D0D-8AB5-73DE5950180E}" = protocol=6 | dir=in | app=c:\programme\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{2735988D-3820-4929-A114-EE056E604D04}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{2B1F4074-5452-4601-9BEC-30825B886A44}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{2B5019B1-D7FF-414D-87FC-708A7FDB10F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2BD1BC36-C18D-4F27-8B5C-E4FB57E2FA94}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{2C604F80-0680-4CB6-9EAF-6B48EC4BB6E1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{2DD92269-074C-4103-A4F5-1FDF92E4810E}" = protocol=17 | dir=in | app=c:\programme2\rockstar games social club\rgsclauncher.exe | 
"{3AA01309-D94B-4CB1-8747-30FD9E2AAD0E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{438AAD80-1AD4-436D-9449-B676699130EB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4B98948B-8C70-4043-A864-25DA190B7C36}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe | 
"{4C8221CC-F3CC-4C02-814A-F4336F58F6AF}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{4CBACA5A-B53B-440B-9BBD-90F15F868129}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{52C234EF-5969-40C1-8C49-DD22515AE32C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{53281C8C-8ED7-4F7E-9BF4-3086AAC779CF}" = protocol=17 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"{54808D7C-13AB-4314-9081-E8BCFA995ED2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{5FC03FF6-8BFC-4B08-9A12-293332B4F768}" = protocol=6 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe | 
"{62C3AABA-741A-4FA0-85CC-BABFE25F32FB}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{66B4120F-0EA0-44E7-8B4C-29AB6A2D710B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{6F70F964-463A-4DBE-BDB7-B8CACB78DC20}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{711DFE40-A36D-4680-BC56-87F3E58E1084}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{7332E6AA-F503-4E31-8189-553C356CAC02}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{7432A757-603B-494F-8F6A-694FADB48D37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7504475D-91F2-4313-B179-88EB5169DDC5}" = protocol=17 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe | 
"{7A22056E-BD4B-489E-B98D-C70711B831FD}" = protocol=17 | dir=in | app=d:\tobit clipinc\server\clipinc-server.exe | 
"{7D563071-1E59-47F0-B7B7-FD5DF9D56372}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{80552943-6D5A-4B1D-8B5D-BB5B1200F860}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{82783FBC-4E74-4F30-AA5D-CAA18500E877}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{921B19AD-865A-4EF3-96D9-CE670F414654}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{9369548D-7406-4DEB-9BF4-A2CCCF3A170E}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{946467C3-02B5-4C52-A8C8-320F4D88326B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{958D04E7-D273-449F-96A0-A3F5A87850EF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9AE73EAA-1087-4473-B1C9-44463A4C2D64}" = protocol=17 | dir=in | app=c:\programme2\grand theft auto iv\launchgtaiv.exe | 
"{9BF38E43-37A9-4149-A722-4B8DD6555B37}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{9DA6B879-EAEA-4333-91D6-80FD212BAE3D}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{A25A9BB3-347A-465F-93C2-A8D1DA189A65}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{A5F6B4A7-8894-4F5E-922C-B3C3F77D23F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A61E849F-DD1C-43A0-8896-C07248BD35D2}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{B2EE82F2-29F9-4649-BDEC-EDE9EF5D6307}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{B8265303-1924-4904-9A52-6338F584D9C5}" = protocol=6 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"{BE8A6BEE-6747-4DF9-953B-874BF92C0A71}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{CC3FD93F-7797-4F6C-924D-2B0955D0B99B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{CD15DC1A-DD59-4946-BAA7-B3D890A9C5C1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{CE10EE14-D10A-4EC6-A629-CF7B707DD973}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{CEF0F78E-15A8-4D05-AD15-D4AEF33A0B9E}" = protocol=6 | dir=in | app=c:\programme2\grand theft auto iv\launchgtaiv.exe | 
"{D8200DDB-FAA4-457C-A671-CE1BE9DEB6FF}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{D9A891C0-12A2-4F91-84C7-C0F53D8B225E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{DA5B2794-45EA-412B-AF3E-35338604BB09}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{E59FE447-5098-4DEA-B052-8CA2B620C9AC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{E94D8B80-45E3-4341-A5F4-D90131DE3A22}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{F07A353A-09E5-4172-9E83-A2E6D966345A}" = protocol=6 | dir=in | app=d:\tobit clipinc\server\clipinc-server.exe | 
"{F4A6CB0F-EA78-4CEA-BD13-4D86E0E8511E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{F6746176-654E-414E-9632-EBA0EEEA5CA2}" = protocol=6 | dir=in | app=c:\programme2\rockstar games social club\rgsclauncher.exe | 
"{F71D3346-E9EE-4151-A4B4-FC7C27D8F5DC}" = protocol=17 | dir=in | app=c:\programme\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{FCBD527C-1AB5-42D3-8BFF-3CC5FDA0CEE1}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"TCP Query User{036C6779-99CC-4536-907E-A31034BB50F6}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{0412A432-1B15-4C7F-9639-02E68FCC3EAB}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{10DC371D-C9FC-400B-B8A0-F3515ECBA589}C:\program files\zyxel\ndu\ndu.exe" = protocol=6 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe | 
"TCP Query User{280B771B-735C-4C7A-BC0B-29931FBBA162}C:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"TCP Query User{3051CCC2-CA5F-468C-9376-49D030CE76CD}C:\wsftp\ws_ftp\ws_ftp95.exe" = protocol=6 | dir=in | app=c:\wsftp\ws_ftp\ws_ftp95.exe | 
"TCP Query User{348184B3-CEF8-4833-B9B6-E63B3FB34CCF}C:\program files\eidos\kane and lynch dead men\kaneandlynch.exe" = protocol=6 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe | 
"TCP Query User{375C6E67-DA3D-465F-9A17-FB16D2582259}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"TCP Query User{69DCEE35-812C-4ACE-A740-4B2C8506671D}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"TCP Query User{71B0EC0E-2815-4A41-983C-93FBFC45337E}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{7DCD9BA6-84FD-48A9-B984-D56E1A9573FE}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | 
"TCP Query User{7F590617-4810-4ABC-A346-62AE7438AC5A}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"TCP Query User{7FC5CB51-11B0-465B-93D6-C8B05B230812}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"TCP Query User{89611584-29E5-483D-9E9B-42765FF48195}C:\programme2\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\programme2\grand theft auto iv\gtaiv.exe | 
"TCP Query User{909E323D-FE33-4244-9DC0-0F0935FAE7D6}C:\program files\zyxel\ndu\ndu.exe" = protocol=6 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe | 
"TCP Query User{9EB7C65F-E263-48F8-8FF4-24CED99D60B3}C:\program files\digion\dixim media client\dmclient.exe" = protocol=6 | dir=in | app=c:\program files\digion\dixim media client\dmclient.exe | 
"TCP Query User{A4A5AD72-C2E4-4058-803D-B14748452409}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"TCP Query User{A81DB1B7-109C-450F-A598-D6E661DCB9B8}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{B4720D6B-DDC3-4816-A933-677B9B7C78B0}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"TCP Query User{B4756518-DC13-4ABD-9A0D-3C752E9A1AF1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{BE5CA166-99F9-4A15-B3F7-CED2E5E5749D}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"TCP Query User{C6DED90D-7B9B-447B-AB98-70497AA2D1C9}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{D9DEF336-125E-4B55-B90A-114FAE6619B0}C:\program files\atari\deer hunter 2005 demo\dh2005demo.exe" = protocol=6 | dir=in | app=c:\program files\atari\deer hunter 2005 demo\dh2005demo.exe | 
"TCP Query User{DB8E233A-AAE1-4A1D-8EBB-0351509104BE}C:\program files\jägerprüfungbw\jägerprüfung-bw.exe" = protocol=6 | dir=in | app=c:\program files\jägerprüfungbw\jägerprüfung-bw.exe | 
"TCP Query User{E4D5B0A9-2159-436E-BC7A-24F7EC499DB2}C:\program files\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor\binaries\moh.exe | 
"TCP Query User{E7B8B283-C157-436D-8571-023AACE29143}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor\mp\mohmpgame.exe | 
"TCP Query User{F5F4201A-C5A7-44BB-90FE-294EBA877F02}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"UDP Query User{09AE6510-B18B-4A77-9A17-42D23B3EDEA1}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{11C24341-3B74-4EA3-B378-AE98A3CE5DE0}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"UDP Query User{1DAED162-00A9-4DB0-B78B-5062F7D2D2E3}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"UDP Query User{1E6D7FDE-7B83-406B-BB68-28F5B0FB8076}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"UDP Query User{2A0776A1-2A3C-46AA-888A-497B6714A166}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{3B8844FD-7DDC-4CF4-BE9A-06F4264690CF}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{4A084CB2-0BD1-4D73-8760-989FABF66ECE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{4FAEB8C2-3D7E-4529-A576-15A7E8E83F05}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"UDP Query User{7F8CE61D-D5E2-4DE5-BD70-31FA7F484193}C:\program files\jägerprüfungbw\jägerprüfung-bw.exe" = protocol=17 | dir=in | app=c:\program files\jägerprüfungbw\jägerprüfung-bw.exe | 
"UDP Query User{8381D1C1-A44A-4FC6-AF05-E1906404B54F}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | 
"UDP Query User{919B6444-B4E2-4174-8990-F500CCA39741}C:\programme2\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\programme2\grand theft auto iv\gtaiv.exe | 
"UDP Query User{9BD9F474-D2D9-4C08-8C00-B67CCEFD9303}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"UDP Query User{9D1ACABC-B1F5-4BFF-9153-A0260ED58FA2}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor\mp\mohmpgame.exe | 
"UDP Query User{9FD8A361-F0C0-4D99-8689-654955588A03}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{A024925B-5FDD-4A19-AA76-D9FEADDE5314}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"UDP Query User{A21D7854-F79A-44AF-99C5-9F15D7C12B00}C:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"UDP Query User{A5BED59B-529A-4F2C-B7D8-500929BBA63D}C:\program files\digion\dixim media client\dmclient.exe" = protocol=17 | dir=in | app=c:\program files\digion\dixim media client\dmclient.exe | 
"UDP Query User{AB5B6DFA-C7E5-49B1-BAA0-0906201A11E6}C:\wsftp\ws_ftp\ws_ftp95.exe" = protocol=17 | dir=in | app=c:\wsftp\ws_ftp\ws_ftp95.exe | 
"UDP Query User{AC136E5A-4260-4F82-9D43-C063D2BE6648}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"UDP Query User{BEFC07F2-6FF5-4B8E-A257-A742DB7B2882}C:\program files\eidos\kane and lynch dead men\kaneandlynch.exe" = protocol=17 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe | 
"UDP Query User{CA523E88-3F03-4016-9D9F-93C5F7AFB8AD}C:\program files\zyxel\ndu\ndu.exe" = protocol=17 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe | 
"UDP Query User{CF3D0B56-7ECC-489B-BFEC-1268CED81BA8}C:\program files\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor\binaries\moh.exe | 
"UDP Query User{D87244C1-6302-4A4A-819F-4FD0B428D351}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{E07FE89D-3821-4677-9E68-5056C5AE1CCB}C:\program files\zyxel\ndu\ndu.exe" = protocol=17 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe | 
"UDP Query User{E52E99A9-A782-4B9C-AC09-112F0475A700}C:\program files\atari\deer hunter 2005 demo\dh2005demo.exe" = protocol=17 | dir=in | app=c:\program files\atari\deer hunter 2005 demo\dh2005demo.exe | 
"UDP Query User{EE686BEA-F1AE-4534-9028-F1C5A2CC2025}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{18B5996A-643E-4176-9BEB-27C45C9F1FC3}" = Nokia Map Loader
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1A34A639-9B62-4FCD-842F-E67140F86C8D}" = Zusatzmodul GPS-Pilot
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{37A54340-6655-4FFC-BC4C-0B945764DA4B}" = Canon PhotoRecord
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90840407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90AF0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B009CA39-449B-4733-B12D-DDBEC83F1963}" = NDU
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = LevelOne WNC-0301
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA75B93A-AA3C-4B4F-B942-C078432E9A10}" = Tacho+Personal
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AfuP - Amateurfunkprüfungstraining_is1" = AfuP 1.6.1
"a-squared Free_is1" = a-squared Free 4.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Call of Duty" = Call of Duty
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combat Arms EU" = Combat Arms EU
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.7)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = LevelOne WNC-0301
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"mp3-2-wav" = mp3-2-wav converter 1.14
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Philips DF2000 GSM Handset" = Philips DF2000 GSM Handset Software
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"SimpleOCR 3.1" = SimpleOCR 3.1
"SpeedFan" = SpeedFan (remove only)
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 99850" = Crysis 2 Demo
"SystemRequirementsLab" = System Requirements Lab
"TachoPlusFreeDriver" = TachoPlusFreeDriver
"Uninstall_is1" = Uninstall 1.0.0.1
"Video mp3 Extractor_is1" = Video mp3 Extractor
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 22.04.2011 15:38:30 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 23.04.2011 02:54:40 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 23.04.2011 17:32:58 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 24.04.2011 04:54:09 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 24.04.2011 08:41:58 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 24.04.2011 09:04:15 | Computer Name = Ziemann-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 24.04.2011 09:34:24 | Computer Name = Ziemann-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 24.04.2011 09:37:10 | Computer Name = Ziemann-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 0.0.0.0, Zeitstempel 0x4d334d98,
 fehlerhaftes Modul iexplore.exe, Version 0.0.0.0, Zeitstempel 0x4d334d98, Ausnahmecode
 0x40000015, Fehleroffset 0x0008cb40,  Prozess-ID 0x36c, Anwendungsstartzeit 01cc0284b4ec743b.
 
Error - 24.04.2011 10:03:03 | Computer Name = Ziemann-PC | Source = System Restore | ID = 8209
Description = 
 
Error - 24.04.2011 10:30:56 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ System Events ]
Error - 24.04.2011 11:05:42 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:05:58 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:06:28 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:06:58 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 24.04.2011 11:07:28 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description = 
 
 
< End of report >
Code:
ATTFilter
OTL logfile created on: 24.04.2011 17:04:55 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ziemann\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 43,07 Gb Free Space | 18,50% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 23,11 Gb Free Space | 31,01% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 0,42 Gb Free Space | 22,21% Space Free | Partition Type: FAT
Drive J: | 7,82 Gb Total Space | 7,81 Gb Free Space | 99,88% Space Free | Partition Type: FAT32
 
Computer Name: ZIEMANN-PC | User Name: Ziemann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ziemann\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ziemann\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys ()
DRV - (RTL85n86) -- C:\Windows\System32\drivers\RTL85n86.sys (Realtek)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (pgsmmdm) -- C:\Windows\System32\drivers\pgsmmdm.sys (MCCI)
DRV - (pgsmmdfl) -- C:\Windows\System32\drivers\pgsmmdfl.sys (MCCI)
DRV - (pgsmbus) Philips DF2000 GSM Handset Composite Device driver (WDM) -- C:\Windows\System32\drivers\pgsmbus.sys (MCCI)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (DT T-Sinus 130data(R)) DT T-Sinus 130data(R) -- C:\Windows\System32\drivers\dtusbxp.sys (Deutsche Telekom)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://forum.waffen-online.de/"
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..keyword.URL: "hxxp://"
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.17 10:23:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.09.10 15:02:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2011.02.12 16:42:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.17 10:23:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.03 21:08:42 | 000,000,000 | ---D | M]
 
[2009.12.25 12:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Extensions
[2011.04.01 18:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions
[2011.04.24 15:52:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.24 15:52:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.04.24 15:52:58 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.24 15:52:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.04.24 15:52:59 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2011.04.24 15:52:59 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2011.04.24 15:52:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\engine@conduit.com
[2011.04.24 15:52:57 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\foxyproxy@eric.h.jung
[2011.04.24 15:52:57 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\youtube2mp3@mondayx.de
[2011.04.01 18:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.03.17 10:23:13 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009.01.04 18:59:59 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009.12.02 10:31:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.12.02 10:31:53 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.12.02 10:31:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.12.02 10:31:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.12.02 10:31:53 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.01.06 17:51:22 | 000,290,820 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 10017 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\RunOnce: [Shockwave Updater]  File not found
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell - "" = AutoRun
O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{2be37705-c9f2-11df-9913-0019db67d58c}\Shell\AutoRun\command - "" = J:\wd_windows_tools\setup.exe
O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell - "" = AutoRun
O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell\AutoRun\command - "" = J:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.24 17:00:14 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\xxx\Desktop\ccsetup305.exe
[2011.04.24 16:58:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2011.04.24 16:19:15 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2011.04.24 16:19:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.24 16:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.24 16:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.24 16:19:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.24 16:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.16 21:42:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Neuer Ordner (3)
[2011.04.15 08:01:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.15 08:01:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.15 08:01:15 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.15 08:01:15 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.15 08:01:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.15 08:01:09 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.15 08:01:08 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.15 08:01:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.15 08:01:08 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.15 08:01:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.15 08:01:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.15 08:01:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.15 08:01:07 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.15 08:01:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011.04.15 08:01:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.15 08:00:55 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.15 08:00:42 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.15 08:00:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.09 08:56:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\bernd
[2011.04.08 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\kochend
[2011.04.08 12:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Clarus
[2011.04.08 12:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2011.04.07 21:20:57 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\smf filme
[2011.04.07 18:00:58 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Users\xxx\Desktop\wlsetup-web__1_.exe
[2011.04.01 17:28:40 | 022,229,776 | ---- | C] (DVDVideoSoft Limited.                                       ) -- C:\Users\xxx\Desktop\FreeYouTubeToMp3Converter.exe
[2007.11.28 13:52:11 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2007.11.28 13:52:11 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.24 17:05:44 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.24 17:00:25 | 003,050,664 | ---- | M] (Piriform Ltd) -- C:\Users\XXX\Desktop\ccsetup305.exe
[2011.04.24 16:58:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe
[2011.04.24 16:55:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.24 16:46:39 | 000,504,657 | ---- | M] () -- C:\Users\XXXX\Desktop\unhide.exe
[2011.04.24 16:36:44 | 000,633,342 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.24 16:36:44 | 000,599,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.24 16:36:44 | 000,128,590 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.24 16:36:44 | 000,105,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.24 16:30:26 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.24 16:30:24 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 16:30:24 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 16:30:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.24 16:30:15 | 3220,488,192 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.24 16:19:08 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.24 15:25:48 | 001,006,778 | ---- | M] () -- C:\Users\XXX\Desktop\rkill.com
[2011.04.24 15:07:21 | 000,001,356 | ---- | M] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat
[2011.04.24 14:40:09 | 236,165,665 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.23 23:35:03 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C42FFE37-96F3-42C2-A8DA-888F1ED50969}.job
[2011.04.22 11:57:41 | 000,238,588 | ---- | M] () -- C:\Users\XXX\Desktop\test3.pdf
[2011.04.17 20:33:01 | 000,203,928 | ---- | M] () -- C:\Users\XXX\Desktop\waffe_IMG_8780.jpg
[2011.04.17 13:16:45 | 000,011,761 | ---- | M] () -- C:\Users\XXX\Desktop\Via_listeNEU.ods
[2011.04.17 13:07:28 | 000,075,826 | ---- | M] () -- C:\Users\XXX\Desktop\passat.jpg
[2011.04.17 12:56:46 | 000,013,499 | ---- | M] () -- C:\Users\XXX\Desktop\Via_liste.ods
[2011.04.17 01:15:38 | 000,253,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.08 17:15:49 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2011.04.08 16:28:30 | 000,209,408 | ---- | M] () -- C:\Users\XXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.08 12:06:00 | 000,001,569 | ---- | M] () -- C:\Users\XXXX\Desktop\Samsung Auto Backup.lnk
[2011.04.08 12:06:00 | 000,000,715 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk
[2011.04.08 12:05:59 | 000,000,735 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk
[2011.04.08 12:05:59 | 000,000,719 | ---- | M] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk
[2011.04.07 19:15:40 | 020,586,196 | ---- | M] () -- C:\Users\XXX\Desktop\vlc-1.1.8-win32.exe
[2011.04.07 19:02:10 | 000,055,830 | ---- | M] () -- C:\Users\XXX\Desktop\CombatWombatLive.jpg
[2011.04.07 18:01:01 | 001,291,624 | ---- | M] (Microsoft Corporation) -- C:\Users\Ziemann\Desktop\wlsetup-web__1_.exe
[2011.04.06 20:59:10 | 000,014,167 | ---- | M] () -- C:\Users\XXX\Desktop\Stellungnahme Security.odt
[2011.04.01 18:30:56 | 000,087,917 | ---- | M] () -- C:\Users\XXX\Desktop\Krankenhaus.jpg
[2011.04.01 17:32:24 | 000,001,032 | ---- | M] () -- C:\Users\XXX\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.01 17:32:12 | 000,001,191 | ---- | M] () -- C:\Users\XXXX\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.01 17:30:02 | 022,229,776 | ---- | M] (DVDVideoSoft Limited.                                       ) -- C:\Users\Ziemann\Desktop\FreeYouTubeToMp3Converter.exe
[2011.03.29 21:25:05 | 000,028,398 | ---- | M] () -- C:\Users\XXX\Desktop\Kac_warzone_revolver.jpg
 
========== Files Created - No Company Name ==========
 
[2011.04.24 17:05:44 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.24 16:46:37 | 000,504,657 | ---- | C] () -- C:\Users\XXXX\Desktop\unhide.exe
[2011.04.24 16:19:08 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.24 15:36:24 | 3220,488,192 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.24 15:34:00 | 001,006,778 | ---- | C] () -- C:\Users\XXXX\Desktop\rkill.com
[2011.04.24 14:39:51 | 236,165,665 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.22 11:57:39 | 000,238,588 | ---- | C] () -- C:\Users\XXX\Desktop\test3.pdf
[2011.04.17 20:33:00 | 000,203,928 | ---- | C] () -- C:\Users\XXXX\Desktop\waffe_IMG_8780.jpg
[2011.04.17 13:16:43 | 000,011,761 | ---- | C] () -- C:\Users\XXXX\Desktop\Via_listeNEU.ods
[2011.04.17 13:07:28 | 000,075,826 | ---- | C] () -- C:\Users\XXX\Desktop\passat.jpg
[2011.04.17 12:56:44 | 000,013,499 | ---- | C] () -- C:\Users\XXXX\Desktop\Via_liste.ods
[2011.04.08 12:06:00 | 000,001,569 | ---- | C] () -- C:\Users\XXX\Desktop\Samsung Auto Backup.lnk
[2011.04.08 12:05:59 | 000,000,735 | ---- | C] () -- C:\Users\XXXn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk
[2011.04.08 12:05:59 | 000,000,719 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk
[2011.04.08 12:05:59 | 000,000,715 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk
[2011.04.07 19:14:17 | 020,586,196 | ---- | C] () -- C:\Users\XXX\Desktop\vlc-1.1.8-win32.exe
[2011.04.07 19:02:10 | 000,055,830 | ---- | C] () -- C:\Users\XXX\Desktop\CombatWombatLive.jpg
[2011.04.01 18:31:10 | 000,087,917 | ---- | C] () -- C:\Users\XXXX\Desktop\Krankenhaus.jpg
[2011.04.01 17:32:12 | 000,001,191 | ---- | C] () -- C:\Users\XXX\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.01 14:35:08 | 000,014,167 | ---- | C] () -- C:\Users\XXX\Desktop\Stellungnahme Security.odt
[2011.03.29 21:25:04 | 000,028,398 | ---- | C] () -- C:\Users\Ziemann\Desktop\Kac_warzone_revolver.jpg
[2010.12.30 19:57:29 | 000,000,104 | ---- | C] () -- C:\Windows\CDDOOR5.INI
[2010.12.05 21:18:00 | 000,000,138 | ---- | C] () -- C:\Windows\System32\VideoGenieSetup.ini
[2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.10.05 18:12:07 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe
[2010.06.24 18:31:02 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2009.11.19 04:34:46 | 000,022,723 | ---- | C] () -- C:\Windows\System32\suge1l3.dll
[2009.05.22 15:14:26 | 000,000,804 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.03.24 18:28:33 | 000,144,384 | ---- | C] () -- C:\Windows\System32\miccyhook.dll
[2009.02.02 17:21:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.01.18 14:29:44 | 000,221,184 | ---- | C] () -- C:\Windows\System32\hp_nls.dll
[2009.01.02 19:09:02 | 000,085,609 | ---- | C] () -- C:\Program Files\HitmanBloodMoneyTrainerPlus10.zip
[2008.11.21 23:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.21 23:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.11.21 18:45:43 | 002,250,024 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.24 22:12:48 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2008.08.03 16:39:53 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.08.03 16:39:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.10 11:16:40 | 000,000,142 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2008.07.10 11:08:15 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI
[2008.07.10 11:07:13 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys
[2008.07.10 11:07:13 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys
[2008.06.13 13:36:06 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.06.06 20:30:54 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.06.06 20:30:53 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.03.15 11:30:26 | 000,015,573 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin
[2008.03.12 16:38:29 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.01.21 13:10:28 | 000,000,008 | ---- | C] () -- C:\Windows\System32\mcbw.ini
[2008.01.12 20:06:11 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE
[2007.11.30 17:12:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007.11.28 13:52:11 | 012,039,552 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2007.11.28 13:52:11 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2007.11.28 13:52:11 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2007.11.22 16:42:18 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2007.11.22 16:08:37 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2007.11.22 15:54:54 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2007.11.22 15:23:46 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.11.22 13:54:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.11.22 13:53:54 | 000,002,302 | ---- | C] () -- C:\Windows\mozver.dat
[2007.11.22 12:26:42 | 000,139,832 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2007.11.22 12:26:42 | 000,138,056 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\PnkBstrK.sys
[2007.11.22 12:26:11 | 000,218,496 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2007.11.22 12:26:03 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2007.11.22 11:38:56 | 000,209,408 | ---- | C] () -- C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.21 12:28:05 | 000,001,356 | ---- | C] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat
[2006.11.02 17:33:31 | 000,633,342 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,128,590 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,253,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,599,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,105,816 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004.06.14 00:00:00 | 000,000,670 | ---- | C] () -- C:\Windows\mbcase.ini
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
Code:
ATTFilter
a-squared Free 4.5	Emsi Software GmbH	26.01.2010	106,4MB	4.5
Adobe AIR	Adobe Systems Inc.	18.10.2010	28,4MB	2.0.2.12610
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	07.04.2011		10.2.153.1
Adobe Flash Player ActiveX	Adobe Systems Incorporated	29.11.2007		9.0.47.0
Adobe Reader 8.1.3 - Deutsch	Adobe Systems Incorporated	04.12.2008	99,8MB	8.1.3
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	29.09.2009		11.5.1.601
AfuP 1.6.1	Junghard Bippes, DF1IAV	28.04.2008	4,81MB	1.6.1
Avira AntiVir Personal - Free Antivirus	Avira GmbH	27.06.2009	65,3MB	
Battlefield: Bad Company™ 2	Electronic Arts	23.06.2010	1.773MB	1.0.0.0
Call of Duty		21.11.2007	1.182MB	
Call of Duty(R) - World at War(TM)	Activision	20.11.2008	6.791MB	1.1
Call of Duty(R) 4 - Modern Warfare(TM)	Activision	21.11.2007	6.381MB	1.7
Call of Duty: Black Ops	Treyarch	08.11.2010	7.957MB	
Call of Duty: Black Ops - Multiplayer	Treyarch	08.11.2010	7.957MB	
Call of Duty: Modern Warfare 2	Infinity Ward	09.11.2009	11.493MB	
Call of Duty: Modern Warfare 2 - Multiplayer	Infinity Ward	09.11.2009	11.493MB	
Canon PhotoRecord	Cisra	21.11.2007	80,5MB	02.02.04002
Canon Utilities Easy-PhotoPrint		21.11.2007	30,0MB	
CCleaner	Piriform	23.04.2011	3,41MB	3.05
Combat Arms EU		04.01.2009	1.727MB	
Crysis 2 Demo		01.03.2011	1.836MB	
DHTML Editing Component	Microsoft Corporation	07.12.2007	0,45MB	6.02.0001
DivX Codec	DivX, Inc.	12.12.2008	1,40MB	6.8.5
DivX Converter	DivX, Inc.	12.12.2008	30,4MB	6.6.1
DivX Player		12.12.2008	15,4MB	6.8.2
DivX Web Player	DivX,Inc.	12.12.2008	2,92MB	1.4.2
EA Download Manager	Electronic Arts, Inc.	18.10.2010	26,9MB	6.0.4.124
EA Download Manager UI	Electronic Arts	18.10.2010	0,77MB	6.0.4.124
Far Cry 2	Ubisoft	06.04.2009	3.246MB	1.02.00
Free Audio CD Burner version 1.4.7	DVDVideoSoft Limited.	31.03.2011	2,60MB	
Free WMA to MP3 Converter 1.16	Jodix Technologies Ltd.	05.12.2010	2,84MB	
Free YouTube to MP3 Converter version 3.9.35.324	DVDVideoSoft Limited.	31.03.2011	3,72MB	
Google Earth	Google	28.09.2010	85,4MB	5.2.1.1588
Google Gears	Google	11.02.2011	9,05MB	0.5.3600
Google SketchUp 6	Google	23.09.2008	64,3MB	6.0.01337
Grand Theft Auto IV	Rockstar Games	11.02.2010	15.339MB	1.00.0000
ICQ6	ICQ	21.11.2007	36,0MB	6.00.0000
Java(TM) 6 Update 18	Sun Microsystems, Inc.	02.05.2010	97,1MB	6.0.180
Java(TM) 6 Update 3	Sun Microsystems, Inc.	24.11.2007	133,2MB	1.6.0.30
Kane and Lynch: Dead Men	Eidos	28.12.2007	3.731MB	1.00.0000
LevelOne WNC-0301		05.02.2009	8,77MB	1.00.0000
LogMeIn Hamachi	LogMeIn, Inc.	08.12.2010	2,93MB	2.0.3.89
Malwarebytes' Anti-Malware	Malwarebytes Corporation	23.04.2011	4,80MB	
Medal of Honor (TM)	Electronic Arts	18.10.2010	3.455MB	1.0.0.0
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	22.08.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	21.08.2009	37,0MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	03.11.2010	120,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	03.11.2010	24,5MB	4.0.30319
Microsoft Games for Windows - LIVE	Microsoft Corporation	15.11.2010	6,01MB	3.4.54.0
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	15.11.2010	31,3MB	3.4.18.0
Microsoft Office Excel Viewer 2003	Microsoft Corporation	15.04.2011	31,1MB	11.0.8173.0
Microsoft Office PowerPoint Viewer 2003	Microsoft Corporation	25.01.2008	4,00MB	11.0.8305.0
Microsoft Office PowerPoint Viewer 2007 (English)	Microsoft Corporation	15.04.2011	92,6MB	12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	15.04.2011	51,0MB	12.0.6425.1000
Microsoft Silverlight	Microsoft Corporation	20.04.2011	14,9MB	4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	19.04.2010	1,74MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.11.2009	0,41MB	8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	19.04.2010	0,19MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	18.10.2010	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	27.06.2009	0,58MB	9.0.30729
Microsoft Visual J# 2.0 Redistributable Package	Microsoft Corporation	15.11.2008	96,2MB	
Mozilla Firefox (3.5.6)	Mozilla	24.12.2009	38,2MB	3.5.6 (de)
mp3-2-wav converter 1.14		10.05.2009		
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	17.11.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.11.2009	1,34MB	4.20.9876.0
NDU	ZyXEL	06.02.2009	8,88MB	1.0.0.1
Nokia Connectivity Cable Driver	Nokia	30.11.2010	3,22MB	7.1.31.0
Nokia Map Loader	Nokia	18.03.2009	2,69MB	2.0.1
Nokia PC Suite	Nokia	09.09.2010	49,7MB	7.1.51.0
Nokia Software Updater	Nokia Corporation	30.11.2010	45,4MB	02.06.006.44298
Notepad++		23.09.2010	10,5MB	5.8
NVIDIA Drivers		24.11.2008		
NVIDIA PhysX	NVIDIA Corporation	18.10.2010	119,9MB	9.09.0203
OpenAL		28.12.2007	0,75MB	
OpenOffice.org 3.2	OpenOffice.org	02.05.2010	371MB	3.2.9483
Pando Media Booster	Pando Networks Inc.	03.01.2009	5,57MB	2.2.1.1
PC Connectivity Solution	Nokia	30.11.2010	12,9MB	10.42.0.0
Philips DF2000 GSM Handset Software		04.12.2010	0,50MB	
PunkBuster Services	Even Balance, Inc.	18.10.2010		0.989
QuickTime	Apple Inc.	22.11.2007	76,9MB	7.3.0.70
RealPlayer	RealNetworks	16.03.2010	67,7MB	
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista	Realtek	20.11.2007	0,58MB	1.00.0000
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	02.02.2009	14,1MB	6.0.1.5772
Rockstar Games Social Club	Rockstar Games	11.02.2010	1,89MB	1.00.0000
Samsung Auto Backup	Clarus	07.04.2011	19,4MB	4.1.371.0
SimpleOCR 3.1		09.07.2008	24,2MB	
Skype™ 3.6	Skype Technologies S.A.	29.11.2007	31,8MB	3.6.216
Sniper: Ghost Warrior	City Interactive S.A.	10.09.2010	4.844MB	
SpeedFan (remove only)		23.03.2009	4,73MB	
Spelling Dictionaries Support For Adobe Reader 8	Adobe Systems	04.12.2008	32,5MB	8.0.0
Spybot - Search & Destroy 1.3	Safer Networking Limited	27.11.2007	11,8MB	1.3
Steam	Valve Corporation	09.11.2009	42,3MB	1.0.0.0
System Requirements Lab		24.11.2008	0,99MB	
TachoPlusFreeDriver	SoftProject	15.11.2008	2,53MB	
TuneUp Utilities 2008	TuneUp Software	11.03.2008	34,0MB	7.0.7991
Uninstall 1.0.0.1		31.03.2011	30,9MB	
USB2.0 PC Camera (SN9C201&202)	Sonix	27.11.2007	4,20MB	5.7.22.000
Video mp3 Extractor	GeoVid	06.05.2009	2,38MB	
VLC media player 0.9.8a	VideoLAN Team	08.01.2009	60,4MB	0.9.8a
Windows Live Essentials	Microsoft Corporation	19.04.2010	70,6MB	14.0.8089.0726
Windows Live ID Sign-in Assistant	Microsoft Corporation	15.11.2010	4,69MB	6.500.3165.0
Windows Live Sync	Microsoft Corporation	19.04.2010	2,79MB	14.0.8089.726
Windows Live-Uploadtool	Microsoft Corporation	19.04.2010	0,22MB	14.0.8014.1029
Windows Media Player Firefox Plugin	Microsoft Corp	28.02.2009	0,29MB	1.0.0.8
Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)	Nokia	18.03.2009		03/05/2008 3.7
Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)	Nokia	18.03.2009		03/13/2008 6.86.0.1
Windows-Treiberpaket - Nokia Modem  (06/09/2010 4.5)	Nokia	09.09.2010	691MB	06/09/2010 4.5
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.7)	Nokia	09.09.2010	691MB	06/09/2010 7.01.0.7
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	30.11.2010		08/22/2008 7.0.0.0
WinRAR		25.12.2007	3,66MB

Alt 26.04.2011, 15:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Zitat:
Art des Suchlaufs: Quick-Scan
Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________
Alt 26.04.2011, 19:18   #3
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Servus
Danke für die hilfe
Hier das Logfile:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6448

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

26.04.2011 20:09:37
mbam-log-2011-04-26 (20-09-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 341217
Laufzeit: 1 Stunde(n), 47 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________
Alt 26.04.2011, 19:30   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell - "" = AutoRun
O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{2be37705-c9f2-11df-9913-0019db67d58c}\Shell\AutoRun\command - "" = J:\wd_windows_tools\setup.exe
O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell - "" = AutoRun
O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell\AutoRun\command - "" = J:\pushinst.exe
@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF
:Files
C:\ProgramData\4*
C:\ProgramData\~*
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.04.2011, 19:40   #5
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Ja, Sir!
Hier das Logfile:

Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a3e5456-cff7-11dc-9765-0030f1997c69}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a3e5456-cff7-11dc-9765-0030f1997c69}\ not found.
File K:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2be37705-c9f2-11df-9913-0019db67d58c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2be37705-c9f2-11df-9913-0019db67d58c}\ not found.
File J:\wd_windows_tools\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{968a0305-f270-11dc-b6cd-0030f1997c69}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{968a0305-f270-11dc-b6cd-0030f1997c69}\ not found.
File J:\pushinst.exe not found.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
File\Folder C:\ProgramData\4* not found.
File\Folder C:\ProgramData\~* not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56545 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: hellolibaoliu
 
User: Public
 
User: XXXX
 
User: XXXX
->Temp folder emptied: 2832710 bytes
->Temporary Internet Files folder emptied: 63830692 bytes
->Java cache emptied: 72366913 bytes
->FireFox cache emptied: 149059138 bytes
->Flash cache emptied: 48293 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6243211 bytes
RecycleBin emptied: 1625093302 bytes
 
Total Files Cleaned = 1.831,00 mb
 
 
OTL by OldTimer - Version 3.2.22.3 log created on 04262011_203429

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Alt 27.04.2011, 09:13   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
--> Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....

Alt 27.04.2011, 14:19   #7
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Hier das Log:
Code:
ATTFilter
2011/04/27 15:15:34.0386 3176	TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/27 15:15:34.0776 3176	================================================================================
2011/04/27 15:15:34.0776 3176	SystemInfo:
2011/04/27 15:15:34.0776 3176	
2011/04/27 15:15:34.0776 3176	OS Version: 6.0.6001 ServicePack: 1.0
2011/04/27 15:15:34.0776 3176	Product type: Workstation
2011/04/27 15:15:34.0776 3176	ComputerName: XXXX-PC
2011/04/27 15:15:34.0776 3176	UserName: XXXX
2011/04/27 15:15:34.0776 3176	Windows directory: C:\Windows
2011/04/27 15:15:34.0776 3176	System windows directory: C:\Windows
2011/04/27 15:15:34.0776 3176	Processor architecture: Intel x86
2011/04/27 15:15:34.0776 3176	Number of processors: 2
2011/04/27 15:15:34.0776 3176	Page size: 0x1000
2011/04/27 15:15:34.0776 3176	Boot type: Normal boot
2011/04/27 15:15:34.0776 3176	================================================================================
2011/04/27 15:15:35.0183 3176	Initialize success
2011/04/27 15:15:36.0933 1932	================================================================================
2011/04/27 15:15:36.0933 1932	Scan started
2011/04/27 15:15:36.0933 1932	Mode: Manual; 
2011/04/27 15:15:36.0933 1932	================================================================================
2011/04/27 15:15:37.0683 1932	ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/04/27 15:15:37.0745 1932	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/27 15:15:37.0792 1932	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/27 15:15:37.0839 1932	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/27 15:15:37.0854 1932	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/27 15:15:37.0933 1932	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
2011/04/27 15:15:37.0979 1932	AFD             (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/04/27 15:15:38.0058 1932	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/27 15:15:38.0104 1932	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/27 15:15:38.0136 1932	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/04/27 15:15:38.0198 1932	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/27 15:15:38.0229 1932	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/04/27 15:15:38.0261 1932	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/27 15:15:38.0276 1932	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/27 15:15:38.0339 1932	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/27 15:15:38.0386 1932	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/27 15:15:38.0464 1932	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/27 15:15:38.0511 1932	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/04/27 15:15:38.0573 1932	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/27 15:15:38.0667 1932	avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/27 15:15:38.0714 1932	avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/27 15:15:38.0761 1932	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
2011/04/27 15:15:38.0808 1932	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/27 15:15:38.0964 1932	bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/27 15:15:38.0995 1932	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/27 15:15:39.0026 1932	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/27 15:15:39.0058 1932	Bridge          (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:15:39.0073 1932	BridgeMP        (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:15:39.0120 1932	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/27 15:15:39.0151 1932	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/27 15:15:39.0308 1932	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/27 15:15:39.0417 1932	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/27 15:15:39.0448 1932	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/27 15:15:39.0495 1932	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/27 15:15:39.0526 1932	cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/27 15:15:39.0604 1932	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/27 15:15:39.0651 1932	CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/04/27 15:15:39.0745 1932	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/04/27 15:15:39.0792 1932	Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/27 15:15:39.0839 1932	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/27 15:15:39.0901 1932	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/27 15:15:39.0948 1932	DfsC            (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/04/27 15:15:39.0995 1932	disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/04/27 15:15:40.0058 1932	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/27 15:15:40.0120 1932	DT T-Sinus 130data(R) (1386d4acc258302a368e6fca99dc9d1d) C:\Windows\system32\DRIVERS\dtusbxp.sys
2011/04/27 15:15:40.0198 1932	DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/27 15:15:40.0245 1932	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/27 15:15:40.0323 1932	Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/04/27 15:15:40.0386 1932	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/27 15:15:40.0448 1932	exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/04/27 15:15:40.0479 1932	fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/04/27 15:15:40.0511 1932	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/27 15:15:40.0542 1932	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/27 15:15:40.0604 1932	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/27 15:15:40.0636 1932	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/27 15:15:40.0667 1932	FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/04/27 15:15:40.0714 1932	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/27 15:15:40.0776 1932	fwlanusbn       (fc06a5be1ab381cd47af3d69006e88f0) C:\Windows\system32\DRIVERS\fwlanusbn.sys
2011/04/27 15:15:40.0886 1932	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/27 15:15:40.0948 1932	giveio          (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/04/27 15:15:41.0104 1932	hamachi         (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/27 15:15:41.0151 1932	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/27 15:15:41.0245 1932	HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/27 15:15:41.0292 1932	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/27 15:15:41.0339 1932	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/27 15:15:41.0417 1932	HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/27 15:15:41.0464 1932	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/27 15:15:41.0542 1932	HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/04/27 15:15:41.0589 1932	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/27 15:15:41.0620 1932	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/27 15:15:41.0667 1932	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/27 15:15:41.0714 1932	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/27 15:15:41.0823 1932	IntcAzAudAddService (da6303bbaed73eec30c3433359e7a311) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/27 15:15:41.0933 1932	intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/04/27 15:15:41.0979 1932	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/27 15:15:42.0026 1932	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/27 15:15:42.0073 1932	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/27 15:15:42.0104 1932	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/27 15:15:42.0136 1932	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/27 15:15:42.0167 1932	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/27 15:15:42.0245 1932	iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/27 15:15:42.0276 1932	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/27 15:15:42.0308 1932	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/27 15:15:42.0370 1932	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/27 15:15:42.0401 1932	kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/04/27 15:15:42.0433 1932	KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/27 15:15:42.0479 1932	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/27 15:15:42.0526 1932	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/27 15:15:42.0542 1932	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/27 15:15:42.0558 1932	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/27 15:15:42.0604 1932	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/27 15:15:42.0667 1932	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/27 15:15:42.0745 1932	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/27 15:15:42.0792 1932	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/27 15:15:42.0823 1932	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/27 15:15:42.0886 1932	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/27 15:15:42.0933 1932	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/27 15:15:42.0979 1932	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/27 15:15:43.0026 1932	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/27 15:15:43.0073 1932	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/27 15:15:43.0104 1932	MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/04/27 15:15:43.0136 1932	mrxsmb          (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/27 15:15:43.0167 1932	mrxsmb10        (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/27 15:15:43.0214 1932	mrxsmb20        (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/27 15:15:43.0245 1932	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/04/27 15:15:43.0261 1932	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/27 15:15:43.0323 1932	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/27 15:15:43.0354 1932	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/27 15:15:43.0417 1932	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/27 15:15:43.0433 1932	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/27 15:15:43.0464 1932	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/27 15:15:43.0526 1932	MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/04/27 15:15:43.0573 1932	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/27 15:15:43.0620 1932	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/27 15:15:43.0651 1932	Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/04/27 15:15:43.0745 1932	NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/27 15:15:43.0776 1932	NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/04/27 15:15:43.0823 1932	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/27 15:15:43.0870 1932	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/27 15:15:43.0901 1932	NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/27 15:15:43.0948 1932	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/27 15:15:43.0979 1932	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/27 15:15:44.0011 1932	netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/27 15:15:44.0089 1932	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/27 15:15:44.0136 1932	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/27 15:15:44.0183 1932	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/27 15:15:44.0198 1932	Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/04/27 15:15:44.0229 1932	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/27 15:15:44.0308 1932	Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/04/27 15:15:44.0386 1932	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/27 15:15:44.0479 1932	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/27 15:15:44.0948 1932	nvlddmkm        (9a87bba2307b0f16fab141a2ee664e4d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/27 15:15:45.0167 1932	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/27 15:15:45.0229 1932	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/27 15:15:45.0276 1932	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/27 15:15:45.0479 1932	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/27 15:15:45.0542 1932	Parport         (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/04/27 15:15:45.0589 1932	partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/04/27 15:15:45.0636 1932	Parvdm          (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/27 15:15:45.0698 1932	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/27 15:15:45.0714 1932	pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/04/27 15:15:45.0745 1932	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/04/27 15:15:45.0823 1932	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/27 15:15:45.0870 1932	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/27 15:15:46.0073 1932	pgsmbus         (7eb67bda55987cb25e48423b72e0a19e) C:\Windows\system32\DRIVERS\pgsmbus.sys
2011/04/27 15:15:46.0136 1932	pgsmmdfl        (a572a56b57498124a6500f0bb2c67fff) C:\Windows\system32\DRIVERS\pgsmmdfl.sys
2011/04/27 15:15:46.0183 1932	pgsmmdm         (0af2ca3a23b252f0896fae953f903290) C:\Windows\system32\DRIVERS\pgsmmdm.sys
2011/04/27 15:15:46.0276 1932	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/27 15:15:46.0354 1932	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/27 15:15:46.0433 1932	PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/27 15:15:46.0495 1932	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/27 15:15:46.0573 1932	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/27 15:15:46.0604 1932	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/27 15:15:46.0636 1932	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/27 15:15:46.0698 1932	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/27 15:15:46.0729 1932	RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/27 15:15:46.0776 1932	RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/27 15:15:46.0823 1932	rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/27 15:15:46.0948 1932	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/27 15:15:46.0979 1932	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/27 15:15:47.0011 1932	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/27 15:15:47.0089 1932	RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/04/27 15:15:47.0167 1932	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/27 15:15:47.0245 1932	RTL8169         (904fd29ec1ff2709099ae2cd1c09a913) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/27 15:15:47.0292 1932	RTL85n86        (1bb178fbd7ad334f0bfa3f17f66afef9) C:\Windows\system32\DRIVERS\RTL85n86.sys
2011/04/27 15:15:47.0339 1932	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/27 15:15:47.0370 1932	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/27 15:15:47.0417 1932	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/27 15:15:47.0464 1932	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/04/27 15:15:47.0495 1932	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/27 15:15:47.0620 1932	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/27 15:15:47.0714 1932	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/27 15:15:47.0745 1932	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/27 15:15:47.0761 1932	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/27 15:15:47.0870 1932	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/27 15:15:47.0933 1932	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/27 15:15:48.0026 1932	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/27 15:15:48.0136 1932	Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/04/27 15:15:48.0589 1932	SNP2STD         (8c5af605a85c5214d40542d933da737c) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/04/27 15:15:48.0886 1932	speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/04/27 15:15:48.0964 1932	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/27 15:15:48.0995 1932	srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/04/27 15:15:49.0073 1932	srv2            (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/27 15:15:49.0151 1932	srvnet          (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/27 15:15:49.0167 1932	ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/27 15:15:49.0323 1932	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/27 15:15:49.0354 1932	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/27 15:15:49.0417 1932	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/27 15:15:49.0433 1932	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/27 15:15:49.0604 1932	Tcpip           (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/04/27 15:15:49.0714 1932	Tcpip6          (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/27 15:15:49.0792 1932	tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/27 15:15:49.0854 1932	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/27 15:15:49.0901 1932	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/27 15:15:50.0011 1932	tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/27 15:15:50.0058 1932	TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/27 15:15:50.0136 1932	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/27 15:15:50.0261 1932	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/27 15:15:50.0308 1932	tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/27 15:15:50.0370 1932	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/27 15:15:50.0417 1932	udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/27 15:15:50.0464 1932	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/27 15:15:50.0542 1932	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/27 15:15:50.0589 1932	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/27 15:15:50.0651 1932	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/27 15:15:50.0698 1932	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/27 15:15:50.0808 1932	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/27 15:15:50.0901 1932	usbaudio        (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/04/27 15:15:51.0011 1932	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/27 15:15:51.0089 1932	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/27 15:15:51.0136 1932	usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/27 15:15:51.0245 1932	usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/27 15:15:51.0323 1932	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/27 15:15:51.0417 1932	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/27 15:15:51.0479 1932	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/27 15:15:51.0542 1932	usbser          (a96191470581a7091420d25ecd444502) C:\Windows\system32\drivers\usbser.sys
2011/04/27 15:15:51.0620 1932	UsbserFilt      (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/27 15:15:51.0698 1932	USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/27 15:15:51.0745 1932	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/27 15:15:51.0823 1932	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/27 15:15:51.0870 1932	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/27 15:15:51.0933 1932	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/27 15:15:51.0995 1932	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/27 15:15:52.0073 1932	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/04/27 15:15:52.0120 1932	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/27 15:15:52.0183 1932	volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/04/27 15:15:52.0292 1932	volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/04/27 15:15:52.0323 1932	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/27 15:15:52.0386 1932	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/27 15:15:52.0433 1932	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:15:52.0433 1932	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:15:52.0479 1932	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/27 15:15:52.0558 1932	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/27 15:15:52.0729 1932	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/27 15:15:52.0823 1932	WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/27 15:15:52.0917 1932	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/27 15:15:53.0011 1932	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/27 15:15:53.0042 1932	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/27 15:15:53.0167 1932	================================================================================
2011/04/27 15:15:53.0167 1932	Scan finished
2011/04/27 15:15:53.0167 1932	================================================================================
2011/04/27 15:16:11.0198 3984	================================================================================
2011/04/27 15:16:11.0198 3984	Scan started
2011/04/27 15:16:11.0198 3984	Mode: Manual; 
2011/04/27 15:16:11.0198 3984	================================================================================
2011/04/27 15:16:11.0464 3984	ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/04/27 15:16:11.0511 3984	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/27 15:16:11.0558 3984	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/27 15:16:11.0667 3984	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/27 15:16:11.0729 3984	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/27 15:16:11.0792 3984	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
2011/04/27 15:16:11.0870 3984	AFD             (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/04/27 15:16:11.0948 3984	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/27 15:16:12.0026 3984	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/27 15:16:12.0073 3984	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/04/27 15:16:12.0136 3984	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/27 15:16:12.0198 3984	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/04/27 15:16:12.0229 3984	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/27 15:16:12.0308 3984	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/27 15:16:12.0386 3984	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/27 15:16:12.0448 3984	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/27 15:16:12.0526 3984	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/27 15:16:12.0558 3984	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/04/27 15:16:12.0667 3984	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/27 15:16:12.0792 3984	avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/27 15:16:12.0839 3984	avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/27 15:16:12.0901 3984	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
2011/04/27 15:16:12.0948 3984	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/27 15:16:13.0120 3984	bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/27 15:16:13.0136 3984	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/27 15:16:13.0183 3984	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/27 15:16:13.0214 3984	Bridge          (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:16:13.0214 3984	BridgeMP        (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:16:13.0308 3984	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/27 15:16:13.0323 3984	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/27 15:16:13.0339 3984	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/27 15:16:13.0370 3984	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/27 15:16:13.0401 3984	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/27 15:16:13.0448 3984	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/27 15:16:13.0495 3984	cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/27 15:16:13.0526 3984	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/27 15:16:13.0573 3984	CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/04/27 15:16:13.0667 3984	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/04/27 15:16:13.0683 3984	Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/27 15:16:13.0714 3984	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/27 15:16:13.0745 3984	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/27 15:16:13.0808 3984	DfsC            (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/04/27 15:16:13.0823 3984	disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/04/27 15:16:13.0901 3984	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/27 15:16:13.0948 3984	DT T-Sinus 130data(R) (1386d4acc258302a368e6fca99dc9d1d) C:\Windows\system32\DRIVERS\dtusbxp.sys
2011/04/27 15:16:14.0026 3984	DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/27 15:16:14.0089 3984	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/27 15:16:14.0198 3984	Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/04/27 15:16:14.0276 3984	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/27 15:16:14.0339 3984	exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/04/27 15:16:14.0386 3984	fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/04/27 15:16:14.0433 3984	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/27 15:16:14.0511 3984	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/27 15:16:14.0573 3984	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/27 15:16:14.0604 3984	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/27 15:16:14.0651 3984	FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/04/27 15:16:14.0714 3984	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/27 15:16:14.0761 3984	fwlanusbn       (fc06a5be1ab381cd47af3d69006e88f0) C:\Windows\system32\DRIVERS\fwlanusbn.sys
2011/04/27 15:16:14.0854 3984	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/27 15:16:14.0917 3984	giveio          (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/04/27 15:16:14.0995 3984	hamachi         (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/27 15:16:15.0120 3984	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/27 15:16:15.0167 3984	HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/27 15:16:15.0276 3984	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/27 15:16:15.0308 3984	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/27 15:16:15.0370 3984	HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/27 15:16:15.0448 3984	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/27 15:16:15.0558 3984	HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/04/27 15:16:15.0620 3984	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/27 15:16:15.0667 3984	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/27 15:16:15.0714 3984	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/27 15:16:15.0808 3984	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/27 15:16:15.0948 3984	IntcAzAudAddService (da6303bbaed73eec30c3433359e7a311) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/27 15:16:16.0058 3984	intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/04/27 15:16:16.0089 3984	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/27 15:16:16.0183 3984	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/27 15:16:16.0308 3984	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/27 15:16:16.0354 3984	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/27 15:16:16.0386 3984	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/27 15:16:16.0433 3984	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/27 15:16:16.0542 3984	iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/27 15:16:16.0683 3984	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/27 15:16:16.0729 3984	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/27 15:16:16.0776 3984	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/27 15:16:16.0792 3984	kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/04/27 15:16:16.0886 3984	KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/27 15:16:16.0933 3984	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/27 15:16:17.0026 3984	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/27 15:16:17.0042 3984	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/27 15:16:17.0058 3984	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/27 15:16:17.0104 3984	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/27 15:16:17.0151 3984	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/27 15:16:17.0245 3984	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/27 15:16:17.0261 3984	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/27 15:16:17.0308 3984	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/27 15:16:17.0354 3984	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/27 15:16:17.0386 3984	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/27 15:16:17.0417 3984	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/27 15:16:17.0479 3984	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/27 15:16:17.0511 3984	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/27 15:16:17.0542 3984	MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/04/27 15:16:17.0589 3984	mrxsmb          (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/27 15:16:17.0604 3984	mrxsmb10        (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/27 15:16:17.0651 3984	mrxsmb20        (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/27 15:16:17.0698 3984	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/04/27 15:16:17.0729 3984	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/27 15:16:17.0776 3984	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/27 15:16:17.0839 3984	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/27 15:16:17.0886 3984	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/27 15:16:17.0901 3984	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/27 15:16:17.0933 3984	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/27 15:16:17.0979 3984	MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/04/27 15:16:18.0120 3984	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/27 15:16:18.0151 3984	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/27 15:16:18.0229 3984	Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/04/27 15:16:18.0261 3984	NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/27 15:16:18.0308 3984	NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/04/27 15:16:18.0354 3984	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/27 15:16:18.0370 3984	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/27 15:16:18.0433 3984	NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/27 15:16:18.0479 3984	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/27 15:16:18.0526 3984	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/27 15:16:18.0589 3984	netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/27 15:16:18.0636 3984	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/27 15:16:18.0698 3984	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/27 15:16:18.0745 3984	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/27 15:16:18.0761 3984	Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/04/27 15:16:18.0823 3984	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/27 15:16:18.0886 3984	Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/04/27 15:16:18.0948 3984	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/27 15:16:18.0979 3984	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/27 15:16:19.0229 3984	nvlddmkm        (9a87bba2307b0f16fab141a2ee664e4d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/27 15:16:19.0339 3984	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/27 15:16:19.0386 3984	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/27 15:16:19.0433 3984	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/27 15:16:19.0511 3984	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/27 15:16:19.0604 3984	Parport         (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/04/27 15:16:19.0620 3984	partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/04/27 15:16:19.0683 3984	Parvdm          (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/27 15:16:19.0729 3984	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/27 15:16:19.0761 3984	pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/04/27 15:16:19.0792 3984	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/04/27 15:16:19.0839 3984	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/27 15:16:19.0870 3984	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/27 15:16:19.0964 3984	pgsmbus         (7eb67bda55987cb25e48423b72e0a19e) C:\Windows\system32\DRIVERS\pgsmbus.sys
2011/04/27 15:16:20.0011 3984	pgsmmdfl        (a572a56b57498124a6500f0bb2c67fff) C:\Windows\system32\DRIVERS\pgsmmdfl.sys
2011/04/27 15:16:20.0042 3984	pgsmmdm         (0af2ca3a23b252f0896fae953f903290) C:\Windows\system32\DRIVERS\pgsmmdm.sys
2011/04/27 15:16:20.0104 3984	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/27 15:16:20.0136 3984	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/27 15:16:20.0214 3984	PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/27 15:16:20.0276 3984	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/27 15:16:20.0308 3984	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/27 15:16:20.0339 3984	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/27 15:16:20.0386 3984	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/27 15:16:20.0417 3984	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/27 15:16:20.0495 3984	RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/27 15:16:20.0511 3984	RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/27 15:16:20.0542 3984	rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/27 15:16:20.0620 3984	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/27 15:16:20.0667 3984	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/27 15:16:20.0714 3984	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/27 15:16:20.0761 3984	RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/04/27 15:16:20.0823 3984	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/27 15:16:20.0886 3984	RTL8169         (904fd29ec1ff2709099ae2cd1c09a913) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/27 15:16:20.0948 3984	RTL85n86        (1bb178fbd7ad334f0bfa3f17f66afef9) C:\Windows\system32\DRIVERS\RTL85n86.sys
2011/04/27 15:16:21.0026 3984	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/27 15:16:21.0073 3984	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/27 15:16:21.0151 3984	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/27 15:16:21.0167 3984	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/04/27 15:16:21.0198 3984	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/27 15:16:21.0245 3984	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/27 15:16:21.0261 3984	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/27 15:16:21.0323 3984	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/27 15:16:21.0354 3984	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/27 15:16:21.0417 3984	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/27 15:16:21.0464 3984	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/27 15:16:21.0495 3984	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/27 15:16:21.0542 3984	Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/04/27 15:16:21.0933 3984	SNP2STD         (8c5af605a85c5214d40542d933da737c) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/04/27 15:16:22.0058 3984	speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/04/27 15:16:22.0120 3984	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/27 15:16:22.0183 3984	srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/04/27 15:16:22.0261 3984	srv2            (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/27 15:16:22.0292 3984	srvnet          (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/27 15:16:22.0370 3984	ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/27 15:16:22.0464 3984	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/27 15:16:22.0542 3984	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/27 15:16:22.0573 3984	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/27 15:16:22.0745 3984	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/27 15:16:22.0901 3984	Tcpip           (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/04/27 15:16:22.0979 3984	Tcpip6          (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/27 15:16:23.0073 3984	tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/27 15:16:23.0104 3984	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/27 15:16:23.0120 3984	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/27 15:16:23.0167 3984	tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/27 15:16:23.0214 3984	TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/27 15:16:23.0354 3984	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/27 15:16:23.0417 3984	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/27 15:16:23.0448 3984	tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/27 15:16:23.0479 3984	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/27 15:16:23.0558 3984	udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/27 15:16:23.0604 3984	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/27 15:16:23.0651 3984	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/27 15:16:23.0714 3984	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/27 15:16:23.0776 3984	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/27 15:16:23.0854 3984	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/27 15:16:23.0917 3984	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/27 15:16:23.0979 3984	usbaudio        (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/04/27 15:16:24.0058 3984	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/27 15:16:24.0104 3984	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/27 15:16:24.0136 3984	usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/27 15:16:24.0198 3984	usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/27 15:16:24.0245 3984	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/27 15:16:24.0292 3984	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/27 15:16:24.0354 3984	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/27 15:16:24.0433 3984	usbser          (a96191470581a7091420d25ecd444502) C:\Windows\system32\drivers\usbser.sys
2011/04/27 15:16:24.0495 3984	UsbserFilt      (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/27 15:16:24.0604 3984	USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/27 15:16:24.0651 3984	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/27 15:16:24.0761 3984	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/27 15:16:24.0839 3984	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/27 15:16:24.0901 3984	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/27 15:16:24.0995 3984	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/27 15:16:25.0058 3984	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/04/27 15:16:25.0151 3984	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/27 15:16:25.0214 3984	volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/04/27 15:16:25.0245 3984	volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/04/27 15:16:25.0292 3984	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/27 15:16:25.0339 3984	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/27 15:16:25.0370 3984	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:16:25.0370 3984	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:16:25.0401 3984	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/27 15:16:25.0464 3984	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/27 15:16:25.0542 3984	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/27 15:16:25.0604 3984	WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/27 15:16:25.0667 3984	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/27 15:16:25.0745 3984	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/27 15:16:25.0792 3984	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/27 15:16:25.0901 3984	================================================================================
2011/04/27 15:16:25.0901 3984	Scan finished
2011/04/27 15:16:25.0901 3984	================================================================================
2011/04/27 15:16:39.0917 3908	================================================================================
2011/04/27 15:16:39.0917 3908	Scan started
2011/04/27 15:16:39.0917 3908	Mode: Manual; 
2011/04/27 15:16:39.0917 3908	================================================================================
2011/04/27 15:16:40.0745 3908	ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/04/27 15:16:40.0964 3908	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/27 15:16:41.0183 3908	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/27 15:16:41.0214 3908	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/27 15:16:41.0229 3908	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/27 15:16:41.0292 3908	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
2011/04/27 15:16:41.0339 3908	AFD             (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/04/27 15:16:41.0401 3908	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/27 15:16:41.0448 3908	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/27 15:16:41.0495 3908	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/04/27 15:16:41.0526 3908	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/27 15:16:41.0558 3908	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/04/27 15:16:41.0573 3908	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/27 15:16:41.0604 3908	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/27 15:16:41.0651 3908	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/27 15:16:41.0683 3908	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/27 15:16:41.0761 3908	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/27 15:16:41.0792 3908	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/04/27 15:16:41.0901 3908	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/27 15:16:41.0979 3908	avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/27 15:16:42.0011 3908	avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/27 15:16:42.0026 3908	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
2011/04/27 15:16:42.0058 3908	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/27 15:16:42.0151 3908	bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/27 15:16:42.0167 3908	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/27 15:16:42.0198 3908	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/27 15:16:42.0229 3908	Bridge          (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:16:42.0229 3908	BridgeMP        (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys
2011/04/27 15:16:42.0276 3908	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/27 15:16:42.0323 3908	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/27 15:16:42.0354 3908	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/27 15:16:42.0386 3908	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/27 15:16:42.0417 3908	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/27 15:16:42.0479 3908	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/27 15:16:42.0542 3908	cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/27 15:16:42.0620 3908	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/27 15:16:42.0667 3908	CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/04/27 15:16:42.0761 3908	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/04/27 15:16:42.0792 3908	Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/27 15:16:42.0854 3908	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/27 15:16:42.0886 3908	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/27 15:16:42.0933 3908	DfsC            (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/04/27 15:16:42.0979 3908	disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/04/27 15:16:43.0120 3908	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/27 15:16:43.0245 3908	DT T-Sinus 130data(R) (1386d4acc258302a368e6fca99dc9d1d) C:\Windows\system32\DRIVERS\dtusbxp.sys
2011/04/27 15:16:43.0308 3908	DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/27 15:16:43.0354 3908	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/27 15:16:43.0448 3908	Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/04/27 15:16:43.0526 3908	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/27 15:16:43.0636 3908	exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/04/27 15:16:43.0683 3908	fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/04/27 15:16:43.0745 3908	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/27 15:16:43.0808 3908	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/27 15:16:43.0886 3908	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/27 15:16:43.0917 3908	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/27 15:16:43.0948 3908	FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/04/27 15:16:44.0026 3908	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/27 15:16:44.0073 3908	fwlanusbn       (fc06a5be1ab381cd47af3d69006e88f0) C:\Windows\system32\DRIVERS\fwlanusbn.sys
2011/04/27 15:16:44.0104 3908	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/27 15:16:44.0151 3908	giveio          (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/04/27 15:16:44.0229 3908	hamachi         (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/27 15:16:44.0276 3908	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/27 15:16:44.0292 3908	HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/27 15:16:44.0354 3908	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/27 15:16:44.0370 3908	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/27 15:16:44.0433 3908	HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/27 15:16:44.0464 3908	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/27 15:16:44.0526 3908	HTTP            (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/04/27 15:16:44.0558 3908	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/27 15:16:44.0589 3908	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/27 15:16:44.0636 3908	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/27 15:16:44.0683 3908	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/27 15:16:44.0808 3908	IntcAzAudAddService (da6303bbaed73eec30c3433359e7a311) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/27 15:16:44.0854 3908	intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/04/27 15:16:44.0901 3908	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/27 15:16:44.0933 3908	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/27 15:16:45.0011 3908	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/27 15:16:45.0042 3908	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/27 15:16:45.0089 3908	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/27 15:16:45.0136 3908	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/27 15:16:45.0167 3908	iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/27 15:16:45.0214 3908	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/27 15:16:45.0245 3908	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/27 15:16:45.0308 3908	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/27 15:16:45.0339 3908	kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/04/27 15:16:45.0370 3908	KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/27 15:16:45.0433 3908	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/27 15:16:45.0464 3908	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/27 15:16:45.0495 3908	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/27 15:16:45.0542 3908	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/27 15:16:45.0573 3908	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/27 15:16:45.0667 3908	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/27 15:16:45.0761 3908	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/27 15:16:45.0792 3908	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/27 15:16:45.0839 3908	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/27 15:16:45.0901 3908	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/27 15:16:45.0979 3908	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/27 15:16:46.0026 3908	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/27 15:16:46.0136 3908	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/27 15:16:46.0198 3908	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/27 15:16:46.0245 3908	MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/04/27 15:16:46.0276 3908	mrxsmb          (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/27 15:16:46.0354 3908	mrxsmb10        (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/27 15:16:46.0417 3908	mrxsmb20        (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/27 15:16:46.0479 3908	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/04/27 15:16:46.0495 3908	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/27 15:16:46.0558 3908	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/27 15:16:46.0604 3908	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/27 15:16:46.0667 3908	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/27 15:16:46.0698 3908	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/27 15:16:46.0761 3908	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/27 15:16:46.0792 3908	MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/04/27 15:16:46.0933 3908	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/27 15:16:46.0964 3908	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/27 15:16:47.0026 3908	Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/04/27 15:16:47.0089 3908	NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/27 15:16:47.0120 3908	NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/04/27 15:16:47.0292 3908	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/27 15:16:47.0323 3908	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/27 15:16:47.0370 3908	NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/27 15:16:47.0401 3908	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/27 15:16:47.0433 3908	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/27 15:16:47.0495 3908	netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/27 15:16:47.0558 3908	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/27 15:16:47.0604 3908	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/27 15:16:47.0651 3908	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/27 15:16:47.0683 3908	Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/04/27 15:16:47.0714 3908	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/27 15:16:47.0792 3908	Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/04/27 15:16:47.0823 3908	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/27 15:16:47.0870 3908	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/27 15:16:48.0089 3908	nvlddmkm        (9a87bba2307b0f16fab141a2ee664e4d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/27 15:16:48.0198 3908	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/27 15:16:48.0323 3908	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/27 15:16:48.0370 3908	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/27 15:16:48.0433 3908	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/27 15:16:48.0479 3908	Parport         (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/04/27 15:16:48.0526 3908	partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/04/27 15:16:48.0542 3908	Parvdm          (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/27 15:16:48.0636 3908	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/27 15:16:48.0745 3908	pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/04/27 15:16:48.0776 3908	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/04/27 15:16:48.0870 3908	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/27 15:16:48.0964 3908	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/27 15:16:49.0042 3908	pgsmbus         (7eb67bda55987cb25e48423b72e0a19e) C:\Windows\system32\DRIVERS\pgsmbus.sys
2011/04/27 15:16:49.0089 3908	pgsmmdfl        (a572a56b57498124a6500f0bb2c67fff) C:\Windows\system32\DRIVERS\pgsmmdfl.sys
2011/04/27 15:16:49.0136 3908	pgsmmdm         (0af2ca3a23b252f0896fae953f903290) C:\Windows\system32\DRIVERS\pgsmmdm.sys
2011/04/27 15:16:49.0245 3908	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/27 15:16:49.0292 3908	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/27 15:16:49.0354 3908	PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/27 15:16:49.0417 3908	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/27 15:16:49.0479 3908	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/27 15:16:49.0542 3908	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/27 15:16:49.0651 3908	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/27 15:16:49.0729 3908	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/27 15:16:49.0823 3908	RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/27 15:16:49.0854 3908	RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/27 15:16:49.0901 3908	rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/27 15:16:49.0995 3908	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/27 15:16:50.0089 3908	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/27 15:16:50.0136 3908	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/27 15:16:50.0229 3908	RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/04/27 15:16:50.0323 3908	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/27 15:16:50.0401 3908	RTL8169         (904fd29ec1ff2709099ae2cd1c09a913) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/27 15:16:50.0464 3908	RTL85n86        (1bb178fbd7ad334f0bfa3f17f66afef9) C:\Windows\system32\DRIVERS\RTL85n86.sys
2011/04/27 15:16:50.0526 3908	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/27 15:16:50.0558 3908	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/27 15:16:50.0620 3908	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/27 15:16:50.0667 3908	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/04/27 15:16:50.0792 3908	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/27 15:16:50.0839 3908	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/27 15:16:50.0901 3908	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/27 15:16:50.0948 3908	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/27 15:16:50.0979 3908	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/27 15:16:51.0026 3908	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/27 15:16:51.0089 3908	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/27 15:16:51.0167 3908	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/27 15:16:51.0245 3908	Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/04/27 15:16:51.0604 3908	SNP2STD         (8c5af605a85c5214d40542d933da737c) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/04/27 15:16:51.0698 3908	speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/04/27 15:16:51.0776 3908	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/27 15:16:51.0854 3908	srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/04/27 15:16:51.0948 3908	srv2            (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/27 15:16:52.0011 3908	srvnet          (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/27 15:16:52.0120 3908	ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/27 15:16:52.0167 3908	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/27 15:16:52.0261 3908	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/27 15:16:52.0276 3908	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/27 15:16:52.0323 3908	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/27 15:16:52.0464 3908	Tcpip           (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/04/27 15:16:52.0526 3908	Tcpip6          (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/27 15:16:52.0558 3908	tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/27 15:16:52.0651 3908	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/27 15:16:52.0683 3908	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/27 15:16:52.0729 3908	tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/27 15:16:52.0808 3908	TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/27 15:16:52.0886 3908	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/27 15:16:52.0979 3908	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/27 15:16:53.0011 3908	tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/27 15:16:53.0042 3908	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/27 15:16:53.0104 3908	udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/27 15:16:53.0214 3908	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/27 15:16:53.0354 3908	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/27 15:16:53.0448 3908	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/27 15:16:53.0558 3908	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/27 15:16:53.0604 3908	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/27 15:16:53.0698 3908	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/27 15:16:53.0761 3908	usbaudio        (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/04/27 15:16:53.0917 3908	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/27 15:16:53.0948 3908	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/27 15:16:53.0995 3908	usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/27 15:16:54.0058 3908	usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/27 15:16:54.0214 3908	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/27 15:16:54.0276 3908	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/27 15:16:54.0370 3908	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/27 15:16:54.0479 3908	usbser          (a96191470581a7091420d25ecd444502) C:\Windows\system32\drivers\usbser.sys
2011/04/27 15:16:54.0651 3908	UsbserFilt      (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/27 15:16:54.0683 3908	USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/27 15:16:54.0761 3908	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/27 15:16:54.0870 3908	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/27 15:16:54.0917 3908	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/27 15:16:55.0136 3908	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/27 15:16:55.0198 3908	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/27 15:16:55.0292 3908	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/04/27 15:16:55.0323 3908	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/27 15:16:55.0573 3908	volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/04/27 15:16:55.0651 3908	volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/04/27 15:16:55.0698 3908	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/27 15:16:55.0839 3908	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/27 15:16:55.0901 3908	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:16:55.0917 3908	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/27 15:16:56.0058 3908	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/27 15:16:56.0214 3908	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/27 15:16:56.0401 3908	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/27 15:16:56.0479 3908	WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/27 15:16:56.0589 3908	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/27 15:16:56.0698 3908	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/27 15:16:56.0761 3908	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/27 15:16:56.0870 3908	================================================================================
2011/04/27 15:16:56.0870 3908	Scan finished
2011/04/27 15:16:56.0870 3908	================================================================================
Unhide habe ich, wie im Anfangsbeitrga bereits geschrieben, schon ausgeführt.

Alt 27.04.2011, 14:42   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.04.2011, 17:54   #9
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Combofix Logfile:
Code:
ATTFilter
ComboFix 11-04-26.05 - Ziemann 27.04.2011  18:43:14.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.3071.2162 [GMT 2:00]
ausgeführt von:: c:\users\Ziemann\Desktop\CombFi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\miccyhook.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-03-27 bis 2011-04-27  ))))))))))))))))))))))))))))))
.
.
2011-04-27 16:48 . 2011-04-27 16:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-26 18:34 . 2011-04-26 18:34	--------	d-----w-	C:\_OTL
2011-04-26 17:13 . 2011-04-26 17:13	--------	d-----w-	c:\program files\Common Files\Java
2011-04-26 17:11 . 2011-04-26 17:11	472808	----a-w-	c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-04-26 17:11 . 2011-04-26 17:11	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-04-26 17:10 . 2011-04-26 17:10	--------	d-----w-	c:\program files\Java
2011-04-26 06:21 . 2011-04-11 07:04	7071056	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{99B2FF0D-FCCA-464B-AFCB-68748C6890E5}\mpengine.dll
2011-04-24 14:19 . 2011-04-24 14:19	--------	d-----w-	c:\users\Ziemann\AppData\Roaming\Malwarebytes
2011-04-24 14:19 . 2010-12-20 16:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-24 14:19 . 2011-04-24 14:19	--------	d-----w-	c:\programdata\Malwarebytes
2011-04-24 14:19 . 2011-04-24 14:19	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-04-24 14:19 . 2010-12-20 16:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-04-15 06:00 . 2011-03-03 12:53	2040832	----a-w-	c:\windows\system32\win32k.sys
2011-04-15 06:00 . 2011-02-16 15:35	430080	----a-w-	c:\windows\system32\vbscript.dll
2011-04-15 06:00 . 2011-03-03 15:00	738816	----a-w-	c:\windows\system32\inetcomm.dll
2011-04-15 06:00 . 2011-03-03 10:49	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-04-08 10:06 . 2011-04-08 10:06	--------	d-----w-	c:\program files\Clarus
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-03 07:25	222080	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13584928]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 92704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-06 6707744]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Ziemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFGuage.exe [2011-4-8 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2011-4-8 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFTimerD.exe [2011-4-8 102400]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Scanner Finder.lnk - c:\scanwizard 5\ScannerFinder.exe [2008-7-10 339968]
Wireless LAN Utility.lnk - c:\program files\LevelOne WNC-0301\WlanCU.exe [2007-10-19 417792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2008-10-07 12:33	612896	----a-w-	c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-17 08:22	202256	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-808143684-1996383929-3073386593-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9896bc802fc7;Google Update Service (gupdate1c9896bc802fc7);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 133104]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2007-12-20 4352]
R3 DT T-Sinus 130data(R);DT T-Sinus 130data(R) Service for T-Sinus 130data;c:\windows\system32\DRIVERS\dtusbxp.sys [2003-05-26 95861]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys [2007-12-20 401920]
R3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
R3 pgsmbus;Philips DF2000 GSM Handset Composite Device driver (WDM);c:\windows\system32\DRIVERS\pgsmbus.sys [2006-04-06 58448]
R3 pgsmmdfl;Philips DF2000 GSM Handset Modem Filter;c:\windows\system32\DRIVERS\pgsmmdfl.sys [2006-04-06 8336]
R3 pgsmmdm;Philips DF2000 GSM Handset Modem Drivers;c:\windows\system32\DRIVERS\pgsmmdm.sys [2006-04-06 93968]
R3 RTL85n86;LevelOne WNC-0301 11g Wireless PCI Card Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2007-03-13 354816]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2009-10-01 1858144]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - klmd25
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-08 c:\windows\Tasks\1-Klick-Wartung.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 14:09]
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 21:28]
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 21:28]
.
2011-04-27 c:\windows\Tasks\User_Feed_Synchronization-{C42FFE37-96F3-42C2-A8DA-888F1ED50969}.job
- c:\windows\system32\msfeedssync.exe [2008-06-03 07:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
IE: Free YouTube to MP3 Converter - c:\users\Ziemann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: {25355B25-3919-44B4-B2BD-A99ABA9871C9} = 217.0.43.145,217.0.43.129
TCP: {7CBBA345-C44C-4178-BF04-352CD560BF30} = 192.168.1.1
FF - ProfilePath - c:\users\Ziemann\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\
FF - prefs.js: browser.startup.homepage - hxxp://forum.waffen-online.de/
FF - prefs.js: keyword.URL - hxxp://
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Skytel - Skytel.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-04-27 18:48
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-808143684-1996383929-3073386593-1000\Software\SecuROM\License information*]
"datasecu"=hex:99,e6,cf,b9,c0,f1,98,4d,27,c8,37,17,fd,58,83,c2,df,e1,45,df,80,
   bc,36,cc,3a,80,d6,63,fa,92,7c,02,2b,f3,83,f0,88,43,b1,df,65,fc,3e,c1,19,48,\
"rkeysecu"=hex:25,a1,96,2a,02,f1,2d,14,7b,1b,2d,d7,2e,55,c7,70
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-04-27  18:51:05
ComboFix-quarantined-files.txt  2011-04-27 16:51
.
Vor Suchlauf: 30 Verzeichnis(se), 50.542.231.552 Bytes frei
Nach Suchlauf: 32 Verzeichnis(se), 49.922.961.408 Bytes frei
.
- - End Of File - - 21838AF2CA8C679C8266EE38247122C6
--- --- ---
Alt 27.04.2011, 18:44   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.04.2011, 19:21   #11
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Code:
ATTFilter
OSAM Logfile:


	
Code: 

 
ATTFilter


  

	
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 20:19:24 on 27.04.2011

OS: Windows Vista Home Premium Edition Service Pack 1 (Build 6001), 32-bit
Default Browser: Mozilla Corporation Firefox 3.5.6

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Program Files\TuneUp Utilities 2008\OneClick.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"PhysX.cpl" - "NVIDIA Corporation" - C:\Windows\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"NokiaConnectionManager" - "Nokia" - C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ASPI32" (ASPI32) - ? - C:\Windows\system32\drivers\ASPI32.sys  (File not found)
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"AVM Eject" (avmeject) - "AVM Berlin" - C:\Windows\System32\drivers\avmeject.sys
"catchme" (catchme) - ? - C:\Users\Ziemann\AppData\Local\Temp\catchme.sys  (File not found)
"DT T-Sinus 130data(R) Service for T-Sinus 130data" (DT T-Sinus 130data(R)) - "Deutsche Telekom" - C:\Windows\System32\DRIVERS\dtusbxp.sys
"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)
"giveio" (giveio) - ? - C:\Windows\System32\giveio.sys  (File found, but it contains no detailed information)
"GMSIPCI" (GMSIPCI) - ? - D:\INSTALL\GMSIPCI.SYS  (File not found)
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"mbr" (mbr) - ? - C:\CombFi\mbr.sys  (Hidden registry entry, rootkit activity | File not found)
"Philips DF2000 GSM Handset Composite Device driver (WDM)" (pgsmbus) - "MCCI" - C:\Windows\System32\DRIVERS\pgsmbus.sys
"Philips DF2000 GSM Handset Modem Drivers" (pgsmmdm) - "MCCI" - C:\Windows\System32\DRIVERS\pgsmmdm.sys
"Philips DF2000 GSM Handset Modem Filter" (pgsmmdfl) - "MCCI" - C:\Windows\System32\DRIVERS\pgsmmdfl.sys
"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys
"RT73 USB Wireless LAN Card Driver" (RT73) - ? - C:\Windows\System32\DRIVERS\rt73.sys  (File not found)
"speedfan" (speedfan) - "Windows (R) 2000 DDK provider" - C:\Windows\System32\speedfan.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{C51721BE-858B-4A66-A8BF-D2882FF49820} "MRLMimeFilter Class" - "YAMAHA CORPORATION" - C:\Program Files\Common Files\A&W\MidRadio.ocx
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\Windows\System32\uxtuneup.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
"ICQ6" - "ICQ, Inc." - C:\Program Files\ICQ6\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Ziemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Samsung Auto Backup Guage.lnk" - "Clarus, Inc." - C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe  (Shortcut exists | File exists)
"Samsung Auto Backup Real-Time Daemon.lnk" - "Clarus, Inc." - C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe  (Shortcut exists | File exists)
"Samsung Auto Backup Scheduler.lnk" - "Clarus, Inc." - C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Scanner Finder.lnk" - ? - C:\ScanWizard 5\ScannerFinder.exe  (Shortcut exists | File exists)
"Wireless LAN Utility.lnk" - ? - C:\Program Files\LevelOne WNC-0301\WlanCU.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"PC Suite Tray" - "Nokia" - "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"LogMeIn Hamachi Ui" - "LogMeIn Inc." - "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"SUGE1 Langmon" - ? - C:\Windows\system32\suge1l3.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"a-squared Free Service" (a2free) - "Emsi Software GmbH" - C:\Program Files\a-squared Free\a2service.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Google Update Service (gupdate1c9896bc802fc7)" (gupdate1c9896bc802fc7) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"LogMeIn Hamachi 2.0 Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - ? - C:\Windows\ZMATRI~1.SCR  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===
         
 
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows Vista Home Premium Edition
Windows Information:		Service Pack 1 (build 6001), 32-bit
Base Board Manufacturer:	MICRO-STAR INTERNATIONAL CO.,LTD
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		MICRO-STAR INTERNATIONAL CO.,LTD
System Product Name:		MS-7360
Logical Drives Mask:		0x000003fd

Kernel Drivers (total 146):
  0x8284C000 \SystemRoot\system32\ntoskrnl.exe
  0x82819000 \SystemRoot\system32\hal.dll
  0x8A80E000 \SystemRoot\system32\kdcom.dll
  0x8A816000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x8A876000 \SystemRoot\system32\PSHED.dll
  0x8A887000 \SystemRoot\system32\BOOTVID.dll
  0x8A88F000 \SystemRoot\system32\CLFS.SYS
  0x8A8D0000 \SystemRoot\system32\CI.dll
  0x8A9B0000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8AA21000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8AA2F000 \SystemRoot\system32\drivers\acpi.sys
  0x8AA75000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8AA7E000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8AA86000 \SystemRoot\system32\drivers\pci.sys
  0x8AAAD000 \SystemRoot\System32\drivers\partmgr.sys
  0x8AABC000 \SystemRoot\system32\drivers\volmgr.sys
  0x8AACB000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8AB15000 \SystemRoot\system32\drivers\pciide.sys
  0x8AB1C000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8AB2A000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8AB3A000 \SystemRoot\system32\drivers\atapi.sys
  0x8AB42000 \SystemRoot\system32\drivers\ataport.SYS
  0x8AB60000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8AB92000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8AC00000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8AC71000 \SystemRoot\system32\drivers\ndis.sys
  0x8AD7C000 \SystemRoot\system32\drivers\msrpc.sys
  0x8ADA7000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8ADE1000 \SystemRoot\System32\drivers\tcpip.sys
  0x8AECA000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8AEE5000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8ABA2000 \SystemRoot\system32\drivers\volsnap.sys
  0x8AFF4000 \SystemRoot\System32\Drivers\spldr.sys
  0x8AFFC000 \SystemRoot\system32\speedfan.sys
  0x8ABDB000 \SystemRoot\System32\Drivers\mup.sys
  0x8AFFE000 \SystemRoot\system32\giveio.sys
  0x8B00D000 \SystemRoot\System32\drivers\ecache.sys
  0x8B034000 \SystemRoot\system32\drivers\disk.sys
  0x8B045000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8B066000 \SystemRoot\system32\drivers\crcdisk.sys
  0x8B08F000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x8B09A000 \SystemRoot\system32\DRIVERS\tunmp.sys
  0x8B0A3000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x8FC01000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x9030B000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x903AA000 \SystemRoot\System32\drivers\watchdog.sys
  0x903B7000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0x903C2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x8B0B2000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x8B0C1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x8B0D3000 \SystemRoot\system32\drivers\Afc.sys
  0x8B0DB000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x8B0F3000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
  0x8B108000 \SystemRoot\system32\DRIVERS\serial.sys
  0x8B122000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x8B12C000 \SystemRoot\system32\DRIVERS\fdc.sys
  0x8B137000 \SystemRoot\system32\DRIVERS\parport.sys
  0x8B14F000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x8B162000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x8B16D000 \SystemRoot\system32\DRIVERS\msiscsi.sys
  0x8B19B000 \SystemRoot\system32\DRIVERS\storport.sys
  0x8B1DC000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8B1E7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x8B1FE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x8B209000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x8B22C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x8B23B000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x8B24F000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x8B264000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x8B274000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x8B27F000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x8B281000 \SystemRoot\system32\DRIVERS\ks.sys
  0x8B2AB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x8B2B5000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x8B2C2000 \SystemRoot\System32\drivers\vga.sys
  0x8B2CE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8B2EF000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x8B2FE000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x8B332000 \SystemRoot\system32\DRIVERS\flpydisk.sys
  0x8B33C000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x93C06000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x93E2D000 \SystemRoot\system32\drivers\portcls.sys
  0x93E5A000 \SystemRoot\system32\drivers\drmk.sys
  0x93E7F000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0x93E88000 \SystemRoot\System32\Drivers\Null.SYS
  0x93E8F000 \SystemRoot\System32\Drivers\Beep.SYS
  0x93E96000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x93E9E000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x93EA6000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x93EB1000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x93EBF000 \SystemRoot\System32\DRIVERS\rasacd.sys
  0x93EC8000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x93EDE000 \SystemRoot\system32\DRIVERS\smb.sys
  0x93EF2000 \SystemRoot\system32\drivers\afd.sys
  0x93F3A000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x93F6C000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x93F82000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x93F90000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x93FA3000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x93FA9000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x93FE5000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x8B34D000 \SystemRoot\System32\Drivers\dfsc.sys
  0x8B364000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x93FEF000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
  0x93FF1000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x8B380000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x8B390000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x93FFA000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x8B397000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x8B39F000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x8B3AC000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x8B3B7000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x8B3BF000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
  0x9C430000 \SystemRoot\System32\win32k.sys
  0x8B3D1000 \SystemRoot\System32\drivers\Dxapi.sys
  0x9C650000 \SystemRoot\System32\TSDDD.dll
  0x9C670000 \SystemRoot\System32\cdd.dll
  0x8B3DB000 \SystemRoot\system32\drivers\luafv.sys
  0x8B06F000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x9F004000 \SystemRoot\system32\drivers\WudfPf.sys
  0x9F026000 \SystemRoot\system32\drivers\spsys.sys
  0x9F0D5000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x9F0E5000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x9F10F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x9F119000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x9F12C000 \SystemRoot\System32\Drivers\fastfat.SYS
  0x9F154000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x9F15D000 \SystemRoot\system32\drivers\HTTP.sys
  0x9F1CA000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x9F1E7000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x9F200000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x9F215000 \SystemRoot\system32\drivers\mrxdav.sys
  0x9F235000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x9F254000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x9F28D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x9F2A5000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x9F2CD000 \SystemRoot\System32\DRIVERS\srv.sys
  0x9F31C000 \SystemRoot\system32\DRIVERS\parvdm.sys
  0xA7000000 \SystemRoot\system32\drivers\peauth.sys
  0xA70DE000 \SystemRoot\System32\Drivers\secdrv.SYS
  0xA70E8000 \SystemRoot\System32\drivers\tcpipreg.sys
  0xA70F4000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0xA7115000 \SystemRoot\system32\DRIVERS\cdfs.sys
  0xA713D000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
  0xA713F000 \??\C:\Users\Ziemann\AppData\Local\Temp\catchme.sys
  0x77250000 \Windows\System32\ntdll.dll

Processes (total 60):
       0 System Idle Process
       4 System
     440 C:\Windows\System32\smss.exe
     572 csrss.exe
     612 C:\Windows\System32\wininit.exe
     620 csrss.exe
     656 C:\Windows\System32\services.exe
     668 C:\Windows\System32\lsass.exe
     676 C:\Windows\System32\lsm.exe
     840 C:\Windows\System32\svchost.exe
     848 C:\Windows\System32\winlogon.exe
     928 C:\Windows\System32\nvvsvc.exe
     956 C:\Windows\System32\svchost.exe
    1008 C:\Windows\System32\svchost.exe
    1088 C:\Windows\System32\svchost.exe
    1128 C:\Windows\System32\svchost.exe
    1144 C:\Windows\System32\svchost.exe
    1256 C:\Windows\System32\audiodg.exe
    1288 C:\Windows\System32\SLsvc.exe
    1388 C:\Windows\System32\svchost.exe
    1580 C:\Windows\System32\svchost.exe
    1804 C:\Windows\System32\dwm.exe
    1884 C:\Windows\System32\spoolsv.exe
    1908 C:\Program Files\Avira\AntiVir Desktop\sched.exe
    1924 C:\Windows\System32\svchost.exe
    1948 C:\Windows\System32\taskeng.exe
     484 C:\Windows\System32\taskeng.exe
    2124 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    2132 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    2288 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    2396 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    2408 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    2416 C:\Program Files\Windows Media Player\wmpnscfg.exe
    2456 C:\ScanWizard 5\ScannerFinder.exe
    2500 C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
    2516 C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
    2612 C:\Program Files\a-squared Free\a2service.exe
    2688 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    2764 C:\Windows\System32\svchost.exe
    2828 C:\Windows\System32\svchost.exe
    3064 C:\Windows\System32\svchost.exe
    3104 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    3120 C:\Windows\System32\SearchIndexer.exe
    3304 WUDFHost.exe
    3452 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    3636 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3796 C:\Windows\System32\mobsync.exe
     476 C:\Windows\System32\wbem\unsecapp.exe
    3624 WmiPrvSE.exe
    1216 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    2068 C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    2092 C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    1800 C:\Windows\System32\sdclt.exe
    3392 C:\Windows\System32\svchost.exe
    3880 C:\Windows\System32\conime.exe
    4040 C:\Windows\explorer.exe
    2268 C:\Windows\System32\wuauclt.exe
    2312 C:\Program Files\Mozilla Firefox\firefox.exe
    1540 C:\Program Files\Windows Mail\WinMail.exe
    2028 C:\Users\Ziemann\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)

PhysicalDrive1 Model Number: ST3250310AS, Rev: 3.AAC   
PhysicalDrive0 Model Number: WDCWD800BB-00CAA1, Rev: 17.07W17

      Size  Device Name          MBR Status
  --------------------------------------------
    232 GB  \\.\PhysicalDrive1   Windows 2008 MBR code detected
            SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
     74 GB  \\.\PhysicalDrive0   Windows XP MBR code detected
            SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

Alt 27.04.2011, 19:36   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.04.2011, 20:29   #13
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6464

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

28.04.2011 19:03:36
mbam-log-2011-04-28 (19-03-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 335048
Laufzeit: 1 Stunde(n), 9 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter
SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 04/28/2011 bei 09:05 PM

Version der Applikation : 4.51.1000

Version der Kern-Datenbank : 6944
Version der Spur-Datenbank : 4756

Scan Art       : kompletter Scann
Totale Scann-Zeit : 01:56:41

Gescannte Speicherelemente  : 617
Erfasste Speicher-Bedrohungen  : 0
Gescannte Register-Elemente  : 8446
Erfasste Register-Bedrohungen  : 0
Gescannte Datei-Elemente     : 197618
Erfasste Datei-Elemente   : 0

Alt 28.04.2011, 20:53   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Keine Funde!
Rechner wieder ok?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.04.2011, 21:01   #15
CombatWombat
 
Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Standard

Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


Alles gut!

VIELEN VIELEN DANK FÜR EURE HILFE.

Wie kann ich dieses Board unterstützen?

Antwort
Seite 1 von 2 1 2

Themen zu Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....
alternate, autorun, avgntflt.sys, avira, bho, black, call of duty, canon, ccsetup, conduit, defender, device driver, disabletaskmgr, error, excel, flash player, format, google, google earth, grand theft auto, home, iexplore.exe, install.exe, location, mozilla, mp3, nvlddmkm.sys, oldtimer, plug-in, realtek, registry, rundll, saver, searchplugins, security, server, shell32.dll, shortcut, sketchup, software, start menu, system, tcp, trojan.fakeav, udp, usb, vista, wma, world at war


« tr/kazy.20156 - drwtsn.exe/explorer.exe stürzen ab - kaspersky registriert downloads | Festplatten-Fehlermeldungen, Desktop schwarz, Dateien verschwunden, wohl auch TR/Kazy.mekml.1 »


Ähnliche Themen: Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....


  1. Nach Befall von TR/Kazy.mekml.1 alles wieder sauber?
    Log-Analyse und Auswertung - 27.05.2011 (59)
  2. kazy.mekml.1 auch bei mir :(
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (69)
  3. tr/kazy.mekml.1 leider auch bei mir
    Log-Analyse und Auswertung - 07.05.2011 (16)
  4. Hab mir auch den TR/Kazy.mekml.1 eingefangen
    Plagegeister aller Art und deren Bekämpfung - 06.05.2011 (23)
  5. TR/Kazy.mekml.1 --> ist wirklich alles wieder in ordnung?
    Log-Analyse und Auswertung - 05.05.2011 (16)
  6. Kazy mekml 1 schon gelöscht aber.......
    Log-Analyse und Auswertung - 04.05.2011 (14)
  7. Auch bei mir TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 02.05.2011 (34)
  8. Trojaner TR/Kazy.mekml.1 und auch bei mir...
    Log-Analyse und Auswertung - 01.05.2011 (9)
  9. kazy.mekml.1 auch bei mir , ich bin auch dabei
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (13)
  10. Kazy.mekml.1 mich hat er auch
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (14)
  11. Hab auch den TR/Kazy.mekml.1 eingeholt
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (11)
  12. Trojanisches Pferd Kazy mekml 1 ( Windows 7 schon neu aufgesetzt) Berechtigungen ?
    Log-Analyse und Auswertung - 27.04.2011 (6)
  13. TR/kazy.mekml.1 Problem-Reporte schon erstellt
    Log-Analyse und Auswertung - 26.04.2011 (13)
  14. TR/Kazy.mekml.1 jetzt auch bei mir!
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  15. KaZy.Mekml.1 , auch ich ...
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (9)
  16. Trojaner Kazy.mekml.1 OTL-File schon erstellt
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (5)
  17. TR/Kazy.mekml.1 - Hab schon die OTL logfiles, wie komme ich weiter
    Log-Analyse und Auswertung - 22.04.2011 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... - Hallo liebe Spezialisten Ich habe mir auch diesen /TRKazy.mekml.1 eingefangen. Habe mbam.exe drüberlaufen lassen OTL ist auch fertig Logfiles von Ccleaner mit unhide.exe die Ordner wieder sichtbar gemacht Hier die - Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.......
Archiv
Du betrachtest: Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132