Trojaner-Board - Gema-Trojaner und weitere Funde

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Gema-Trojaner und weitere Funde (https://www.trojaner-board.de/105180-gema-trojaner-funde.html)

Gema-Trojaner und weitere Funde

Hallo,

ich habe den Laptop von meiner Tante bekommen um diesen wieder zum laufen zu bekommen.

Der Gema-Trojaner hatte den Zugriff darauf blockiert. Mit Hilfe der Norton Bootable Recovery Toools CD bin ich wieder rein gekommen.

Das erste was ich festgestellt habe, war das komplette Fehlen einer Antiviren-Softare. Daraufhin habe ich Avira-Free installieren wollen. Diese meldete mir, daß ich zuerst Norton Internet Security deinstallieren müsste. Norton war aber nicht in der installierten Software vorhanen. Daher habe ich mit CC-Cleaner die Registry bereinigt (Log vorhanden falls benötigt) und Avira dann installiert.

Daraufhin wurden von Avira einige Treffer gemeldet, die dann gelöscht wurden. (Logs vorhanden falls benötigt)

Zitat:

Die Datei 'C:\Windows\System32\config\systemprofile\AppData\Local\keraipx.dll'
enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

Die Datei 'C:\Windows\Temp\gwqhhc\setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Proxy.Sefbov.E.22' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

In der Datei 'C:\Users\Brigitte\M-1-52-5782-8752-5245\winsvc .exe'
wurde ein Virus oder unerwünschtes Programm 'WORM/Phorpiex.B.41' [worm] gefunden.
Ausgeführte Aktion: Zugriff verweigern

In der Datei 'C:\Users\Brigitte\M-1-54-6324-575-5275\winsvc .exe'
wurde ein Virus oder unerwünschtes Programm 'WORM/Phorpiex.B.1' [worm] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Die Datei 'C:\Users\Brigitte\M-1-52-5782-8752-5245\winsvc .exe'
enthielt einen Virus oder unerwünschtes Programm 'WORM/Phorpiex.B.41' [worm].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a50a2e7.qua' verschoben!

Die Datei 'C:\Users\Brigitte\M-1-54-6324-575-5275\winsvc .exe'
enthielt einen Virus oder unerwünschtes Programm 'WORM/Phorpiex.B.1' [worm].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a64bcb8.qua' verschoben!

Auf Grund der fehlenden Antiviren-Software und der vielen Funde habe ich mich dann an dieses tolle Forum erinnert. Hoffentlich nicht zu spät.

Der Laptop wird nur zum spielen, surfen, Bildbearbeitung und Musikverwaltung genutzt. Onlienbanking und ähnliches wird nicht gemacht. Seht ihr hier noch Rettungschancen oder muß ich in den sauren Apfel beißen und neu installieren?

Vielen Dank schon mal vorab.

Zitat:

OTL logfile created on: 17.11.2011 15:21:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brigitte\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,14% Memory free
6,19 Gb Paging File | 5,22 Gb Available in Paging File | 84,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,76 Gb Free Space | 51,42% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 221,00 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

Computer Name: BrigitteSPC | User Name: Brigitte | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.17 15:18:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe
PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.27 21:34:02 | 000,894,304 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.09 23:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.10.21 17:57:30 | 000,307,200 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\DVMExportService.exe
PRC - [2008.07.10 01:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.19 20:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008.06.04 01:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008.02.01 23:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.12.04 18:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.12 05:44:28 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe
PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2005.01.21 16:44:06 | 000,065,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\MrobeService.exe

========== Modules (No Company Name) ==========

MOD - [2008.10.24 14:13:01 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2008.10.21 17:57:30 | 000,307,200 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\DVMExportService.exe -- (MDES)
SRV - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2005.01.21 16:44:06 | 000,065,536 | ---- | M] (OLYMPUS IMAGING CORP.) [Auto | Running] -- C:\Windows\System32\MrobeService.exe -- (MrobeService)

========== Driver Services (SafeList) ==========

DRV - [2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.10.24 17:16:31 | 004,017,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 18:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2008.05.02 09:07:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2008.04.27 19:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.27 20:45:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010.01.04 16:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions
[2010.01.04 16:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

========== Chrome ==========

Hosts file not found
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe Reader) - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Brigitte\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISUSScheduler] -start File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] MSRun File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1250BE79-04B2-47E0-8C54-ED163386EFEA}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\keraipx: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {tkILaiAG-Z968-IeXL-outj-7zkVqmn5RUHY} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.17 19:49:51 | 000,000,000 | ---D | C] -- C:\NBRT
[2011.11.17 15:18:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe
[2011.11.17 15:05:13 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2011.11.17 14:18:50 | 000,000,000 | ---D | C] -- C:\Users\Brigitte\AppData\Roaming\Avira
[2011.11.17 14:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.11.17 14:13:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.11.17 14:13:40 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.11.17 14:13:40 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.11.17 14:13:40 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.11.17 14:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.11.17 14:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.11.17 14:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.11.17 14:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.11.14 18:57:36 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll
[2011.11.13 20:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
[2011.11.13 20:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\DEUTSCHLAND SPIELT
[2011.11.13 20:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\OXXOGames
[2011.11.13 20:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills
[2011.11.07 19:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
[2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2011.11.17 15:21:04 | 000,000,921 | ---- | M] () -- C:\Users\Brigitte\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.website
[2011.11.17 15:18:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe
[2011.11.17 15:13:24 | 000,623,904 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.17 15:13:24 | 000,591,854 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.17 15:13:24 | 000,123,918 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.17 15:13:24 | 000,102,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.17 15:06:11 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.17 15:05:01 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011.11.17 15:04:50 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.17 15:04:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.17 15:04:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.17 15:04:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.17 15:04:30 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.17 14:52:39 | 000,000,000 | ---- | M] () -- C:\Users\Brigitte\defogger_reenable
[2011.11.17 14:50:46 | 000,050,477 | ---- | M] () -- C:\Users\Brigitte\Desktop\Defogger.exe
[2011.11.17 14:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011.11.17 14:14:00 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.17 14:09:51 | 000,143,458 | ---- | M] () -- C:\Users\Brigitte\Documents\registry_backup_17_11_2011.reg
[2011.11.14 18:57:36 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll
[2011.11.14 18:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011.11.13 21:41:03 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011.11.13 21:19:25 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\GAME CENTER.lnk
[2011.11.13 21:19:24 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Mini Golf Pro.lnk
[2011.11.13 21:16:43 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\3D Pool Billiard.lnk
[2011.11.13 20:43:55 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Super Puzzle.lnk
[2011.11.13 20:41:06 | 000,001,031 | ---- | M] () -- C:\Users\Brigitte\Desktop\Rune of Fate.lnk
[2011.11.13 20:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011.11.13 19:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011.11.13 17:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011.11.13 15:41:07 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011.11.13 15:17:52 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011.11.12 23:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011.11.06 22:59:15 | 000,373,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.06 22:51:03 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.11.06 22:51:03 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.11.06 22:50:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.11.06 22:41:04 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011.11.06 00:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011.11.02 20:07:32 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys

========== Files Created - No Company Name ==========

[2011.11.17 14:52:39 | 000,000,000 | ---- | C] () -- C:\Users\Brigitte\defogger_reenable
[2011.11.17 14:52:02 | 000,000,921 | ---- | C] () -- C:\Users\Brigitte\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.website
[2011.11.17 14:50:46 | 000,050,477 | ---- | C] () -- C:\Users\Brigitte\Desktop\Defogger.exe
[2011.11.17 14:14:00 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.17 14:09:43 | 000,143,458 | ---- | C] () -- C:\Users\Brigitte\Documents\registry_backup_17_11_2011.reg
[2011.11.17 10:11:42 | 3220,463,616 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.13 21:16:43 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\3D Pool Billiard.lnk
[2011.11.13 20:48:03 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Mini Golf Pro.lnk
[2011.11.13 20:43:56 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\GAME CENTER.lnk
[2011.11.13 20:43:55 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Super Puzzle.lnk
[2011.11.13 20:41:06 | 000,001,031 | ---- | C] () -- C:\Users\Brigitte\Desktop\Rune of Fate.lnk
[2011.11.06 22:50:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.11.06 20:43:34 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.09.20 18:17:32 | 000,000,112 | ---- | C] () -- C:\ProgramData\rp6acykG.dat
[2010.08.11 19:25:49 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.01.11 19:46:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.01.11 19:46:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.02 18:12:02 | 000,014,848 | ---- | C] () -- C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.18 20:39:42 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.09.18 19:24:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2009.04.11 10:45:16 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro .exe
[2009.04.11 10:45:06 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog .exe
[2009.04.11 10:15:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.04.11 09:52:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.28 22:16:00 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008.10.24 14:13:01 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.10.24 13:36:05 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.10.21 04:39:59 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008.10.21 04:39:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008.08.14 05:42:21 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.08.11 03:14:11 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.05.12 04:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.04.16 12:11:34 | 000,623,904 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,123,918 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.08.06 18:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,373,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,591,854 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,102,126 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2009.10.02 18:19:31 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\EleFun Games
[2010.08.19 18:53:37 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\FreeAudioPack
[2010.03.23 16:08:14 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\OLYMPUS
[2010.01.04 16:17:46 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Thunderbird
[2009.09.18 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Zylom
[2011.09.19 19:41:23 | 000,000,224 | ---- | M] () -- C:\Windows\Tasks\1c6bbdb0.job
[2011.11.06 00:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.09.20 18:41:33 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011.09.20 18:41:33 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011.09.20 18:41:33 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011.09.20 18:41:33 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011.09.20 18:41:33 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011.11.17 14:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011.11.13 15:41:07 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2011.11.13 17:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2011.11.14 18:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011.11.13 19:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2011.11.13 20:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2011.11.13 21:41:03 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2011.11.06 22:41:04 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2011.11.12 23:40:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011.09.20 18:41:34 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2011.11.17 14:57:53 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2009.09.18 19:38:15 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.09.19 18:19:35 | 000,000,000 | -H-D | M] -- C:\ASUS.DAT
[2009.04.11 10:57:12 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2011.09.02 21:40:29 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.09.18 19:10:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.11.17 15:05:13 | 000,000,000 | -H-D | M] -- C:\dvmexp
[2010.03.23 20:07:08 | 000,000,000 | ---D | M] -- C:\Free WMA MP3 Converter
[2009.04.11 09:25:59 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.11.17 22:06:30 | 000,000,000 | ---D | M] -- C:\NBRT
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2010.08.11 18:51:25 | 000,000,000 | ---D | M] -- C:\Program Brigitte
[2011.11.17 14:13:39 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.17 14:13:39 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.10.02 19:26:13 | 000,000,000 | ---D | M] -- C:\Programme
[2011.11.17 15:23:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.11.17 15:05:13 | 000,000,000 | -H-D | M] -- C:\temp
[2009.09.18 19:24:08 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.17 14:34:18 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >

< MD5 for: EXPLORER.EXE >
[2009.04.11 10:04:38 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.11 10:04:38 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.11 10:04:38 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.11 10:04:38 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WININIT.EXE >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-17 13:57:48

< End of report >

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hallo Arne,

vielen Dank für deine Hilfe. Hier die Logfiles:

Zitat:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8187

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

18.11.2011 14:27:05
mbam-log-2011-11-18 (14-26-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 336496
Laufzeit: 1 Stunde(n), 48 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Brigitte\m-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> No action taken.

Infizierte Dateien:
c:\Users\Brigitte\Music\Musik B\MUSIK\stress.exe (Joke.Stressreducer) -> No action taken.
c:\Users\Brigitte\Spiele\spiele klaus\stress.exe (Joke.Stressreducer) -> No action taken.
c:\Windows\Fonts\b75y5eg5e.com_ (Spyware.Passwords.XGen) -> No action taken.
c:\Users\Brigitte\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> No action taken.

Zitat:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=f46fc5e54066ec46b9d48d51dadd7bb9
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-18 03:07:52
# local_time=2011-11-18 04:07:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 91189 91189 0 0
# compatibility_mode=5892 16776573 100 100 22217 159155936 0 0
# compatibility_mode=8192 67108863 100 0 3748 3748 0 0
# scanned=180378
# found=4
# cleaned=0
# scan_time=5663
C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Fonts\b75Y5eG5E.com_ a variant of Win32/Injector.JQV trojan (unable to clean) 00000000000000000000000000000000 I
${Memory} a variant of Win32/Adware.Toolbar.Dealio application 00000000000000000000000000000000 I

Zitat:

-> No action taken.

Die Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!

Hallo,

Malwarebytes scannt gerade nochmal, damit ich damit dann auch löschen kann. Oder geht das auch "von Hand"?

Soll ich den ESET danach auch nochmal laufen lassen?

Poste erstmal das neue Log von Malwarebytes.

OK,

hier das neue Log

Zitat:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8187

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

18.11.2011 19:10:18
mbam-log-2011-11-18 (19-10-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 336721
Laufzeit: 1 Stunde(n), 35 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Brigitte\m-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\Brigitte\Music\Musik B\MUSIK\stress.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
c:\Users\Brigitte\Spiele\spiele klaus\stress.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
c:\Windows\Fonts\b75y5eg5e.com_ (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Brigitte\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Quarantined and deleted successfully.

Ok, mach bitte ein neues OTL-Log:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hallo,

OTL.txt:

OTL Logfile:

Code:

OTL logfile created on: 18.11.2011 19:21:59 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Brigitte\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,96% Memory free

6,19 Gb Paging File | 5,15 Gb Available in Paging File | 83,20% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 120,46 Gb Free Space | 51,73% Space Free | Partition Type: NTFS

Drive D: | 221,16 Gb Total Space | 221,00 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

 

Computer Name: BRIGITTESPC | User Name: Brigitte | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.11.17 15:18:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe

PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.09.27 21:34:02 | 000,894,304 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

PRC - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe

PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.12.09 23:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

PRC - [2008.10.21 17:57:30 | 000,307,200 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\DVMExportService.exe

PRC - [2008.07.10 01:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe

PRC - [2008.06.19 20:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe

PRC - [2008.06.04 01:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe

PRC - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2008.02.01 23:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe

PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe

PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2007.12.04 18:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe

PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe

PRC - [2007.10.12 05:44:28 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe

PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe

PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe

PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

PRC - [2005.01.21 16:44:06 | 000,065,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\MrobeService.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2008.10.24 14:13:01 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll

MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll

MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)

SRV - [2008.10.21 17:57:30 | 000,307,200 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\DVMExportService.exe -- (MDES)

SRV - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2005.01.21 16:44:06 | 000,065,536 | ---- | M] (OLYMPUS IMAGING CORP.) [Auto | Running] -- C:\Windows\System32\MrobeService.exe -- (MrobeService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008.10.24 17:16:31 | 004,017,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008.08.11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)

DRV - [2008.05.29 18:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)

DRV - [2008.05.02 09:07:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)

DRV - [2008.04.27 19:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)

DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)

DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)

DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

 

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.27 20:45:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010.01.04 16:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions

[2010.01.04 16:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 
 ========== Chrome  ==========

 

 

Hosts file not found

O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe Reader) - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Brigitte\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [ISUSScheduler] -start File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [StartCCC] MSRun File not found

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1250BE79-04B2-47E0-8C54-ED163386EFEA}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\keraipx: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O24 - Desktop WallPaper: C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {tkILaiAG-Z968-IeXL-outj-7zkVqmn5RUHY} - 

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.11.18 19:18:10 | 000,000,000 | -H-D | C] -- C:\dvmexp

[2011.11.18 14:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011.11.18 12:25:45 | 000,000,000 | ---D | C] -- C:\Users\Brigitte\AppData\Roaming\Malwarebytes

[2011.11.18 12:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.11.18 12:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.11.18 12:25:20 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011.11.18 12:25:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011.11.17 19:49:51 | 000,000,000 | ---D | C] -- C:\NBRT

[2011.11.17 15:18:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe

[2011.11.17 14:18:50 | 000,000,000 | ---D | C] -- C:\Users\Brigitte\AppData\Roaming\Avira

[2011.11.17 14:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.11.17 14:13:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2011.11.17 14:13:40 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011.11.17 14:13:40 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2011.11.17 14:13:40 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys

[2011.11.17 14:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011.11.17 14:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2011.11.17 14:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.11.17 14:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.11.14 18:57:36 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll

[2011.11.13 20:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT

[2011.11.13 20:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\DEUTSCHLAND SPIELT

[2011.11.13 20:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\OXXOGames

[2011.11.13 20:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills

[2011.11.07 19:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater

[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot

[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar

[2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.11.18 19:18:33 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2011.11.18 19:18:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.11.18 19:18:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.11.18 19:18:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.11.18 19:17:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.11.18 19:17:52 | 3218,403,328 | -HS- | M] () -- C:\hiberfil.sys

[2011.11.18 19:08:08 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.11.18 19:07:49 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011.11.18 18:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job

[2011.11.18 17:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At18.job

[2011.11.18 16:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job

[2011.11.18 15:41:17 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At16.job

[2011.11.18 14:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job

[2011.11.18 13:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At14.job

[2011.11.18 12:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At13.job

[2011.11.18 12:23:45 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At12.job

[2011.11.18 12:23:45 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At11.job

[2011.11.18 10:02:57 | 000,000,921 | ---- | M] () -- C:\Users\Brigitte\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.website

[2011.11.18 10:02:01 | 000,001,063 | ---- | M] () -- C:\Users\Brigitte\Desktop\Gmer.zip

[2011.11.18 10:01:40 | 000,017,553 | ---- | M] () -- C:\Users\Brigitte\Desktop\Extras.zip

[2011.11.18 09:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At10.job

[2011.11.18 09:29:57 | 000,623,904 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.11.18 09:29:57 | 000,591,854 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.11.18 09:29:57 | 000,123,918 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.11.18 09:29:57 | 000,102,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.11.18 08:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At8.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At6.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At5.job

[2011.11.18 03:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At4.job

[2011.11.18 03:00:52 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job

[2011.11.18 02:12:57 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At22.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At24.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job

[2011.11.17 20:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job

[2011.11.17 20:22:35 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At20.job

[2011.11.17 16:01:06 | 000,302,592 | ---- | M] () -- C:\Users\Brigitte\Desktop\g4ws5333.exe

[2011.11.17 15:18:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brigitte\Desktop\OTL.exe

[2011.11.17 14:52:39 | 000,000,000 | ---- | M] () -- C:\Users\Brigitte\defogger_reenable

[2011.11.17 14:50:46 | 000,050,477 | ---- | M] () -- C:\Users\Brigitte\Desktop\Defogger.exe

[2011.11.17 14:14:00 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2011.11.17 14:09:51 | 000,143,458 | ---- | M] () -- C:\Users\Brigitte\Desktop\registry_backup_17_11_2011.reg

[2011.11.14 18:57:36 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll

[2011.11.13 21:19:25 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\GAME CENTER.lnk

[2011.11.13 21:19:24 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Mini Golf Pro.lnk

[2011.11.13 21:16:43 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\3D Pool Billiard.lnk

[2011.11.13 20:43:55 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Super Puzzle.lnk

[2011.11.13 20:41:06 | 000,001,031 | ---- | M] () -- C:\Users\Brigitte\Desktop\Rune of Fate.lnk

[2011.11.13 15:17:52 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI

[2011.11.06 22:59:15 | 000,373,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.11.06 22:51:03 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat

[2011.11.06 22:51:03 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat

[2011.11.06 22:50:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

 
 ========== Files Created - No Company Name ==========

 

[2011.11.18 10:02:01 | 000,001,063 | ---- | C] () -- C:\Users\Brigitte\Desktop\Gmer.zip

[2011.11.18 10:01:40 | 000,017,553 | ---- | C] () -- C:\Users\Brigitte\Desktop\Extras.zip

[2011.11.17 16:01:05 | 000,302,592 | ---- | C] () -- C:\Users\Brigitte\Desktop\g4ws5333.exe

[2011.11.17 14:52:39 | 000,000,000 | ---- | C] () -- C:\Users\Brigitte\defogger_reenable

[2011.11.17 14:52:02 | 000,000,921 | ---- | C] () -- C:\Users\Brigitte\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.website

[2011.11.17 14:50:46 | 000,050,477 | ---- | C] () -- C:\Users\Brigitte\Desktop\Defogger.exe

[2011.11.17 14:14:00 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2011.11.17 14:09:43 | 000,143,458 | ---- | C] () -- C:\Users\Brigitte\Desktop\registry_backup_17_11_2011.reg

[2011.11.17 10:11:42 | 3218,403,328 | -HS- | C] () -- C:\hiberfil.sys

[2011.11.13 21:16:43 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\3D Pool Billiard.lnk

[2011.11.13 20:48:03 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Mini Golf Pro.lnk

[2011.11.13 20:43:56 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\GAME CENTER.lnk

[2011.11.13 20:43:55 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Super Puzzle.lnk

[2011.11.13 20:41:06 | 000,001,031 | ---- | C] () -- C:\Users\Brigitte\Desktop\Rune of Fate.lnk

[2011.11.06 22:50:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2011.11.06 20:43:34 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI

[2011.09.20 18:17:32 | 000,000,112 | ---- | C] () -- C:\ProgramData\rp6acykG.dat

[2010.08.11 19:25:49 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010.01.11 19:46:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010.01.11 19:46:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.10.02 18:12:02 | 000,014,848 | ---- | C] () -- C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.09.18 20:39:42 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2009.09.18 19:24:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe

[2009.04.11 10:45:16 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro .exe

[2009.04.11 10:45:06 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog .exe

[2009.04.11 10:15:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009.04.11 09:52:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.10.28 22:16:00 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll

[2008.10.24 14:13:01 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008.10.24 13:36:05 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat

[2008.10.21 04:39:59 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe

[2008.10.21 04:39:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe

[2008.08.14 05:42:21 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2008.08.11 03:14:11 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys

[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll

[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg

[2008.05.12 04:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys

[2008.04.16 12:11:34 | 000,623,904 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2008.04.16 12:11:34 | 000,123,918 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini

[2007.08.06 18:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe

[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 13:47:37 | 000,373,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 11:33:01 | 000,591,854 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 11:33:01 | 000,102,126 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

 
 ========== LOP Check ==========

 

[2009.10.02 18:19:31 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\EleFun Games

[2010.08.19 18:53:37 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\FreeAudioPack

[2010.03.23 16:08:14 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\OLYMPUS

[2010.01.04 16:17:46 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Thunderbird

[2009.09.18 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Zylom

[2011.09.19 19:41:23 | 000,000,224 | ---- | M] () -- C:\Windows\Tasks\1c6bbdb0.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job

[2011.11.18 09:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At10.job

[2011.11.18 12:23:45 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At11.job

[2011.11.18 12:23:45 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At12.job

[2011.11.18 12:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At13.job

[2011.11.18 13:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At14.job

[2011.11.18 14:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At15.job

[2011.11.18 15:41:17 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At16.job

[2011.11.18 16:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At17.job

[2011.11.18 17:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At18.job

[2011.11.18 18:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At19.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At2.job

[2011.11.17 20:22:35 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At20.job

[2011.11.17 20:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At21.job

[2011.11.18 02:12:57 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At22.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At23.job

[2011.11.18 02:12:56 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At24.job

[2011.11.18 03:00:52 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job

[2011.11.18 03:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At4.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At5.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At6.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At7.job

[2011.11.18 08:19:37 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At8.job

[2011.11.18 08:41:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At9.job

[2011.11.18 19:17:03 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.02.03 14:19:29 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Adobe

[2010.04.02 10:38:48 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\AdobeReader

[2009.09.18 19:39:02 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\ATI

[2011.11.17 14:18:50 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Avira

[2009.09.20 20:18:37 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\CyberLink

[2009.10.02 18:19:31 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\EleFun Games

[2010.08.19 18:53:37 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\FreeAudioPack

[2009.09.18 19:52:16 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Google

[2009.09.18 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Identities

[2009.09.18 19:38:23 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Macromedia

[2011.11.18 12:25:45 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Malwarebytes

[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Media Center Programs

[2011.11.17 14:05:06 | 000,000,000 | --SD | M] -- C:\Users\Brigitte\AppData\Roaming\Microsoft

[2010.01.04 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Mozilla

[2010.03.23 16:08:14 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\OLYMPUS

[2009.12.27 20:21:38 | 000,000,000 | RH-D | M] -- C:\Users\Brigitte\AppData\Roaming\SecuROM

[2010.01.04 16:17:46 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Thunderbird

[2011.03.25 18:45:36 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\vlc

[2009.09.18 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Brigitte\AppData\Roaming\Zylom

 
 < %APPDATA%\*.exe /s >

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 <           >
 

< End of report >

--- --- ---
[/QUOTE]

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

PRC - [2011.09.27 21:34:02 | 000,894,304 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

PRC - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe

SRV - [2011.09.27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll (Spigot, Inc.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [StartCCC] MSRun File not found

O20 - Winlogon\Notify\keraipx: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

[2011.11.18 19:18:10 | 000,000,000 | -H-D | C] -- C:\dvmexp

[2011.11.17 19:49:51 | 000,000,000 | ---D | C] -- C:\NBRT

[2011.11.14 18:57:36 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll

[2011.11.07 19:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater

[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot

[2011.11.07 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar

[2011.11.18 19:18:33 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2011.09.19 19:41:23 | 000,000,224 | ---- | M] () -- C:\Windows\Tasks\1c6bbdb0.job

:Files

C:\Windows\tasks\At*.job

:Commands

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Neustart wurde durchgeführt. Nun bekomme ich die Fehlermeldung:

Zitat:

Avira In Product Messaging funktioniert nicht mehr

Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist.

Log von OTL:

Code:

All processes killed

========== OTL ==========

No active process named SearchSettings.exe was found!

Process ApplicationUpdater.exe killed successfully!

Service Application Updater stopped successfully!

Service Application Updater deleted successfully!

C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.

C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

File C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.

File C:\Program Files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\keraipx\ deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

C:\autoexec.bat moved successfully.

C:\dvmexp folder moved successfully.

C:\NBRT\VirusDef\newdefs-trigger folder moved successfully.

C:\NBRT\VirusDef folder moved successfully.

C:\NBRT folder moved successfully.

C:\Users\Brigitte\AppData\Roaming\dwlGina3.dll moved successfully.

C:\Program Files\Application Updater folder moved successfully.

C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.

C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.

C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.

C:\Program Files\Common Files\Spigot folder moved successfully.

C:\Program Files\Dealio Toolbar\Res\Lang folder moved successfully.

C:\Program Files\Dealio Toolbar\Res folder moved successfully.

C:\Program Files\Dealio Toolbar\IE\4.7 folder moved successfully.

C:\Program Files\Dealio Toolbar\IE folder moved successfully.

C:\Program Files\Dealio Toolbar folder moved successfully.

C:\Windows\System32\acovcnt.exe moved successfully.

C:\Windows\Tasks\1c6bbdb0.job moved successfully.

========== FILES ==========

C:\Windows\tasks\At1.job moved successfully.

C:\Windows\tasks\At10.job moved successfully.

C:\Windows\tasks\At11.job moved successfully.

C:\Windows\tasks\At12.job moved successfully.

C:\Windows\tasks\At13.job moved successfully.

C:\Windows\tasks\At14.job moved successfully.

C:\Windows\tasks\At15.job moved successfully.

C:\Windows\tasks\At16.job moved successfully.

C:\Windows\tasks\At17.job moved successfully.

C:\Windows\tasks\At18.job moved successfully.

C:\Windows\tasks\At19.job moved successfully.

C:\Windows\tasks\At2.job moved successfully.

C:\Windows\tasks\At20.job moved successfully.

C:\Windows\tasks\At21.job moved successfully.

C:\Windows\tasks\At22.job moved successfully.

C:\Windows\tasks\At23.job moved successfully.

C:\Windows\tasks\At24.job moved successfully.

C:\Windows\tasks\At3.job moved successfully.

C:\Windows\tasks\At4.job moved successfully.

C:\Windows\tasks\At5.job moved successfully.

C:\Windows\tasks\At6.job moved successfully.

C:\Windows\tasks\At7.job moved successfully.

C:\Windows\tasks\At8.job moved successfully.

C:\Windows\tasks\At9.job moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Brigitte

->Temp folder emptied: 2067556 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 470 bytes

 

User: Default

->Temp folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 16226069 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 17,00 mb

 

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.31.0 log created on 11192011_005001
 

Files\Folders moved on Reboot...
 

Registry entries deleted on Reboot...

Avira ist erstmal nebensächlich. Wichtiger ist sich um die Infektion zu kümmern. Deinstallier das also erstmal komplett, wenn wir durch sind, kann wieder ein Virenscanner rauf. Und nein, es ist nicht gefährlich wenn man vorübergehend ohne Virenscanner ist.

Nach der Deinstallation von Avira bitte mit dem TDSS-Killer weitermachen:

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Hallo,

Avira ist deinstalliert. Hier das Log:

Code:

12:45:35.0520 0528        TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

12:45:35.0785 0528        ============================================================

12:45:35.0785 0528        Current date / time: 2011/11/20 12:45:35.0785

12:45:35.0785 0528        SystemInfo:

12:45:35.0785 0528        

12:45:35.0785 0528        OS Version: 6.0.6002 ServicePack: 2.0

12:45:35.0785 0528        Product type: Workstation

12:45:35.0785 0528        ComputerName: BRIGITTESPC

12:45:35.0785 0528        UserName: Brigitte

12:45:35.0785 0528        Windows directory: C:\Windows

12:45:35.0785 0528        System windows directory: C:\Windows

12:45:35.0785 0528        Processor architecture: Intel x86

12:45:35.0785 0528        Number of processors: 2

12:45:35.0785 0528        Page size: 0x1000

12:45:35.0785 0528        Boot type: Normal boot

12:45:35.0785 0528        ============================================================

12:45:37.0221 0528        Initialize success

12:45:56.0097 3624        ============================================================

12:45:56.0097 3624        Scan started

12:45:56.0097 3624        Mode: Manual; SigCheck; TDLFS; 

12:45:56.0097 3624        ============================================================

12:45:57.0766 3624        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

12:45:57.0875 3624        ACPI - ok

12:45:57.0953 3624        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

12:45:58.0000 3624        adp94xx - ok

12:45:58.0093 3624        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

12:45:58.0109 3624        adpahci - ok

12:45:58.0140 3624        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

12:45:58.0156 3624        adpu160m - ok

12:45:58.0203 3624        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

12:45:58.0218 3624        adpu320 - ok

12:45:58.0452 3624        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

12:45:58.0515 3624        AFD - ok

12:45:58.0561 3624        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

12:45:58.0577 3624        agp440 - ok

12:45:58.0624 3624        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

12:45:58.0639 3624        aic78xx - ok

12:45:58.0671 3624        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

12:45:58.0686 3624        aliide - ok

12:45:58.0717 3624        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

12:45:58.0733 3624        amdagp - ok

12:45:58.0749 3624        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

12:45:58.0780 3624        amdide - ok

12:45:58.0811 3624        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

12:45:58.0936 3624        AmdK7 - ok

12:45:58.0983 3624        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

12:45:59.0029 3624        AmdK8 - ok

12:45:59.0107 3624        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

12:45:59.0123 3624        arc - ok

12:45:59.0232 3624        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

12:45:59.0248 3624        arcsas - ok

12:45:59.0295 3624        AsDsm           (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys

12:45:59.0341 3624        AsDsm - ok

12:45:59.0435 3624        ASMMAP          (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys

12:45:59.0451 3624        ASMMAP - ok

12:45:59.0544 3624        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

12:45:59.0591 3624        AsyncMac - ok

12:45:59.0638 3624        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

12:45:59.0653 3624        atapi - ok

12:45:59.0763 3624        athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys

12:45:59.0872 3624        athr - ok

12:46:00.0090 3624        atikmdag        (b6f3e32c0a1c38cd7526265221de192c) C:\Windows\system32\DRIVERS\atikmdag.sys

12:46:00.0293 3624        atikmdag - ok

12:46:00.0433 3624        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

12:46:00.0480 3624        Beep - ok

12:46:00.0574 3624        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

12:46:00.0621 3624        blbdrive - ok

12:46:00.0699 3624        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

12:46:00.0745 3624        bowser - ok

12:46:00.0839 3624        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

12:46:00.0870 3624        BrFiltLo - ok

12:46:00.0901 3624        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

12:46:00.0917 3624        BrFiltUp - ok

12:46:00.0948 3624        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

12:46:01.0073 3624        Brserid - ok

12:46:01.0213 3624        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

12:46:01.0260 3624        BrSerWdm - ok

12:46:01.0369 3624        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

12:46:01.0416 3624        BrUsbMdm - ok

12:46:01.0463 3624        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

12:46:01.0510 3624        BrUsbSer - ok

12:46:01.0557 3624        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

12:46:01.0619 3624        BTHMODEM - ok

12:46:01.0650 3624        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

12:46:01.0681 3624        cdfs - ok

12:46:01.0728 3624        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

12:46:01.0759 3624        cdrom - ok

12:46:01.0806 3624        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

12:46:01.0822 3624        circlass - ok

12:46:01.0884 3624        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

12:46:01.0900 3624        CLFS - ok

12:46:02.0040 3624        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

12:46:02.0071 3624        CmBatt - ok

12:46:02.0087 3624        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

12:46:02.0103 3624        cmdide - ok

12:46:02.0118 3624        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

12:46:02.0134 3624        Compbatt - ok

12:46:02.0165 3624        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

12:46:02.0181 3624        crcdisk - ok

12:46:02.0212 3624        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

12:46:02.0243 3624        Crusoe - ok

12:46:02.0337 3624        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

12:46:02.0368 3624        DfsC - ok

12:46:02.0493 3624        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

12:46:02.0508 3624        disk - ok

12:46:02.0555 3624        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

12:46:02.0571 3624        drmkaud - ok

12:46:02.0633 3624        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

12:46:02.0680 3624        DXGKrnl - ok

12:46:02.0773 3624        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

12:46:02.0805 3624        E1G60 - ok

12:46:02.0929 3624        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

12:46:02.0945 3624        Ecache - ok

12:46:03.0007 3624        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

12:46:03.0070 3624        elxstor - ok

12:46:03.0163 3624        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

12:46:03.0210 3624        ErrDev - ok

12:46:03.0273 3624        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

12:46:03.0319 3624        exfat - ok

12:46:03.0413 3624        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

12:46:03.0444 3624        fastfat - ok

12:46:03.0522 3624        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

12:46:03.0569 3624        fdc - ok

12:46:03.0663 3624        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

12:46:03.0678 3624        FileInfo - ok

12:46:03.0709 3624        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

12:46:03.0756 3624        Filetrace - ok

12:46:03.0772 3624        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

12:46:03.0803 3624        flpydisk - ok

12:46:03.0850 3624        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

12:46:03.0865 3624        FltMgr - ok

12:46:03.0959 3624        fssfltr         (17829180deebf703ec7f445ac3abea99) C:\Windows\system32\DRIVERS\fssfltr.sys

12:46:03.0975 3624        fssfltr - ok

12:46:04.0006 3624        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

12:46:04.0021 3624        Fs_Rec - ok

12:46:04.0099 3624        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

12:46:04.0099 3624        gagp30kx - ok

12:46:04.0411 3624        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

12:46:04.0489 3624        HdAudAddService - ok

12:46:04.0692 3624        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

12:46:04.0739 3624        HDAudBus - ok

12:46:04.0770 3624        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

12:46:04.0833 3624        HidBth - ok

12:46:04.0864 3624        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

12:46:04.0911 3624        HidIr - ok

12:46:05.0020 3624        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

12:46:05.0051 3624        HidUsb - ok

12:46:05.0082 3624        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

12:46:05.0098 3624        HpCISSs - ok

12:46:05.0145 3624        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

12:46:05.0223 3624        HTTP - ok

12:46:05.0301 3624        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

12:46:05.0316 3624        i2omp - ok

12:46:05.0363 3624        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

12:46:05.0394 3624        i8042prt - ok

12:46:05.0425 3624        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

12:46:05.0441 3624        iaStorV - ok

12:46:05.0472 3624        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

12:46:05.0488 3624        iirsp - ok

12:46:05.0628 3624        IntcAzAudAddService (d9b869a909cc93aec507d4f7dfa24434) C:\Windows\system32\drivers\RTKVHDA.sys

12:46:05.0769 3624        IntcAzAudAddService - ok

12:46:05.0878 3624        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

12:46:05.0909 3624        intelide - ok

12:46:05.0940 3624        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

12:46:05.0971 3624        intelppm - ok

12:46:06.0018 3624        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:46:06.0065 3624        IpFilterDriver - ok

12:46:06.0096 3624        IpInIp - ok

12:46:06.0112 3624        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

12:46:06.0174 3624        IPMIDRV - ok

12:46:06.0205 3624        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

12:46:06.0252 3624        IPNAT - ok

12:46:06.0283 3624        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

12:46:06.0330 3624        IRENUM - ok

12:46:06.0361 3624        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

12:46:06.0377 3624        isapnp - ok

12:46:06.0439 3624        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

12:46:06.0471 3624        iScsiPrt - ok

12:46:06.0502 3624        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

12:46:06.0517 3624        iteatapi - ok

12:46:06.0549 3624        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

12:46:06.0580 3624        iteraid - ok

12:46:06.0611 3624        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

12:46:06.0627 3624        kbdclass - ok

12:46:06.0658 3624        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

12:46:06.0705 3624        kbdhid - ok

12:46:06.0798 3624        kbfiltr         (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys

12:46:06.0814 3624        kbfiltr - ok

12:46:06.0861 3624        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

12:46:06.0907 3624        KSecDD - ok

12:46:07.0017 3624        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

12:46:07.0063 3624        lltdio - ok

12:46:07.0110 3624        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

12:46:07.0141 3624        LSI_FC - ok

12:46:07.0157 3624        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

12:46:07.0188 3624        LSI_SAS - ok

12:46:07.0251 3624        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

12:46:07.0282 3624        LSI_SCSI - ok

12:46:07.0313 3624        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

12:46:07.0375 3624        luafv - ok

12:46:07.0422 3624        lullaby         (8039f480c192dd99fed4ebc71ffbf795) C:\Windows\system32\DRIVERS\lullaby.sys

12:46:07.0438 3624        lullaby - ok

12:46:07.0469 3624        MBAMSwissArmy - ok

12:46:07.0594 3624        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

12:46:07.0609 3624        megasas - ok

12:46:07.0687 3624        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

12:46:07.0750 3624        MegaSR - ok

12:46:07.0859 3624        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

12:46:07.0906 3624        Modem - ok

12:46:07.0953 3624        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

12:46:07.0999 3624        monitor - ok

12:46:08.0031 3624        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

12:46:08.0062 3624        mouclass - ok

12:46:08.0077 3624        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

12:46:08.0124 3624        mouhid - ok

12:46:08.0155 3624        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

12:46:08.0171 3624        MountMgr - ok

12:46:08.0218 3624        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

12:46:08.0233 3624        mpio - ok

12:46:08.0280 3624        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

12:46:08.0311 3624        mpsdrv - ok

12:46:08.0343 3624        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

12:46:08.0358 3624        Mraid35x - ok

12:46:08.0421 3624        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

12:46:08.0452 3624        MRxDAV - ok

12:46:08.0514 3624        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:46:08.0545 3624        mrxsmb - ok

12:46:08.0639 3624        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:46:08.0655 3624        mrxsmb10 - ok

12:46:08.0733 3624        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:46:08.0748 3624        mrxsmb20 - ok

12:46:08.0826 3624        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

12:46:08.0842 3624        msahci - ok

12:46:08.0873 3624        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

12:46:08.0904 3624        msdsm - ok

12:46:08.0967 3624        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

12:46:09.0013 3624        Msfs - ok

12:46:09.0076 3624        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

12:46:09.0091 3624        msisadrv - ok

12:46:09.0154 3624        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

12:46:09.0201 3624        MSKSSRV - ok

12:46:09.0216 3624        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

12:46:09.0247 3624        MSPCLOCK - ok

12:46:09.0279 3624        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

12:46:09.0310 3624        MSPQM - ok

12:46:09.0341 3624        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

12:46:09.0357 3624        MsRPC - ok

12:46:09.0403 3624        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

12:46:09.0403 3624        mssmbios - ok

12:46:09.0435 3624        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

12:46:09.0466 3624        MSTEE - ok

12:46:09.0497 3624        MTsensor        (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

12:46:09.0528 3624        MTsensor - ok

12:46:09.0575 3624        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

12:46:09.0575 3624        Mup - ok

12:46:09.0747 3624        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

12:46:09.0762 3624        NativeWifiP - ok

12:46:09.0840 3624        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

12:46:09.0871 3624        NDIS - ok

12:46:09.0918 3624        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

12:46:09.0949 3624        NdisTapi - ok

12:46:09.0965 3624        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

12:46:10.0012 3624        Ndisuio - ok

12:46:10.0090 3624        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

12:46:10.0121 3624        NdisWan - ok

12:46:10.0152 3624        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

12:46:10.0183 3624        NDProxy - ok

12:46:10.0215 3624        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

12:46:10.0261 3624        NetBIOS - ok

12:46:10.0293 3624        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

12:46:10.0324 3624        netbt - ok

12:46:10.0371 3624        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

12:46:10.0386 3624        nfrd960 - ok

12:46:10.0433 3624        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

12:46:10.0464 3624        Npfs - ok

12:46:10.0480 3624        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

12:46:10.0527 3624        nsiproxy - ok

12:46:10.0589 3624        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

12:46:10.0729 3624        Ntfs - ok

12:46:10.0839 3624        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

12:46:10.0917 3624        ntrigdigi - ok

12:46:10.0963 3624        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

12:46:11.0010 3624        Null - ok

12:46:11.0041 3624        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

12:46:11.0073 3624        nvraid - ok

12:46:11.0088 3624        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

12:46:11.0104 3624        nvstor - ok

12:46:11.0213 3624        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

12:46:11.0229 3624        nv_agp - ok

12:46:11.0229 3624        NwlnkFlt - ok

12:46:11.0260 3624        NwlnkFwd - ok

12:46:11.0307 3624        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

12:46:11.0338 3624        ohci1394 - ok

12:46:11.0385 3624        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

12:46:11.0431 3624        Parport - ok

12:46:11.0478 3624        partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

12:46:11.0494 3624        partmgr - ok

12:46:11.0525 3624        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

12:46:11.0587 3624        Parvdm - ok

12:46:11.0665 3624        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

12:46:11.0697 3624        pci - ok

12:46:11.0743 3624        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

12:46:11.0759 3624        pciide - ok

12:46:11.0806 3624        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

12:46:11.0821 3624        pcmcia - ok

12:46:11.0868 3624        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

12:46:11.0962 3624        PEAUTH - ok

12:46:12.0102 3624        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

12:46:12.0149 3624        PptpMiniport - ok

12:46:12.0180 3624        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

12:46:12.0227 3624        Processor - ok

12:46:12.0321 3624        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

12:46:12.0367 3624        PSched - ok

12:46:12.0477 3624        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

12:46:12.0555 3624        ql2300 - ok

12:46:12.0664 3624        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

12:46:12.0695 3624        ql40xx - ok

12:46:12.0726 3624        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

12:46:12.0789 3624        QWAVEdrv - ok

12:46:12.0820 3624        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

12:46:12.0867 3624        RasAcd - ok

12:46:12.0913 3624        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:46:12.0960 3624        Rasl2tp - ok

12:46:13.0038 3624        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

12:46:13.0085 3624        RasPppoe - ok

12:46:13.0163 3624        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

12:46:13.0194 3624        RasSstp - ok

12:46:13.0241 3624        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

12:46:13.0288 3624        rdbss - ok

12:46:13.0335 3624        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:46:13.0381 3624        RDPCDD - ok

12:46:13.0413 3624        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

12:46:13.0475 3624        rdpdr - ok

12:46:13.0491 3624        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

12:46:13.0522 3624        RDPENCDD - ok

12:46:13.0569 3624        RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

12:46:13.0584 3624        RDPWD - ok

12:46:13.0631 3624        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

12:46:13.0662 3624        rspndr - ok

12:46:13.0678 3624        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

12:46:13.0693 3624        sbp2port - ok

12:46:13.0818 3624        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

12:46:13.0849 3624        sdbus - ok

12:46:13.0881 3624        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

12:46:13.0943 3624        secdrv - ok

12:46:13.0974 3624        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

12:46:14.0037 3624        Serenum - ok

12:46:14.0083 3624        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

12:46:14.0130 3624        Serial - ok

12:46:14.0193 3624        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

12:46:14.0208 3624        sermouse - ok

12:46:14.0255 3624        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

12:46:14.0271 3624        sffdisk - ok

12:46:14.0302 3624        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

12:46:14.0333 3624        sffp_mmc - ok

12:46:14.0395 3624        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

12:46:14.0427 3624        sffp_sd - ok

12:46:14.0489 3624        sfloppy         (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

12:46:14.0520 3624        sfloppy - ok

12:46:14.0551 3624        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

12:46:14.0567 3624        sisagp - ok

12:46:14.0614 3624        SiSGbeLH        (f7da61bd62a16510227656c3477e2b52) C:\Windows\system32\DRIVERS\SiSGB6.sys

12:46:14.0629 3624        SiSGbeLH - ok

12:46:14.0739 3624        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

12:46:14.0754 3624        SiSRaid2 - ok

12:46:14.0785 3624        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

12:46:14.0801 3624        SiSRaid4 - ok

12:46:14.0863 3624        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

12:46:14.0895 3624        Smb - ok

12:46:15.0004 3624        smserial        (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys

12:46:15.0175 3624        smserial - ok

12:46:15.0363 3624        SNP2UVC         (060f51141b20b8156804446a04ab8b2a) C:\Windows\system32\DRIVERS\snp2uvc.sys

12:46:15.0456 3624        SNP2UVC - ok

12:46:15.0550 3624        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

12:46:15.0581 3624        spldr - ok

12:46:15.0643 3624        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

12:46:15.0690 3624        srv - ok

12:46:15.0799 3624        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

12:46:15.0846 3624        srv2 - ok

12:46:15.0862 3624        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

12:46:15.0909 3624        srvnet - ok

12:46:15.0971 3624        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

12:46:16.0002 3624        swenum - ok

12:46:16.0049 3624        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

12:46:16.0080 3624        Symc8xx - ok

12:46:16.0143 3624        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

12:46:16.0158 3624        Sym_hi - ok

12:46:16.0221 3624        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

12:46:16.0252 3624        Sym_u3 - ok

12:46:16.0361 3624        SynTP           (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys

12:46:16.0392 3624        SynTP - ok

12:46:16.0486 3624        Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

12:46:16.0564 3624        Tcpip - ok

12:46:16.0642 3624        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

12:46:16.0704 3624        Tcpip6 - ok

12:46:16.0782 3624        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

12:46:16.0829 3624        tcpipreg - ok

12:46:16.0891 3624        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

12:46:16.0954 3624        TDPIPE - ok

12:46:16.0969 3624        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

12:46:17.0016 3624        TDTCP - ok

12:46:17.0047 3624        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

12:46:17.0063 3624        tdx - ok

12:46:17.0110 3624        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

12:46:17.0125 3624        TermDD - ok

12:46:17.0188 3624        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:46:17.0219 3624        tssecsrv - ok

12:46:17.0250 3624        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

12:46:17.0281 3624        tunmp - ok

12:46:17.0313 3624        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

12:46:17.0344 3624        tunnel - ok

12:46:17.0391 3624        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

12:46:17.0406 3624        uagp35 - ok

12:46:17.0453 3624        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

12:46:17.0484 3624        udfs - ok

12:46:17.0531 3624        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

12:46:17.0547 3624        uliagpkx - ok

12:46:17.0625 3624        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

12:46:17.0656 3624        uliahci - ok

12:46:17.0671 3624        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

12:46:17.0703 3624        UlSata - ok

12:46:17.0718 3624        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

12:46:17.0734 3624        ulsata2 - ok

12:46:17.0765 3624        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

12:46:17.0812 3624        umbus - ok

12:46:17.0921 3624        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

12:46:17.0968 3624        usbccgp - ok

12:46:18.0015 3624        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

12:46:18.0077 3624        usbcir - ok

12:46:18.0124 3624        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

12:46:18.0171 3624        usbehci - ok

12:46:18.0217 3624        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

12:46:18.0264 3624        usbhub - ok

12:46:18.0280 3624        usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

12:46:18.0311 3624        usbohci - ok

12:46:18.0342 3624        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

12:46:18.0420 3624        usbprint - ok

12:46:18.0451 3624        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:46:18.0483 3624        USBSTOR - ok

12:46:18.0514 3624        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

12:46:18.0529 3624        usbuhci - ok

12:46:18.0623 3624        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

12:46:18.0654 3624        usbvideo - ok

12:46:18.0685 3624        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

12:46:18.0717 3624        vga - ok

12:46:18.0732 3624        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

12:46:18.0763 3624        VgaSave - ok

12:46:18.0841 3624        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

12:46:18.0857 3624        viaagp - ok

12:46:18.0888 3624        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

12:46:18.0919 3624        ViaC7 - ok

12:46:18.0997 3624        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

12:46:19.0013 3624        viaide - ok

12:46:19.0044 3624        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

12:46:19.0060 3624        volmgr - ok

12:46:19.0107 3624        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

12:46:19.0122 3624        volmgrx - ok

12:46:19.0185 3624        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

12:46:19.0216 3624        volsnap - ok

12:46:19.0231 3624        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

12:46:19.0263 3624        vsmraid - ok

12:46:19.0341 3624        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

12:46:19.0403 3624        WacomPen - ok

12:46:19.0434 3624        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:46:19.0465 3624        Wanarp - ok

12:46:19.0497 3624        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

12:46:19.0528 3624        Wanarpv6 - ok

12:46:19.0606 3624        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

12:46:19.0637 3624        Wd - ok

12:46:19.0684 3624        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

12:46:19.0746 3624        Wdf01000 - ok

12:46:19.0933 3624        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

12:46:19.0980 3624        WmiAcpi - ok

12:46:20.0043 3624        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

12:46:20.0089 3624        WpdUsb - ok

12:46:20.0199 3624        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

12:46:20.0245 3624        ws2ifsl - ok

12:46:20.0292 3624        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:46:20.0339 3624        WUDFRd - ok

12:46:20.0495 3624        yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

12:46:20.0604 3624        yukonwlh - ok

12:46:20.0620 3624        MBR (0x1B8)     (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0

12:46:20.0682 3624        \Device\Harddisk0\DR0 ( TDSS File System ) - warning

12:46:20.0682 3624        \Device\Harddisk0\DR0 - detected TDSS File System (1)

12:46:20.0682 3624        Boot (0x1200)   (47f05db3e583f2e14c557b175fc0e758) \Device\Harddisk0\DR0\Partition0

12:46:20.0682 3624        \Device\Harddisk0\DR0\Partition0 - ok

12:46:20.0713 3624        Boot (0x1200)   (028934841232509797acb27ff1ec47b3) \Device\Harddisk0\DR0\Partition1

12:46:20.0713 3624        \Device\Harddisk0\DR0\Partition1 - ok

12:46:20.0713 3624        ============================================================

12:46:20.0713 3624        Scan finished

12:46:20.0713 3624        ============================================================

12:46:20.0729 3020        Detected object count: 1

12:46:20.0729 3020        Actual detected object count: 1

12:46:44.0503 3020        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

12:46:44.0503 3020        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Zitat:

12:46:44.0503 3020 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:46:44.0503 3020 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Das TDSS File System mit dem TDSS-Killer unbedingt löschen.
Es folgt ein Windows-Neustart, mach danach ein neues Log mit dem TDSS-Killer und poste es.

Das Skip hatte ich gemacht, weil es in deinem Post so drin stand.

Neustart erfolgte nicht automatisch. Habe ich dann von Hand gemacht.

Neuer Log:

Code:

13:20:22.0589 2640        TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

13:20:23.0119 2640        ============================================================

13:20:23.0119 2640        Current date / time: 2011/11/20 13:20:23.0119

13:20:23.0119 2640        SystemInfo:

13:20:23.0119 2640        

13:20:23.0119 2640        OS Version: 6.0.6002 ServicePack: 2.0

13:20:23.0119 2640        Product type: Workstation

13:20:23.0119 2640        ComputerName: BRIGITTESPC

13:20:23.0119 2640        UserName: Brigitte

13:20:23.0119 2640        Windows directory: C:\Windows

13:20:23.0119 2640        System windows directory: C:\Windows

13:20:23.0119 2640        Processor architecture: Intel x86

13:20:23.0119 2640        Number of processors: 2

13:20:23.0119 2640        Page size: 0x1000

13:20:23.0119 2640        Boot type: Normal boot

13:20:23.0119 2640        ============================================================

13:20:29.0344 2640        Initialize success

13:20:54.0584 2724        ============================================================

13:20:54.0584 2724        Scan started

13:20:54.0584 2724        Mode: Manual; SigCheck; TDLFS; 

13:20:54.0584 2724        ============================================================

13:20:55.0146 2724        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

13:20:55.0318 2724        ACPI - ok

13:20:55.0489 2724        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

13:20:55.0520 2724        adp94xx - ok

13:20:55.0676 2724        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

13:20:55.0692 2724        adpahci - ok

13:20:55.0801 2724        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

13:20:55.0817 2724        adpu160m - ok

13:20:55.0957 2724        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

13:20:55.0973 2724        adpu320 - ok

13:20:56.0191 2724        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

13:20:56.0238 2724        AFD - ok

13:20:56.0363 2724        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

13:20:56.0378 2724        agp440 - ok

13:20:56.0488 2724        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

13:20:56.0503 2724        aic78xx - ok

13:20:56.0597 2724        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

13:20:56.0628 2724        aliide - ok

13:20:56.0737 2724        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

13:20:56.0753 2724        amdagp - ok

13:20:56.0846 2724        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

13:20:56.0862 2724        amdide - ok

13:20:56.0956 2724        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

13:20:57.0018 2724        AmdK7 - ok

13:20:57.0174 2724        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

13:20:57.0236 2724        AmdK8 - ok

13:20:57.0424 2724        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

13:20:57.0439 2724        arc - ok

13:20:57.0611 2724        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

13:20:57.0642 2724        arcsas - ok

13:20:57.0829 2724        AsDsm           (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys

13:20:57.0892 2724        AsDsm - ok

13:20:57.0985 2724        ASMMAP          (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys

13:20:57.0985 2724        ASMMAP - ok

13:20:58.0079 2724        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

13:20:58.0141 2724        AsyncMac - ok

13:20:58.0297 2724        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

13:20:58.0313 2724        atapi - ok

13:20:58.0547 2724        athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys

13:20:58.0609 2724        athr - ok

13:20:58.0890 2724        atikmdag        (b6f3e32c0a1c38cd7526265221de192c) C:\Windows\system32\DRIVERS\atikmdag.sys

13:20:59.0046 2724        atikmdag - ok

13:20:59.0311 2724        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

13:20:59.0374 2724        Beep - ok

13:20:59.0498 2724        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

13:20:59.0561 2724        blbdrive - ok

13:20:59.0686 2724        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

13:20:59.0717 2724        bowser - ok

13:20:59.0842 2724        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

13:20:59.0873 2724        BrFiltLo - ok

13:20:59.0920 2724        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

13:20:59.0951 2724        BrFiltUp - ok

13:21:00.0138 2724        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

13:21:00.0216 2724        Brserid - ok

13:21:00.0372 2724        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

13:21:00.0466 2724        BrSerWdm - ok

13:21:00.0824 2724        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

13:21:00.0902 2724        BrUsbMdm - ok

13:21:01.0121 2724        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

13:21:01.0214 2724        BrUsbSer - ok

13:21:01.0511 2724        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

13:21:01.0604 2724        BTHMODEM - ok

13:21:01.0745 2724        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

13:21:01.0807 2724        cdfs - ok

13:21:01.0994 2724        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

13:21:02.0041 2724        cdrom - ok

13:21:02.0275 2724        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

13:21:02.0338 2724        circlass - ok

13:21:02.0618 2724        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

13:21:02.0681 2724        CLFS - ok

13:21:02.0821 2724        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

13:21:02.0868 2724        CmBatt - ok

13:21:02.0899 2724        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

13:21:02.0915 2724        cmdide - ok

13:21:02.0946 2724        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

13:21:02.0962 2724        Compbatt - ok

13:21:02.0993 2724        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

13:21:03.0008 2724        crcdisk - ok

13:21:03.0024 2724        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

13:21:03.0086 2724        Crusoe - ok

13:21:03.0211 2724        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

13:21:03.0242 2724        DfsC - ok

13:21:03.0414 2724        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

13:21:03.0430 2724        disk - ok

13:21:03.0492 2724        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

13:21:03.0508 2724        drmkaud - ok

13:21:03.0570 2724        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

13:21:03.0617 2724        DXGKrnl - ok

13:21:03.0742 2724        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

13:21:03.0773 2724        E1G60 - ok

13:21:03.0913 2724        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

13:21:03.0944 2724        Ecache - ok

13:21:04.0147 2724        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

13:21:04.0178 2724        elxstor - ok

13:21:04.0334 2724        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

13:21:04.0381 2724        ErrDev - ok

13:21:04.0490 2724        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

13:21:04.0568 2724        exfat - ok

13:21:04.0802 2724        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

13:21:04.0849 2724        fastfat - ok

13:21:04.0974 2724        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

13:21:05.0021 2724        fdc - ok

13:21:05.0114 2724        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

13:21:05.0130 2724        FileInfo - ok

13:21:05.0255 2724        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

13:21:05.0317 2724        Filetrace - ok

13:21:05.0442 2724        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

13:21:05.0504 2724        flpydisk - ok

13:21:05.0770 2724        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

13:21:05.0801 2724        FltMgr - ok

13:21:05.0972 2724        fssfltr         (17829180deebf703ec7f445ac3abea99) C:\Windows\system32\DRIVERS\fssfltr.sys

13:21:05.0988 2724        fssfltr - ok

13:21:06.0160 2724        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

13:21:06.0206 2724        Fs_Rec - ok

13:21:06.0347 2724        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

13:21:06.0362 2724        gagp30kx - ok

13:21:06.0565 2724        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

13:21:06.0612 2724        HdAudAddService - ok

13:21:06.0737 2724        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

13:21:06.0799 2724        HDAudBus - ok

13:21:06.0955 2724        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

13:21:07.0049 2724        HidBth - ok

13:21:07.0220 2724        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

13:21:07.0330 2724        HidIr - ok

13:21:07.0454 2724        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

13:21:07.0486 2724        HidUsb - ok

13:21:07.0532 2724        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

13:21:07.0564 2724        HpCISSs - ok

13:21:07.0642 2724        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

13:21:07.0735 2724        HTTP - ok

13:21:07.0813 2724        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

13:21:07.0844 2724        i2omp - ok

13:21:07.0891 2724        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

13:21:07.0938 2724        i8042prt - ok

13:21:07.0969 2724        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

13:21:08.0000 2724        iaStorV - ok

13:21:08.0047 2724        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

13:21:08.0078 2724        iirsp - ok

13:21:08.0266 2724        IntcAzAudAddService (d9b869a909cc93aec507d4f7dfa24434) C:\Windows\system32\drivers\RTKVHDA.sys

13:21:08.0406 2724        IntcAzAudAddService - ok

13:21:08.0515 2724        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

13:21:08.0546 2724        intelide - ok

13:21:08.0578 2724        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

13:21:08.0624 2724        intelppm - ok

13:21:08.0702 2724        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:21:08.0749 2724        IpFilterDriver - ok

13:21:08.0843 2724        IpInIp - ok

13:21:08.0905 2724        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

13:21:08.0968 2724        IPMIDRV - ok

13:21:09.0014 2724        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

13:21:09.0077 2724        IPNAT - ok

13:21:09.0124 2724        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

13:21:09.0186 2724        IRENUM - ok

13:21:09.0280 2724        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

13:21:09.0295 2724        isapnp - ok

13:21:09.0373 2724        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

13:21:09.0404 2724        iScsiPrt - ok

13:21:09.0607 2724        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

13:21:09.0623 2724        iteatapi - ok

13:21:09.0763 2724        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

13:21:09.0810 2724        iteraid - ok

13:21:09.0904 2724        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

13:21:09.0935 2724        kbdclass - ok

13:21:10.0060 2724        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

13:21:10.0122 2724        kbdhid - ok

13:21:10.0262 2724        kbfiltr         (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys

13:21:10.0278 2724        kbfiltr - ok

13:21:10.0496 2724        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

13:21:10.0543 2724        KSecDD - ok

13:21:10.0699 2724        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

13:21:10.0762 2724        lltdio - ok

13:21:10.0949 2724        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

13:21:10.0980 2724        LSI_FC - ok

13:21:11.0042 2724        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

13:21:11.0074 2724        LSI_SAS - ok

13:21:11.0120 2724        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

13:21:11.0152 2724        LSI_SCSI - ok

13:21:11.0183 2724        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

13:21:11.0230 2724        luafv - ok

13:21:11.0448 2724        lullaby         (8039f480c192dd99fed4ebc71ffbf795) C:\Windows\system32\DRIVERS\lullaby.sys

13:21:11.0464 2724        lullaby - ok

13:21:11.0510 2724        MBAMSwissArmy - ok

13:21:11.0620 2724        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

13:21:11.0651 2724        megasas - ok

13:21:11.0682 2724        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

13:21:11.0729 2724        MegaSR - ok

13:21:11.0791 2724        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

13:21:11.0854 2724        Modem - ok

13:21:11.0963 2724        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

13:21:12.0025 2724        monitor - ok

13:21:12.0197 2724        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

13:21:12.0228 2724        mouclass - ok

13:21:12.0431 2724        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

13:21:12.0478 2724        mouhid - ok

13:21:12.0524 2724        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

13:21:12.0556 2724        MountMgr - ok

13:21:12.0649 2724        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

13:21:12.0680 2724        mpio - ok

13:21:12.0836 2724        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

13:21:12.0883 2724        mpsdrv - ok

13:21:13.0024 2724        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

13:21:13.0055 2724        Mraid35x - ok

13:21:13.0164 2724        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

13:21:13.0211 2724        MRxDAV - ok

13:21:13.0258 2724        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:21:13.0320 2724        mrxsmb - ok

13:21:13.0382 2724        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:21:13.0429 2724        mrxsmb10 - ok

13:21:13.0616 2724        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:21:13.0648 2724        mrxsmb20 - ok

13:21:13.0772 2724        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

13:21:13.0804 2724        msahci - ok

13:21:13.0835 2724        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

13:21:13.0866 2724        msdsm - ok

13:21:14.0038 2724        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

13:21:14.0100 2724        Msfs - ok

13:21:14.0240 2724        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

13:21:14.0272 2724        msisadrv - ok

13:21:14.0396 2724        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

13:21:14.0443 2724        MSKSSRV - ok

13:21:14.0490 2724        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

13:21:14.0537 2724        MSPCLOCK - ok

13:21:14.0568 2724        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

13:21:14.0615 2724        MSPQM - ok

13:21:14.0662 2724        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

13:21:14.0693 2724        MsRPC - ok

13:21:14.0755 2724        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

13:21:14.0771 2724        mssmbios - ok

13:21:14.0864 2724        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

13:21:14.0896 2724        MSTEE - ok

13:21:14.0989 2724        MTsensor        (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

13:21:15.0005 2724        MTsensor - ok

13:21:15.0052 2724        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

13:21:15.0067 2724        Mup - ok

13:21:15.0208 2724        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

13:21:15.0239 2724        NativeWifiP - ok

13:21:15.0332 2724        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

13:21:15.0379 2724        NDIS - ok

13:21:15.0488 2724        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

13:21:15.0535 2724        NdisTapi - ok

13:21:15.0676 2724        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

13:21:15.0738 2724        Ndisuio - ok

13:21:15.0863 2724        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

13:21:15.0910 2724        NdisWan - ok

13:21:15.0972 2724        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

13:21:16.0019 2724        NDProxy - ok

13:21:16.0081 2724        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

13:21:16.0144 2724        NetBIOS - ok

13:21:16.0190 2724        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

13:21:16.0237 2724        netbt - ok

13:21:16.0424 2724        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

13:21:16.0456 2724        nfrd960 - ok

13:21:16.0596 2724        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

13:21:16.0643 2724        Npfs - ok

13:21:16.0736 2724        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

13:21:16.0783 2724        nsiproxy - ok

13:21:17.0064 2724        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

13:21:17.0142 2724        Ntfs - ok

13:21:17.0267 2724        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

13:21:17.0376 2724        ntrigdigi - ok

13:21:17.0579 2724        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

13:21:17.0626 2724        Null - ok

13:21:17.0828 2724        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

13:21:17.0860 2724        nvraid - ok

13:21:17.0984 2724        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

13:21:18.0016 2724        nvstor - ok

13:21:18.0125 2724        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

13:21:18.0156 2724        nv_agp - ok

13:21:18.0203 2724        NwlnkFlt - ok

13:21:18.0250 2724        NwlnkFwd - ok

13:21:18.0499 2724        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

13:21:18.0577 2724        ohci1394 - ok

13:21:18.0796 2724        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

13:21:18.0905 2724        Parport - ok

13:21:19.0108 2724        partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

13:21:19.0139 2724        partmgr - ok

13:21:19.0201 2724        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

13:21:19.0295 2724        Parvdm - ok

13:21:19.0482 2724        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

13:21:19.0529 2724        pci - ok

13:21:19.0607 2724        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

13:21:19.0638 2724        pciide - ok

13:21:19.0810 2724        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

13:21:19.0841 2724        pcmcia - ok

13:21:20.0090 2724        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

13:21:20.0200 2724        PEAUTH - ok

13:21:20.0480 2724        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

13:21:20.0512 2724        PptpMiniport - ok

13:21:20.0683 2724        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

13:21:20.0714 2724        Processor - ok

13:21:20.0824 2724        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

13:21:20.0855 2724        PSched - ok

13:21:21.0120 2724        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

13:21:21.0214 2724        ql2300 - ok

13:21:21.0463 2724        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

13:21:21.0479 2724        ql40xx - ok

13:21:21.0635 2724        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

13:21:21.0666 2724        QWAVEdrv - ok

13:21:21.0760 2724        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

13:21:21.0822 2724        RasAcd - ok

13:21:21.0853 2724        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:21:21.0916 2724        Rasl2tp - ok

13:21:21.0978 2724        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

13:21:22.0040 2724        RasPppoe - ok

13:21:22.0103 2724        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

13:21:22.0134 2724        RasSstp - ok

13:21:22.0196 2724        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

13:21:22.0259 2724        rdbss - ok

13:21:22.0368 2724        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:21:22.0430 2724        RDPCDD - ok

13:21:22.0742 2724        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

13:21:22.0883 2724        rdpdr - ok

13:21:23.0132 2724        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

13:21:23.0210 2724        RDPENCDD - ok

13:21:23.0507 2724        RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

13:21:23.0569 2724        RDPWD - ok

13:21:23.0803 2724        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

13:21:23.0866 2724        rspndr - ok

13:21:24.0115 2724        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

13:21:24.0162 2724        sbp2port - ok

13:21:24.0396 2724        sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

13:21:24.0521 2724        sdbus - ok

13:21:24.0770 2724        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

13:21:24.0864 2724        secdrv - ok

13:21:25.0051 2724        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

13:21:25.0145 2724        Serenum - ok

13:21:25.0270 2724        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

13:21:25.0394 2724        Serial - ok

13:21:25.0613 2724        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

13:21:25.0675 2724        sermouse - ok

13:21:25.0862 2724        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

13:21:25.0909 2724        sffdisk - ok

13:21:26.0112 2724        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

13:21:26.0190 2724        sffp_mmc - ok

13:21:26.0284 2724        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

13:21:26.0346 2724        sffp_sd - ok

13:21:26.0440 2724        sfloppy         (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

13:21:26.0502 2724        sfloppy - ok

13:21:26.0658 2724        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

13:21:26.0689 2724        sisagp - ok

13:21:26.0798 2724        SiSGbeLH        (f7da61bd62a16510227656c3477e2b52) C:\Windows\system32\DRIVERS\SiSGB6.sys

13:21:26.0830 2724        SiSGbeLH - ok

13:21:26.0892 2724        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

13:21:26.0923 2724        SiSRaid2 - ok

13:21:27.0079 2724        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

13:21:27.0110 2724        SiSRaid4 - ok

13:21:27.0251 2724        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

13:21:27.0298 2724        Smb - ok

13:21:27.0500 2724        smserial        (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys

13:21:27.0641 2724        smserial - ok

13:21:27.0828 2724        SNP2UVC         (060f51141b20b8156804446a04ab8b2a) C:\Windows\system32\DRIVERS\snp2uvc.sys

13:21:28.0000 2724        SNP2UVC - ok

13:21:28.0109 2724        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

13:21:28.0140 2724        spldr - ok

13:21:28.0296 2724        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

13:21:28.0358 2724        srv - ok

13:21:28.0468 2724        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

13:21:28.0514 2724        srv2 - ok

13:21:28.0639 2724        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

13:21:28.0670 2724        srvnet - ok

13:21:28.0795 2724        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

13:21:28.0811 2724        swenum - ok

13:21:29.0123 2724        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

13:21:29.0154 2724        Symc8xx - ok

13:21:29.0294 2724        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

13:21:29.0326 2724        Sym_hi - ok

13:21:29.0482 2724        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

13:21:29.0513 2724        Sym_u3 - ok

13:21:29.0606 2724        SynTP           (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys

13:21:29.0622 2724        SynTP - ok

13:21:29.0887 2724        Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

13:21:30.0012 2724        Tcpip - ok

13:21:30.0184 2724        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

13:21:30.0277 2724        Tcpip6 - ok

13:21:30.0464 2724        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

13:21:30.0527 2724        tcpipreg - ok

13:21:30.0683 2724        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

13:21:30.0745 2724        TDPIPE - ok

13:21:30.0995 2724        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

13:21:31.0057 2724        TDTCP - ok

13:21:31.0307 2724        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

13:21:31.0369 2724        tdx - ok

13:21:31.0432 2724        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

13:21:31.0463 2724        TermDD - ok

13:21:31.0603 2724        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:21:31.0666 2724        tssecsrv - ok

13:21:31.0915 2724        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

13:21:31.0978 2724        tunmp - ok

13:21:32.0149 2724        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

13:21:32.0212 2724        tunnel - ok

13:21:32.0446 2724        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

13:21:32.0477 2724        uagp35 - ok

13:21:32.0586 2724        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

13:21:32.0633 2724        udfs - ok

13:21:32.0758 2724        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

13:21:32.0804 2724        uliagpkx - ok

13:21:32.0867 2724        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

13:21:32.0914 2724        uliahci - ok

13:21:32.0945 2724        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

13:21:32.0976 2724        UlSata - ok

13:21:33.0007 2724        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

13:21:33.0038 2724        ulsata2 - ok

13:21:33.0070 2724        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

13:21:33.0116 2724        umbus - ok

13:21:33.0179 2724        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

13:21:33.0241 2724        usbccgp - ok

13:21:33.0288 2724        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

13:21:33.0350 2724        usbcir - ok

13:21:33.0428 2724        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

13:21:33.0444 2724        usbehci - ok

13:21:33.0506 2724        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

13:21:33.0538 2724        usbhub - ok

13:21:33.0600 2724        usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

13:21:33.0616 2724        usbohci - ok

13:21:33.0694 2724        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

13:21:33.0740 2724        usbprint - ok

13:21:33.0818 2724        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:21:33.0850 2724        USBSTOR - ok

13:21:33.0928 2724        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

13:21:33.0959 2724        usbuhci - ok

13:21:34.0084 2724        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

13:21:34.0130 2724        usbvideo - ok

13:21:34.0193 2724        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

13:21:34.0240 2724        vga - ok

13:21:34.0302 2724        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

13:21:34.0349 2724        VgaSave - ok

13:21:34.0411 2724        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

13:21:34.0427 2724        viaagp - ok

13:21:34.0552 2724        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

13:21:34.0598 2724        ViaC7 - ok

13:21:34.0661 2724        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

13:21:34.0692 2724        viaide - ok

13:21:34.0723 2724        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

13:21:34.0754 2724        volmgr - ok

13:21:34.0879 2724        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

13:21:34.0910 2724        volmgrx - ok

13:21:34.0988 2724        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

13:21:35.0035 2724        volsnap - ok

13:21:35.0113 2724        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

13:21:35.0160 2724        vsmraid - ok

13:21:35.0207 2724        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

13:21:35.0300 2724        WacomPen - ok

13:21:35.0347 2724        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

13:21:35.0394 2724        Wanarp - ok

13:21:35.0410 2724        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

13:21:35.0472 2724        Wanarpv6 - ok

13:21:35.0534 2724        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

13:21:35.0550 2724        Wd - ok

13:21:35.0644 2724        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

13:21:35.0675 2724        Wdf01000 - ok

13:21:35.0893 2724        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

13:21:35.0909 2724        WmiAcpi - ok

13:21:36.0002 2724        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

13:21:36.0049 2724        WpdUsb - ok

13:21:36.0143 2724        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

13:21:36.0190 2724        ws2ifsl - ok

13:21:36.0236 2724        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:21:36.0283 2724        WUDFRd - ok

13:21:36.0439 2724        yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

13:21:36.0502 2724        yukonwlh - ok

13:21:36.0533 2724        MBR (0x1B8)     (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0

13:21:37.0001 2724        \Device\Harddisk0\DR0 - ok

13:21:37.0032 2724        Boot (0x1200)   (47f05db3e583f2e14c557b175fc0e758) \Device\Harddisk0\DR0\Partition0

13:21:37.0048 2724        \Device\Harddisk0\DR0\Partition0 - ok

13:21:37.0063 2724        Boot (0x1200)   (028934841232509797acb27ff1ec47b3) \Device\Harddisk0\DR0\Partition1

13:21:37.0063 2724        \Device\Harddisk0\DR0\Partition1 - ok

13:21:37.0063 2724        ============================================================

13:21:37.0063 2724        Scan finished

13:21:37.0063 2724        ============================================================

13:21:37.0094 1276        Detected object count: 0

13:21:37.0094 1276        Actual detected object count: 0