Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bundespolizeivirus (Win 7) (https://www.trojaner-board.de/103940-bundespolizeivirus-win-7-a.html)

ecdub 07.10.2011 14:11
Bundespolizeivirus (Win 7)
 
Hallo zusammen,

gestern Abend habe ich mir leider oben erwähnten Trojaner an meinem Laptop eingefangen. Durch google bin ich auf einen einen Monat alten Thread hier gestoßen, bei dem ein Scan mit srep.exe vorgeschlagen wurde. Dies habe ich getan, allerdings gab es nicht das gewünschte Ergebnis. Ich werde weiterhin darauf hingewiesen doch bitte 100€ zu bezahlen.

Nachdem ich mir hier einige Threads zum Thema durchgelesen hatte, habe ich vorhin den nächsten Schritt untergenommen. Der Scan mit OTLPE brachte aber auch nicht das gewünschte Ergebnis. Ich habe mir das Programm runtergeladen und mit ISOburner auf eine CD gebrannt. Im Anschluss daran habe ich das System neu gestartet und von der CD booten lassen. Nach der erwünschten REATOGO-X-PE Anzeige wurde ich jedoch mit einem Bildschirm darauf hingewiesen, dass das System beendet wurde um keinen Schaden am Computer anzurichten.

Jetzt bin ich etwas ratlos und hoffe die Experten können mir weiterhelfen. Am Ende noch das Ergebnis des srep.exe Scans.

Code:
WIN_7 X64Service Pack 1

HKLM\..\Winlogon; Shell = explorer.exe
No action taken
HKCU\..\Winlogon; Shell not found
No action taken


HKLM\..\Run [LoadFUJ02E3] = C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
HKLM\..\Run [IndicatorUtility] = C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
HKLM\..\Run [Adobe Reader Speed Launcher] = "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\..\Run [UCam_Menu] = "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
HKLM\..\Run [YouCam Mirror Tray icon] = "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
HKLM\..\Run [AIS_RegApp] = "C:\Program Files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe"
HKLM\..\Run [DeskUpdateNotifier] = "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
HKLM\..\Run [avgnt] = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

HKCU\..\Run [swg] = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKCU\..\Run [Update] = C:\Users\***\AppData\Roaming\5F9E7B50.exe

HKU\.DEFAULT\..\Winlogon; Shell =
HKU\S-1-5-19\..\Winlogon; Shell =
HKU\S-1-5-20\..\Winlogon; Shell =
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Winlogon; Shell =
HKU\S-1-5-21-358674387-1169249815-4034172737-1001_Classes\..\Winlogon; Shell =
HKU\S-1-5-18\..\Winlogon; Shell =

HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Run [swg] = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Run [Update] = C:\Users\***\AppData\Roaming\5F9E7B50.exe


x64
HKLMx64\..\Winlogon; Shell = explorer.exe
No action taken
HKCUx6464\..\Winlogon; Shell =
No action taken
HKLMx64\..\Winlogon, Shell = explorer.exe
HKCUx64\..\Winlogon, Shell =

==== FINISH 07.10-10.06 ====
Grüße Tim

cosinus 07.10.2011 16:36
Zitat:
jedoch mit einem Bildschirm darauf hingewiesen, dass das System beendet wurde um keinen Schaden am Computer anzurichten.
Geh mal ins BIOS deines Computers und stell den Plattencontroller von AHCI auf IDE bzw. Compatible um. Genauere Anleitungen kann man nicht posten, da fast jedes BIOS anders aussieht. Schau notfalls ins Handbuch.

Um das installierte Windows wieder booten zu können musst du natürlich auf AHCI wieder umstellen.

ecdub 07.10.2011 18:02
Geht es darum, nur Windows 7 wieder zum laufen zu bringen? Falls ja, das habe ich bereits geschafft, indem ich die Einstellungen bezüglich booten von CD zurückgenommen habe.

Trotzdem habe ich mich im BIOS Setup Menü einmal umgesehen, allerdings bin ich jetzt ein wenig überfordert. Er gibt mit Info, System, Advanced, Security, Boot und Exit 6 Unterpunkte. Ich glaube die Angelegenheit auf 2 Punkte eingrenzen zu können. Bei System gibt es neben Uhrzeit und Datum "Drive 0: [ST9500325AS-(S1)]", sowie "Drive 1:[TSSTcorp CDDVDW TS-L633F-(S2)]" Als Erklärung steht daneben "Configures Serial ATA/IDE Drive".

Desweiteren gibt es unter dem Punkt Advanced den Unterpunkt "AHCI Configuration: [Enabled]" mit der zugehörigen Erklärung "Select AHCI (Advanced Host Controller Interface) enabled or disabled."

Als Laie würde ich sagen ich wäre mit Advanced gut beraten, allerdings würde ich mir das gerne nochmal vom Experten bestätigen lassen, bevor ich da einfach irgendwas umstelle.

cosinus 07.10.2011 21:39
Zitat:
Geht es darum, nur Windows 7 wieder zum laufen zu bringen? Falls ja, das habe ich bereits geschafft
Was denn jetzt? Natürlich geht das mit OTLPE darum! Und wenn du den BKA-Fake hast wird Windows ja auch blockiert!
Vllt könntest du mal klarstellen was genau mit deinem Rechner jetzt ist - ist der BKA noch drauf bzw. wird der Rechner nun noch bom BKA-Screen blockiert ja oder nein?

ecdub 08.10.2011 01:43
Tut mir leid, da habe ich dich erst ein wenig missverstanden und mich anschließend unglücklich ausgedrückt.

Zur Klarstellung: Der BKA-Virus ist nach wie vor vorhanden. Ich habe den srep.exe Scan durchgeführt ohne gewünschten Erfolg. Im Anschluss habe ich OTLPE runtergeladen, auf CD gebrannt und das System über die CD booten lassen, was den angesprochen Bildschirm zur Folge hatte. Danach habe ich das System wieder auf normal gestellt, sodass Windows 7 normal hochgefahren ist (das System also nicht mehr über die CD booten lassen; das meinte ich mit "Windows zum laufen gebracht"). Der BKA Virus erscheint jetzt wieder wenige Sekunden nachdem ich beim Desktop angekommen bin.

Ich hoffe ich habe mich jetzt verständlicher ausgedrückt. Nochmal sorry für die Verwirrung.

cosinus 08.10.2011 16:27
Dann boote von der OTLPE-CD bei deaktiviertem AHCI und mach da das OTLPE-Log.

ecdub 08.10.2011 20:49
Ich habe den OTLPE-Scan durchgeführt.

Code:
OTL logfile created on: 10/8/2011 11:31:19 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 110.00 Gb Total Space | 66.62 Gb Free Space | 60.56% Space Free | Partition Type: NTFS
Drive D: | 353.76 Gb Total Space | 353.66 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/22 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/23 20:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [Auto] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2009/12/24 06:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV:64bit: - [2009/07/30 05:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/09/02 03:15:26 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011/07/21 06:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/21 01:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/09/24 07:53:40 | 000,384,792 | ---- | M] (Fujitsu Technology Solutions) [On_Demand] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe -- (TestHandler)
SRV - [2010/09/13 23:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/13 23:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/01 12:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/11/01 12:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/07/16 08:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/07/21 06:11:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/21 06:11:09 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/13 23:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/13 23:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/13 23:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/13 23:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/04 16:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/18 06:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/27 00:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/11/06 07:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/01 12:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/10/26 07:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2006/11/01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fuj02b1.sys -- (FUJ02B1)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ts.fujitsu.com
IE - HKU\Tim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/02 19:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/09/02 04:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/02 19:45:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/02 19:45:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/02 19:45:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/02 19:45:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/02 19:45:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/02 19:45:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/02 19:45:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\Tim_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BthSyncServ]  File not found
O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AIS_RegApp] C:\Program Files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe (Fujitsu)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DeskUpdateNotifier] C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Tim_ON_C..\Run: [Update] C:\Users\Tim\AppData\Roaming\5F9E7B50.exe (Vano Freelancer)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Tim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/10/06 18:13:52 | 000,134,696 | ---- | C] (Vano Freelancer) -- C:\Users\Tim\AppData\Roaming\5F9E7B50.exe
[2011/10/06 08:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{FEB34D15-949D-4584-A2E9-6D9D7851989E}
[2011/10/06 08:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{44BAAEFC-8576-4230-982D-1062BB1FACAE}
[2011/10/06 08:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2011/10/06 08:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Windows Live Writer
[2011/09/22 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2011/09/21 18:33:32 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Bilder
[2011/09/21 18:33:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Dateien
[2011/09/13 12:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Avira
[2011/09/12 19:05:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Diagnostics
 
========== Files - Modified Within 30 Days ==========
 
[2011/10/07 14:04:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/07 14:03:13 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/07 14:02:29 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/06 18:49:36 | 000,697,534 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/10/06 18:49:36 | 000,652,812 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/06 18:49:36 | 000,148,540 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/10/06 18:49:36 | 000,121,486 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/06 18:35:37 | 000,000,000 | ---- | M] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/06 18:30:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/06 18:13:40 | 000,000,568 | -H-- | M] () -- C:\ProgramData\common.data
[2011/10/06 18:13:39 | 000,134,696 | ---- | M] (Vano Freelancer) -- C:\Users\Tim\AppData\Roaming\5F9E7B50.exe
[2011/10/06 17:27:34 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/06 17:27:34 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/02 11:34:54 | 000,638,753 | ---- | M] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 10:34:18 | 000,657,396 | ---- | M] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/10/02 10:33:21 | 000,628,572 | ---- | M] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 10:32:55 | 000,568,387 | ---- | M] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/09/30 08:09:06 | 000,603,055 | ---- | M] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 15:47:08 | 000,655,353 | ---- | M] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 15:46:14 | 000,606,326 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 15:45:26 | 000,627,963 | ---- | M] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 15:43:56 | 000,667,266 | ---- | M] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 15:43:32 | 000,566,174 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 15:42:16 | 000,667,399 | ---- | M] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 15:41:20 | 000,623,436 | ---- | M] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 20:13:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/23 10:52:52 | 000,111,835 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 10:45:21 | 000,123,040 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/23 04:13:53 | 000,276,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/22 19:15:03 | 000,002,555 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2011/09/18 19:44:12 | 005,057,154 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/18 15:38:36 | 000,659,406 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 15:37:32 | 000,652,128 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 15:36:46 | 000,613,378 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/18 15:36:06 | 000,665,011 | ---- | M] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
[2011/09/15 14:40:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/15 14:35:38 | 000,613,366 | ---- | M] () -- C:\Users\Tim\Documents\Undertaker's Deadliest Matches.jpg
[2011/09/15 14:33:24 | 000,610,623 | ---- | M] () -- C:\Users\Tim\Documents\Jeff Hardy - My Life, My Rules.jpg
[2011/09/15 14:31:54 | 000,599,423 | ---- | M] () -- C:\Users\Tim\Documents\Wrestlemania 17.jpg
[2011/09/15 14:31:10 | 000,641,355 | ---- | M] () -- C:\Users\Tim\Documents\Survivor Series 2008.jpg
[2011/09/15 14:30:34 | 000,620,200 | ---- | M] () -- C:\Users\Tim\Documents\Summerslam 2005.jpg
[2011/09/15 14:29:20 | 000,641,967 | ---- | M] () -- C:\Users\Tim\Documents\Vengeance 2005.jpg
[2011/09/15 14:28:52 | 000,620,968 | ---- | M] () -- C:\Users\Tim\Documents\Royal Rumble 2005.jpg
[2011/09/15 14:28:16 | 000,650,288 | ---- | M] () -- C:\Users\Tim\Documents\New Years Revolution 2005.jpg
[2011/09/15 14:26:52 | 000,629,032 | ---- | M] () -- C:\Users\Tim\Documents\Unforgiven 2003.jpg
 
========== Files Created - No Company Name ==========
 
[2011/10/06 18:35:37 | 000,000,000 | ---- | C] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/06 18:13:36 | 000,000,568 | -H-- | C] () -- C:\ProgramData\common.data
[2011/10/02 16:23:51 | 000,638,753 | ---- | C] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 10:31:40 | 000,628,572 | ---- | C] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 10:31:34 | 000,568,387 | ---- | C] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/10/02 10:31:31 | 000,657,396 | ---- | C] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/09/30 08:07:51 | 000,603,055 | ---- | C] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 15:52:33 | 000,655,353 | ---- | C] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 15:52:31 | 000,606,326 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 15:52:29 | 000,627,963 | ---- | C] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 15:52:27 | 000,667,266 | ---- | C] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 15:52:26 | 000,566,174 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 15:52:22 | 000,667,399 | ---- | C] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 15:52:19 | 000,623,436 | ---- | C] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 10:52:51 | 000,111,835 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 10:45:20 | 000,123,040 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/22 19:15:03 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2011/09/18 15:42:56 | 000,665,011 | ---- | C] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
[2011/09/18 15:42:48 | 000,659,406 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 15:42:45 | 000,652,128 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 15:42:44 | 000,613,378 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/15 14:43:02 | 000,629,032 | ---- | C] () -- C:\Users\Tim\Documents\Unforgiven 2003.jpg
[2011/09/15 14:42:47 | 000,613,366 | ---- | C] () -- C:\Users\Tim\Documents\Undertaker's Deadliest Matches.jpg
[2011/09/15 14:42:44 | 000,610,623 | ---- | C] () -- C:\Users\Tim\Documents\Jeff Hardy - My Life, My Rules.jpg
[2011/09/15 14:42:39 | 000,599,423 | ---- | C] () -- C:\Users\Tim\Documents\Wrestlemania 17.jpg
[2011/09/15 14:42:37 | 000,641,355 | ---- | C] () -- C:\Users\Tim\Documents\Survivor Series 2008.jpg
[2011/09/15 14:42:35 | 000,620,200 | ---- | C] () -- C:\Users\Tim\Documents\Summerslam 2005.jpg
[2011/09/15 14:42:33 | 000,641,967 | ---- | C] () -- C:\Users\Tim\Documents\Vengeance 2005.jpg
[2011/09/15 14:42:33 | 000,620,968 | ---- | C] () -- C:\Users\Tim\Documents\Royal Rumble 2005.jpg
[2011/09/15 14:42:30 | 000,650,288 | ---- | C] () -- C:\Users\Tim\Documents\New Years Revolution 2005.jpg
[2011/09/15 14:40:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/03 15:32:49 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2011/09/02 05:29:50 | 000,000,061 | ---- | C] () -- C:\Windows\FliegenKlatschen.ini
[2011/08/24 05:48:34 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/08/24 05:48:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/08/24 05:48:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/08/24 05:48:33 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/08/24 05:48:33 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/04/16 06:56:37 | 005,057,154 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/30 07:49:22 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/09/02 03:32:53 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Fujitsu
[2011/10/06 10:33:29 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\SoftGrid Client
[2011/09/02 07:06:48 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\TP
[2011/10/06 08:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/09/02 03:55:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Fujitsu
[2011/09/02 03:15:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Partner
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/09/02 03:18:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/09/03 14:23:06 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2011/10/07 13:36:34 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

cosinus 10.10.2011 11:02
Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ts.fujitsu.com
O4 - HKU\Tim_ON_C..\Run: [Update] C:\Users\Tim\AppData\Roaming\5F9E7B50.exe (Vano Freelancer)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found
O32 - HKLM CDRom: AutoRun - 1
[2011/10/06 18:13:52 | 000,134,696 | ---- | C] (Vano Freelancer) -- C:\Users\Tim\AppData\Roaming\5F9E7B50.exe
[2011/10/06 18:13:40 | 000,000,568 | -H-- | M] () -- C:\ProgramData\common.data
:Commands
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Danach sollte Windows wieder normal starten - stell uns bitte den Quarantäneordner von OTL zur Verfügung. Dabei bitte so vorgehen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinträchtigen!
2.) Ordner movedfiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

ecdub 10.10.2011 16:02
Hier das Logfile:

Code:
========== OTL ==========
HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\Tim_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\Tim\AppData\Roaming\5F9E7B50.exe moved successfully.
Registry key HKEY_USERS\LocalService_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_USERS\NetworkService_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\Users\Tim\AppData\Roaming\5F9E7B50.exe not found.
C:\ProgramData\common.data moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 10102011_193334

Die Datei habe ich ebenfalls hochgeladen. Von der Bundespolizei Meldung ist jetzt nichts mehr zu sehen. Bis hierhin schonmal vielen Dank.

cosinus 10.10.2011 17:02
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ecdub 10.10.2011 23:19
Code:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7917

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10.10.2011 21:09:35
mbam-log-2011-10-10 (21-09-35).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|Q:\|)
Durchsuchte Objekte: 321207
Laufzeit: 42 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Tim\AppData\Local\Temp\wpbt0.dll (Exploit.Drop) -> Quarantined and deleted successfully.
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=186d3bba0ed13946a4bc428ee6c8edf8
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-10 08:10:24
# local_time=2011-10-10 10:10:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 473269 54806522 467551 0
# compatibility_mode=5893 16776573 100 94 568 69904509 0 0
# compatibility_mode=8192 67108863 100 0 312 312 0 0
# scanned=130566
# found=6
# cleaned=0
# scan_time=2764
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4D6XHO3T\calc[1].exe        a variant of Win32/Injector.JUJ trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIUBTFFV\calc[1].exe        a variant of Win32/Kryptik.TPK trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Tim\AppData\Local\Mozilla\Firefox\Profiles\d34ztlko.default\Cache\4\99\7E1FEd01        JS/Exploit.Pdfka.PEN trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Tim\AppData\Local\Temp\wpbt1.dll        a variant of Win32/Injector.JUJ trojan (unable to clean)        00000000000000000000000000000000        I
C:\_OTL\MovedFiles.zip        a variant of Win32/Injector.JUJ trojan (unable to clean)        00000000000000000000000000000000        I
C:\_OTL\MovedFiles\10102011_193334\C_Users\Tim\AppData\Roaming\5F9E7B50.exe        a variant of Win32/Injector.JUJ trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 11.10.2011 10:02
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

ecdub 11.10.2011 10:55
Code:
OTL logfile created on: 10/11/2011 11:38:12 AM - Run 1
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Tim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.80 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 67.16% Memory free
7.60 Gb Paging File | 6.24 Gb Available in Paging File | 82.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 110.00 Gb Total Space | 64.49 Gb Free Space | 58.63% Space Free | Partition Type: NTFS
Drive D: | 353.76 Gb Total Space | 353.66 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/10/11 11:37:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
PRC - [2011/07/21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/13 13:04:22 | 000,097,560 | ---- | M] (Fujitsu Technology Solutions) -- C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/11/01 18:04:48 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/11/01 18:04:42 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/10/09 21:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/10/08 20:44:54 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
PRC - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/08 21:58:26 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/09/19 11:35:17 | 000,696,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\log4net\924868e6f2c4357e222171237891d140\log4net.ni.dll
MOD - [2011/09/19 11:35:14 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/09/19 11:35:06 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/09/19 11:35:05 | 000,113,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeskUpdateNotifier\0dddee4ddf0bbd63c3755928370f0340\DeskUpdateNotifier.ni.exe
MOD - [2011/09/19 11:35:01 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/09/19 11:34:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/09/19 11:34:56 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/09/19 11:34:50 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/24 02:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2009/12/24 12:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV:64bit: - [2009/07/30 11:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/07/21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/09/24 13:53:40 | 000,384,792 | ---- | M] (Fujitsu Technology Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe -- (TestHandler)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/01 18:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/11/01 18:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/07/21 12:11:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/21 12:11:09 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/18 12:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/27 06:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/11/06 13:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/01 18:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/10/26 13:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/09 21:16:28 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 18:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 18:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 CE 70 34 5D 87 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/03 01:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/09/02 10:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\mozilla\Extensions
[2011/09/10 16:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\mozilla\Firefox\Profiles\d34ztlko.default\extensions
[2011/09/02 10:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
[2011/10/03 01:45:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 01:45:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/03 01:45:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/03 01:45:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/03 01:45:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/03 01:45:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/03 01:45:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/10/11 01:33:39 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BthSyncServ] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" File not found
O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AIS_RegApp] C:\Program Files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe (Fujitsu)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Update] C:\Users\Tim\AppData\Roaming\5F9E7B50.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B177CBF6-390A-4E52-9F69-60BDD2CB9D86}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD3427C2-C63B-43C7-9AA7-EB0B84E4995E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a57b74bc-d57b-11e0-ad83-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a57b74bc-d57b-11e0-ad83-806e6f6e6963}\Shell\AutoRun\command - "" = F:\reatogoMenu.exe -- [2005/07/16 23:36:50 | 000,240,128 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/10/11 11:37:02 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/11 01:33:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/10 21:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/10/10 21:18:10 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Tim\Desktop\esetsmartinstaller_enu.exe
[2011/10/10 20:14:11 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Malwarebytes
[2011/10/10 20:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 20:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/10 20:13:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/10/10 20:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/10/06 14:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{FEB34D15-949D-4584-A2E9-6D9D7851989E}
[2011/10/06 14:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{44BAAEFC-8576-4230-982D-1062BB1FACAE}
[2011/10/06 14:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2011/10/06 14:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Windows Live Writer
[2011/09/23 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2011/09/22 00:33:32 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Bilder
[2011/09/22 00:33:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Dateien
[2011/09/13 18:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Avira
[2011/09/13 01:05:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Diagnostics
 
========== Files - Modified Within 30 Days ==========
 
[2011/10/11 11:41:32 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 11:41:32 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 11:40:44 | 000,861,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/11 11:40:44 | 000,712,326 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/10/11 11:40:44 | 000,153,276 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/10/11 11:40:44 | 000,004,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/11 11:40:44 | 000,004,272 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/11 11:37:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/11 11:33:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/11 11:33:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/11 11:33:37 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/10 23:30:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/10 21:18:22 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Tim\Desktop\esetsmartinstaller_enu.exe
[2011/10/07 00:35:37 | 000,000,000 | ---- | M] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/02 17:34:54 | 000,638,753 | ---- | M] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 16:34:18 | 000,657,396 | ---- | M] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/10/02 16:33:21 | 000,628,572 | ---- | M] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 16:32:55 | 000,568,387 | ---- | M] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/09/30 14:09:06 | 000,603,055 | ---- | M] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 21:47:08 | 000,655,353 | ---- | M] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 21:46:14 | 000,606,326 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 21:45:26 | 000,627,963 | ---- | M] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 21:43:56 | 000,667,266 | ---- | M] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 21:43:32 | 000,566,174 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 21:42:16 | 000,667,399 | ---- | M] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 21:41:20 | 000,623,436 | ---- | M] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 16:52:52 | 000,111,835 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 16:45:21 | 000,123,040 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/23 10:13:53 | 000,276,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/19 01:44:12 | 005,057,154 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/18 21:38:36 | 000,659,406 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 21:37:32 | 000,652,128 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 21:36:46 | 000,613,378 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/18 21:36:06 | 000,665,011 | ---- | M] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
[2011/09/15 20:40:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/15 20:35:38 | 000,613,366 | ---- | M] () -- C:\Users\Tim\Documents\Undertaker's Deadliest Matches.jpg
[2011/09/15 20:33:24 | 000,610,623 | ---- | M] () -- C:\Users\Tim\Documents\Jeff Hardy - My Life, My Rules.jpg
[2011/09/15 20:31:54 | 000,599,423 | ---- | M] () -- C:\Users\Tim\Documents\Wrestlemania 17.jpg
[2011/09/15 20:31:10 | 000,641,355 | ---- | M] () -- C:\Users\Tim\Documents\Survivor Series 2008.jpg
[2011/09/15 20:30:34 | 000,620,200 | ---- | M] () -- C:\Users\Tim\Documents\Summerslam 2005.jpg
[2011/09/15 20:29:20 | 000,641,967 | ---- | M] () -- C:\Users\Tim\Documents\Vengeance 2005.jpg
[2011/09/15 20:28:52 | 000,620,968 | ---- | M] () -- C:\Users\Tim\Documents\Royal Rumble 2005.jpg
[2011/09/15 20:28:16 | 000,650,288 | ---- | M] () -- C:\Users\Tim\Documents\New Years Revolution 2005.jpg
[2011/09/15 20:26:52 | 000,629,032 | ---- | M] () -- C:\Users\Tim\Documents\Unforgiven 2003.jpg
 
========== Files Created - No Company Name ==========
 
[2011/10/07 00:35:37 | 000,000,000 | ---- | C] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/02 22:23:51 | 000,638,753 | ---- | C] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 16:31:40 | 000,628,572 | ---- | C] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 16:31:34 | 000,568,387 | ---- | C] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/10/02 16:31:31 | 000,657,396 | ---- | C] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/09/30 14:07:51 | 000,603,055 | ---- | C] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 21:52:33 | 000,655,353 | ---- | C] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 21:52:31 | 000,606,326 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 21:52:29 | 000,627,963 | ---- | C] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 21:52:27 | 000,667,266 | ---- | C] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 21:52:26 | 000,566,174 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 21:52:22 | 000,667,399 | ---- | C] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 21:52:19 | 000,623,436 | ---- | C] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 16:52:51 | 000,111,835 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 16:45:20 | 000,123,040 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/23 01:15:03 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2011/09/18 21:42:56 | 000,665,011 | ---- | C] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
[2011/09/18 21:42:48 | 000,659,406 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 21:42:45 | 000,652,128 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 21:42:44 | 000,613,378 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/15 20:43:02 | 000,629,032 | ---- | C] () -- C:\Users\Tim\Documents\Unforgiven 2003.jpg
[2011/09/15 20:42:47 | 000,613,366 | ---- | C] () -- C:\Users\Tim\Documents\Undertaker's Deadliest Matches.jpg
[2011/09/15 20:42:44 | 000,610,623 | ---- | C] () -- C:\Users\Tim\Documents\Jeff Hardy - My Life, My Rules.jpg
[2011/09/15 20:42:39 | 000,599,423 | ---- | C] () -- C:\Users\Tim\Documents\Wrestlemania 17.jpg
[2011/09/15 20:42:37 | 000,641,355 | ---- | C] () -- C:\Users\Tim\Documents\Survivor Series 2008.jpg
[2011/09/15 20:42:35 | 000,620,200 | ---- | C] () -- C:\Users\Tim\Documents\Summerslam 2005.jpg
[2011/09/15 20:42:33 | 000,641,967 | ---- | C] () -- C:\Users\Tim\Documents\Vengeance 2005.jpg
[2011/09/15 20:42:33 | 000,620,968 | ---- | C] () -- C:\Users\Tim\Documents\Royal Rumble 2005.jpg
[2011/09/15 20:42:30 | 000,650,288 | ---- | C] () -- C:\Users\Tim\Documents\New Years Revolution 2005.jpg
[2011/09/15 20:40:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/03 21:32:49 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2011/09/02 11:29:50 | 000,000,061 | ---- | C] () -- C:\Windows\FliegenKlatschen.ini
[2011/08/24 11:48:34 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/08/24 11:48:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/08/24 11:48:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/08/24 11:48:33 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/08/24 11:48:33 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/04/16 12:56:37 | 005,057,154 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/30 13:49:22 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/09/02 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Fujitsu
[2011/10/06 16:33:29 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\SoftGrid Client
[2011/09/02 13:06:48 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\TP
[2011/10/06 14:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2011/10/07 19:36:34 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/09/04 22:16:47 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Adobe
[2011/09/13 18:50:19 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Avira
[2011/09/02 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Fujitsu
[2011/09/02 10:00:12 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Google
[2011/09/02 09:32:12 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Identities
[2011/09/02 13:40:18 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Macromedia
[2011/10/10 20:14:11 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Malwarebytes
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Media Center Programs
[2011/09/23 00:56:47 | 000,000,000 | --SD | M] -- C:\Users\Tim\AppData\Roaming\Microsoft
[2011/09/02 10:03:28 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Mozilla
[2011/10/06 16:33:29 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\SoftGrid Client
[2011/09/02 13:06:48 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\TP
[2011/10/06 14:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Fujitsu\Driver Pool\7\iaStor.sys
[2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys
[2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_1170b46175ba2765\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

cosinus 11.10.2011 13:54
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

ecdub 11.10.2011 20:45
Code:
21:32:37.0338 0704        TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06
21:32:37.0525 0704        ============================================================
21:32:37.0525 0704        Current date / time: 2011/10/11 21:32:37.0525
21:32:37.0525 0704        SystemInfo:
21:32:37.0525 0704       
21:32:37.0525 0704        OS Version: 6.1.7601 ServicePack: 1.0
21:32:37.0525 0704        Product type: Workstation
21:32:37.0525 0704        ComputerName: TIM-PC
21:32:37.0525 0704        UserName: Tim
21:32:37.0525 0704        Windows directory: C:\Windows
21:32:37.0525 0704        System windows directory: C:\Windows
21:32:37.0525 0704        Running under WOW64
21:32:37.0525 0704        Processor architecture: Intel x64
21:32:37.0525 0704        Number of processors: 2
21:32:37.0525 0704        Page size: 0x1000
21:32:37.0525 0704        Boot type: Normal boot
21:32:37.0525 0704        ============================================================
21:32:38.0102 0704        Initialize success
21:33:31.0002 3292        ============================================================
21:33:31.0002 3292        Scan started
21:33:31.0002 3292        Mode: Manual; SigCheck; TDLFS;
21:33:31.0002 3292        ============================================================
21:33:31.0470 3292        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:33:31.0594 3292        1394ohci - ok
21:33:31.0688 3292        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:33:31.0719 3292        ACPI - ok
21:33:31.0813 3292        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:33:31.0875 3292        AcpiPmi - ok
21:33:32.0000 3292        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:33:32.0047 3292        adp94xx - ok
21:33:32.0125 3292        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:33:32.0172 3292        adpahci - ok
21:33:32.0265 3292        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:33:32.0296 3292        adpu320 - ok
21:33:32.0421 3292        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:33:32.0515 3292        AFD - ok
21:33:32.0608 3292        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:33:32.0640 3292        agp440 - ok
21:33:32.0733 3292        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:33:32.0764 3292        aliide - ok
21:33:32.0811 3292        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:33:32.0842 3292        amdide - ok
21:33:32.0905 3292        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:33:32.0967 3292        AmdK8 - ok
21:33:33.0030 3292        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:33:33.0092 3292        AmdPPM - ok
21:33:33.0201 3292        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:33:33.0232 3292        amdsata - ok
21:33:33.0310 3292        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:33:33.0342 3292        amdsbs - ok
21:33:33.0388 3292        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:33:33.0404 3292        amdxata - ok
21:33:33.0529 3292        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:33:33.0607 3292        AppID - ok
21:33:33.0732 3292        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:33:33.0763 3292        arc - ok
21:33:33.0794 3292        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:33:33.0825 3292        arcsas - ok
21:33:33.0888 3292        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:33:33.0966 3292        AsyncMac - ok
21:33:34.0075 3292        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:33:34.0106 3292        atapi - ok
21:33:34.0184 3292        athr            (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
21:33:34.0293 3292        athr - ok
21:33:34.0434 3292        avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
21:33:34.0480 3292        avgntflt - ok
21:33:34.0527 3292        avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
21:33:34.0543 3292        avipbb - ok
21:33:34.0699 3292        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:33:34.0777 3292        b06bdrv - ok
21:33:34.0886 3292        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:33:34.0964 3292        b57nd60a - ok
21:33:35.0073 3292        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:33:35.0151 3292        Beep - ok
21:33:35.0260 3292        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:33:35.0307 3292        blbdrive - ok
21:33:35.0354 3292        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:33:35.0416 3292        bowser - ok
21:33:35.0510 3292        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:33:35.0557 3292        BrFiltLo - ok
21:33:35.0588 3292        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:33:35.0619 3292        BrFiltUp - ok
21:33:35.0728 3292        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:33:35.0806 3292        Brserid - ok
21:33:35.0838 3292        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:33:35.0900 3292        BrSerWdm - ok
21:33:35.0978 3292        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:33:36.0025 3292        BrUsbMdm - ok
21:33:36.0087 3292        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:33:36.0134 3292        BrUsbSer - ok
21:33:36.0259 3292        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:33:36.0321 3292        BthEnum - ok
21:33:36.0430 3292        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:33:36.0493 3292        BTHMODEM - ok
21:33:36.0571 3292        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:33:36.0602 3292        BthPan - ok
21:33:36.0696 3292        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:33:36.0742 3292        BTHPORT - ok
21:33:36.0883 3292        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:33:36.0930 3292        BTHUSB - ok
21:33:37.0039 3292        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:33:37.0132 3292        cdfs - ok
21:33:37.0195 3292        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:33:37.0273 3292        cdrom - ok
21:33:37.0398 3292        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:33:37.0460 3292        circlass - ok
21:33:37.0491 3292        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:33:37.0522 3292        CLFS - ok
21:33:37.0663 3292        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:33:37.0710 3292        CmBatt - ok
21:33:37.0741 3292        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:33:37.0772 3292        cmdide - ok
21:33:37.0819 3292        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:33:37.0850 3292        CNG - ok
21:33:37.0944 3292        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:33:37.0975 3292        Compbatt - ok
21:33:38.0022 3292        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:33:38.0068 3292        CompositeBus - ok
21:33:38.0115 3292        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:33:38.0131 3292        crcdisk - ok
21:33:38.0271 3292        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:33:38.0349 3292        DfsC - ok
21:33:38.0396 3292        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:33:38.0490 3292        discache - ok
21:33:38.0614 3292        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:33:38.0646 3292        Disk - ok
21:33:38.0708 3292        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:33:38.0755 3292        drmkaud - ok
21:33:38.0880 3292        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:33:38.0926 3292        DXGKrnl - ok
21:33:39.0020 3292        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:33:39.0176 3292        ebdrv - ok
21:33:39.0332 3292        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:33:39.0379 3292        elxstor - ok
21:33:39.0394 3292        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:33:39.0426 3292        ErrDev - ok
21:33:39.0457 3292        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:33:39.0535 3292        exfat - ok
21:33:39.0597 3292        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:33:39.0706 3292        fastfat - ok
21:33:39.0800 3292        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:33:39.0831 3292        fdc - ok
21:33:39.0972 3292        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:33:40.0003 3292        FileInfo - ok
21:33:40.0003 3292        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:33:40.0112 3292        Filetrace - ok
21:33:40.0206 3292        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:33:40.0237 3292        flpydisk - ok
21:33:40.0284 3292        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:33:40.0315 3292        FltMgr - ok
21:33:40.0330 3292        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:33:40.0346 3292        FsDepends - ok
21:33:40.0408 3292        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:33:40.0440 3292        Fs_Rec - ok
21:33:40.0486 3292        FUJ02B1        (ba0c1ffda496d8bcbcac63f8d98d20e3) C:\Windows\system32\DRIVERS\FUJ02B1.sys
21:33:40.0533 3292        FUJ02B1 - ok
21:33:40.0564 3292        FUJ02E3        (7135030cbf87d724b6037bb023923730) C:\Windows\system32\DRIVERS\FUJ02E3.sys
21:33:40.0596 3292        FUJ02E3 - ok
21:33:40.0736 3292        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:33:40.0752 3292        fvevol - ok
21:33:40.0783 3292        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:33:40.0814 3292        gagp30kx - ok
21:33:40.0876 3292        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:33:40.0923 3292        hcw85cir - ok
21:33:41.0048 3292        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:33:41.0110 3292        HdAudAddService - ok
21:33:41.0220 3292        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:33:41.0266 3292        HDAudBus - ok
21:33:41.0344 3292        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:33:41.0376 3292        HECIx64 - ok
21:33:41.0422 3292        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:33:41.0469 3292        HidBatt - ok
21:33:41.0532 3292        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:33:41.0594 3292        HidBth - ok
21:33:41.0703 3292        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:33:41.0750 3292        HidIr - ok
21:33:41.0875 3292        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:33:41.0906 3292        HidUsb - ok
21:33:42.0031 3292        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:33:42.0062 3292        HpSAMD - ok
21:33:42.0109 3292        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:33:42.0187 3292        HTTP - ok
21:33:42.0249 3292        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:33:42.0265 3292        hwpolicy - ok
21:33:42.0343 3292        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:33:42.0390 3292        i8042prt - ok
21:33:42.0468 3292        iaStor          (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\drivers\iaStor.sys
21:33:42.0499 3292        iaStor - ok
21:33:42.0561 3292        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:33:42.0592 3292        iaStorV - ok
21:33:42.0826 3292        igfx            (8e509de232cfa4f8a5b34f01802f500e) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:33:43.0107 3292        igfx - ok
21:33:43.0232 3292        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:33:43.0248 3292        iirsp - ok
21:33:43.0326 3292        Impcd          (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
21:33:43.0357 3292        Impcd - ok
21:33:43.0528 3292        IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
21:33:43.0591 3292        IntcAzAudAddService - ok
21:33:43.0669 3292        IntcDAud        (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:33:43.0716 3292        IntcDAud - ok
21:33:43.0794 3292        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:33:43.0825 3292        intelide - ok
21:33:43.0903 3292        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:33:43.0934 3292        intelppm - ok
21:33:44.0028 3292        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:33:44.0106 3292        IpFilterDriver - ok
21:33:44.0215 3292        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:33:44.0277 3292        IPMIDRV - ok
21:33:44.0324 3292        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:33:44.0371 3292        IPNAT - ok
21:33:44.0449 3292        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:33:44.0480 3292        IRENUM - ok
21:33:44.0527 3292        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:33:44.0542 3292        isapnp - ok
21:33:44.0605 3292        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:33:44.0636 3292        iScsiPrt - ok
21:33:44.0698 3292        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:33:44.0730 3292        kbdclass - ok
21:33:44.0792 3292        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:33:44.0823 3292        kbdhid - ok
21:33:44.0886 3292        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:33:44.0917 3292        KSecDD - ok
21:33:44.0948 3292        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:33:44.0979 3292        KSecPkg - ok
21:33:45.0026 3292        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:33:45.0104 3292        ksthunk - ok
21:33:45.0229 3292        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:33:45.0307 3292        lltdio - ok
21:33:45.0463 3292        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:33:45.0494 3292        LSI_FC - ok
21:33:45.0510 3292        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:33:45.0525 3292        LSI_SAS - ok
21:33:45.0541 3292        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:33:45.0572 3292        LSI_SAS2 - ok
21:33:45.0603 3292        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:33:45.0619 3292        LSI_SCSI - ok
21:33:45.0650 3292        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:33:45.0712 3292        luafv - ok
21:33:45.0822 3292        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:33:45.0853 3292        megasas - ok
21:33:45.0900 3292        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:33:45.0931 3292        MegaSR - ok
21:33:45.0962 3292        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:33:46.0024 3292        Modem - ok
21:33:46.0118 3292        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:33:46.0165 3292        monitor - ok
21:33:46.0258 3292        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:33:46.0290 3292        mouclass - ok
21:33:46.0336 3292        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
21:33:46.0383 3292        mouhid - ok
21:33:46.0446 3292        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:33:46.0477 3292        mountmgr - ok
21:33:46.0508 3292        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:33:46.0555 3292        mpio - ok
21:33:46.0586 3292        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:33:46.0648 3292        mpsdrv - ok
21:33:46.0695 3292        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:33:46.0742 3292        MRxDAV - ok
21:33:46.0804 3292        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:33:46.0851 3292        mrxsmb - ok
21:33:46.0898 3292        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:33:46.0945 3292        mrxsmb10 - ok
21:33:47.0007 3292        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:33:47.0054 3292        mrxsmb20 - ok
21:33:47.0132 3292        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:33:47.0163 3292        msahci - ok
21:33:47.0210 3292        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:33:47.0257 3292        msdsm - ok
21:33:47.0319 3292        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:33:47.0382 3292        Msfs - ok
21:33:47.0444 3292        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:33:47.0506 3292        mshidkmdf - ok
21:33:47.0569 3292        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:33:47.0584 3292        msisadrv - ok
21:33:47.0709 3292        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:33:47.0772 3292        MSKSSRV - ok
21:33:47.0772 3292        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:33:47.0834 3292        MSPCLOCK - ok
21:33:47.0850 3292        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:33:47.0896 3292        MSPQM - ok
21:33:47.0959 3292        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:33:48.0006 3292        MsRPC - ok
21:33:48.0068 3292        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:33:48.0084 3292        mssmbios - ok
21:33:48.0146 3292        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:33:48.0224 3292        MSTEE - ok
21:33:48.0255 3292        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:33:48.0302 3292        MTConfig - ok
21:33:48.0349 3292        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:33:48.0380 3292        Mup - ok
21:33:48.0489 3292        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:33:48.0552 3292        NativeWifiP - ok
21:33:48.0614 3292        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:33:48.0676 3292        NDIS - ok
21:33:48.0708 3292        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:33:48.0770 3292        NdisCap - ok
21:33:48.0832 3292        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:33:48.0895 3292        NdisTapi - ok
21:33:48.0957 3292        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:33:49.0035 3292        Ndisuio - ok
21:33:49.0082 3292        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:33:49.0176 3292        NdisWan - ok
21:33:49.0191 3292        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:33:49.0254 3292        NDProxy - ok
21:33:49.0378 3292        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:33:49.0472 3292        NetBIOS - ok
21:33:49.0503 3292        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:33:49.0550 3292        NetBT - ok
21:33:49.0706 3292        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:33:49.0737 3292        nfrd960 - ok
21:33:49.0784 3292        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:33:49.0831 3292        Npfs - ok
21:33:49.0862 3292        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:33:49.0924 3292        nsiproxy - ok
21:33:49.0987 3292        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:33:50.0112 3292        Ntfs - ok
21:33:50.0221 3292        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:33:50.0314 3292        Null - ok
21:33:50.0392 3292        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:33:50.0424 3292        nvraid - ok
21:33:50.0470 3292        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:33:50.0502 3292        nvstor - ok
21:33:50.0548 3292        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:33:50.0564 3292        nv_agp - ok
21:33:50.0626 3292        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:33:50.0673 3292        ohci1394 - ok
21:33:50.0736 3292        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:33:50.0782 3292        Parport - ok
21:33:50.0829 3292        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:33:50.0860 3292        partmgr - ok
21:33:50.0923 3292        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:33:50.0954 3292        pci - ok
21:33:50.0985 3292        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:33:51.0001 3292        pciide - ok
21:33:51.0063 3292        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:33:51.0110 3292        pcmcia - ok
21:33:51.0157 3292        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:33:51.0188 3292        pcw - ok
21:33:51.0219 3292        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:33:51.0328 3292        PEAUTH - ok
21:33:51.0500 3292        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:33:51.0594 3292        PptpMiniport - ok
21:33:51.0625 3292        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:33:51.0656 3292        Processor - ok
21:33:51.0765 3292        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:33:51.0843 3292        Psched - ok
21:33:51.0968 3292        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:33:52.0077 3292        ql2300 - ok
21:33:52.0186 3292        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:33:52.0218 3292        ql40xx - ok
21:33:52.0249 3292        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:33:52.0296 3292        QWAVEdrv - ok
21:33:52.0311 3292        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:33:52.0358 3292        RasAcd - ok
21:33:52.0452 3292        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:33:52.0545 3292        RasAgileVpn - ok
21:33:52.0592 3292        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:33:52.0654 3292        Rasl2tp - ok
21:33:52.0779 3292        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:33:52.0857 3292        RasPppoe - ok
21:33:52.0888 3292        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:33:52.0951 3292        RasSstp - ok
21:33:52.0966 3292        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:33:53.0029 3292        rdbss - ok
21:33:53.0060 3292        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:33:53.0091 3292        rdpbus - ok
21:33:53.0122 3292        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:33:53.0185 3292        RDPCDD - ok
21:33:53.0263 3292        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:33:53.0341 3292        RDPENCDD - ok
21:33:53.0403 3292        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:33:53.0481 3292        RDPREFMP - ok
21:33:53.0528 3292        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:33:53.0575 3292        RDPWD - ok
21:33:53.0653 3292        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:33:53.0700 3292        rdyboost - ok
21:33:53.0793 3292        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:33:53.0840 3292        RFCOMM - ok
21:33:53.0934 3292        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:33:54.0012 3292        rspndr - ok
21:33:54.0043 3292        RSUSBSTOR - ok
21:33:54.0105 3292        RTL8167        (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:33:54.0136 3292        RTL8167 - ok
21:33:54.0152 3292        RtsUIR - ok
21:33:54.0214 3292        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:33:54.0246 3292        sbp2port - ok
21:33:54.0292 3292        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:33:54.0355 3292        scfilter - ok
21:33:54.0402 3292        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:33:54.0480 3292        secdrv - ok
21:33:54.0589 3292        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:33:54.0636 3292        Serenum - ok
21:33:54.0682 3292        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:33:54.0729 3292        Serial - ok
21:33:54.0807 3292        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:33:54.0854 3292        sermouse - ok
21:33:54.0932 3292        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:33:54.0979 3292        sffdisk - ok
21:33:55.0026 3292        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:33:55.0072 3292        sffp_mmc - ok
21:33:55.0135 3292        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:33:55.0182 3292        sffp_sd - ok
21:33:55.0228 3292        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:33:55.0260 3292        sfloppy - ok
21:33:55.0338 3292        Sftfs          (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:33:55.0369 3292        Sftfs - ok
21:33:55.0447 3292        Sftplay        (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:33:55.0462 3292        Sftplay - ok
21:33:55.0509 3292        Sftredir        (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:33:55.0525 3292        Sftredir - ok
21:33:55.0587 3292        Sftvol          (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:33:55.0618 3292        Sftvol - ok
21:33:55.0728 3292        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:33:55.0743 3292        SiSRaid2 - ok
21:33:55.0806 3292        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:33:55.0837 3292        SiSRaid4 - ok
21:33:55.0899 3292        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:33:55.0977 3292        Smb - ok
21:33:56.0071 3292        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:33:56.0102 3292        spldr - ok
21:33:56.0180 3292        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:33:56.0242 3292        srv - ok
21:33:56.0352 3292        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:33:56.0414 3292        srv2 - ok
21:33:56.0492 3292        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:33:56.0539 3292        srvnet - ok
21:33:56.0601 3292        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:33:56.0632 3292        stexstor - ok
21:33:56.0695 3292        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:33:56.0726 3292        swenum - ok
21:33:56.0820 3292        SynTP          (2f827bb08cc7f1a17df2ead7b424d731) C:\Windows\system32\DRIVERS\SynTP.sys
21:33:56.0851 3292        SynTP - ok
21:33:56.0976 3292        Tcpip          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:33:57.0132 3292        Tcpip - ok
21:33:57.0288 3292        TCPIP6          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:33:57.0350 3292        TCPIP6 - ok
21:33:57.0381 3292        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:33:57.0475 3292        tcpipreg - ok
21:33:57.0584 3292        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:33:57.0662 3292        TDPIPE - ok
21:33:57.0678 3292        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:33:57.0709 3292        TDTCP - ok
21:33:57.0724 3292        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:33:57.0771 3292        tdx - ok
21:33:57.0818 3292        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:33:57.0834 3292        TermDD - ok
21:33:57.0912 3292        TPM            (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
21:33:57.0958 3292        TPM - ok
21:33:58.0021 3292        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:33:58.0099 3292        tssecsrv - ok
21:33:58.0161 3292        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:33:58.0208 3292        TsUsbFlt - ok
21:33:58.0270 3292        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:33:58.0317 3292        TsUsbGD - ok
21:33:58.0395 3292        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:33:58.0473 3292        tunnel - ok
21:33:58.0536 3292        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:33:58.0567 3292        uagp35 - ok
21:33:58.0629 3292        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:33:58.0707 3292        udfs - ok
21:33:58.0754 3292        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:33:58.0785 3292        uliagpkx - ok
21:33:58.0863 3292        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:33:58.0910 3292        umbus - ok
21:33:59.0019 3292        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:33:59.0050 3292        UmPass - ok
21:33:59.0097 3292        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:33:59.0160 3292        usbccgp - ok
21:33:59.0238 3292        USBCCID - ok
21:33:59.0284 3292        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:33:59.0331 3292        usbcir - ok
21:33:59.0425 3292        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:33:59.0472 3292        usbehci - ok
21:33:59.0518 3292        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:33:59.0565 3292        usbhub - ok
21:33:59.0659 3292        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:33:59.0706 3292        usbohci - ok
21:33:59.0737 3292        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:33:59.0815 3292        usbprint - ok
21:33:59.0908 3292        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:33:59.0971 3292        USBSTOR - ok
21:34:00.0064 3292        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:34:00.0111 3292        usbuhci - ok
21:34:00.0189 3292        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:34:00.0236 3292        usbvideo - ok
21:34:00.0330 3292        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:34:00.0345 3292        vdrvroot - ok
21:34:00.0486 3292        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:34:00.0532 3292        vga - ok
21:34:00.0595 3292        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:34:00.0657 3292        VgaSave - ok
21:34:00.0720 3292        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:34:00.0766 3292        vhdmp - ok
21:34:00.0813 3292        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:34:00.0829 3292        viaide - ok
21:34:00.0876 3292        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:34:00.0907 3292        volmgr - ok
21:34:00.0938 3292        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:34:00.0969 3292        volmgrx - ok
21:34:01.0016 3292        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:34:01.0063 3292        volsnap - ok
21:34:01.0110 3292        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:34:01.0125 3292        vsmraid - ok
21:34:01.0172 3292        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:34:01.0203 3292        vwifibus - ok
21:34:01.0250 3292        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:34:01.0297 3292        vwififlt - ok
21:34:01.0359 3292        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:34:01.0390 3292        WacomPen - ok
21:34:01.0500 3292        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:34:01.0578 3292        WANARP - ok
21:34:01.0593 3292        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:34:01.0624 3292        Wanarpv6 - ok
21:34:01.0671 3292        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:34:01.0687 3292        Wd - ok
21:34:01.0718 3292        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:34:01.0749 3292        Wdf01000 - ok
21:34:01.0780 3292        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:34:01.0827 3292        WfpLwf - ok
21:34:01.0936 3292        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:34:01.0968 3292        WIMMount - ok
21:34:02.0061 3292        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:34:02.0124 3292        WinUsb - ok
21:34:02.0248 3292        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:34:02.0280 3292        WmiAcpi - ok
21:34:02.0404 3292        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:34:02.0498 3292        ws2ifsl - ok
21:34:02.0529 3292        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:34:02.0576 3292        WudfPf - ok
21:34:02.0685 3292        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:34:02.0763 3292        WUDFRd - ok
21:34:02.0810 3292        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:34:02.0904 3292        \Device\Harddisk0\DR0 - ok
21:34:02.0935 3292        Boot (0x1200)  (6e75ff767b303e5d8a197887379ef8b5) \Device\Harddisk0\DR0\Partition0
21:34:02.0935 3292        \Device\Harddisk0\DR0\Partition0 - ok
21:34:02.0966 3292        Boot (0x1200)  (e979d51d7db4e4ff71a6a8d2b7956e28) \Device\Harddisk0\DR0\Partition1
21:34:02.0966 3292        \Device\Harddisk0\DR0\Partition1 - ok
21:34:02.0966 3292        ============================================================
21:34:02.0966 3292        Scan finished
21:34:02.0966 3292        ============================================================
21:34:02.0982 3756        Detected object count: 0
21:34:02.0982 3756        Actual detected object count: 0


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:30 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131