Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojan/Win32.VBKrypt "hrt54is56ijfgte" (https://www.trojaner-board.de/105874-trojan-win32-vbkrypt-hrt54is56ijfgte.html)

rara 06.12.2011 16:36
Trojan/Win32.VBKrypt "hrt54is56ijfgte"
 
Hallo an alle,

ich habe in meinem System(Win7) den Trojaner hrt54is56ijfgte ausfindig gemacht. Nach dem Hochfahren wird das System mit einem weissen Fenster mit der Meldung "Es besteht noch keine INternetverbindung, bitte warten." blockiert, auch im normalen abgesicherten Modus.
Auf dieser Seite wird der Trojaner näher beschrieben:
hxxp://reports.antivirus-lab.com/12047/trojanwin32-vbkrypt-118/#more-12047
Bei "Continue reading" findet man auch eine Befehlskette unter Execution.

Wenn ich über mein Gastkonto(Standard eingeschränkte Rechte) anmelde, kann ich über den Taskmanager neue Tasks ausführen. Ich komme da auch in die Registry(dort ist Trojaner auch als dilani disse benannt), kann aber dort nichts verändern. Die Explorer.exe wurde dort wie bei den anderen Fällen von Ukash verändert und verweist auf die hrt54is56ijfgte.exe.

Ich habe ausserdem noch auf einer anderen Partition noch Windows XP, kann also als Admin auch von dort aus operieren.

Welche Möglichkeiten habe ich, um diesen Trojaner zu entfernen?
Kann man diese Befehlskette zur "Execution" von Antivirus-Lab irgendwie verwenden?

Ich würde mich über jede Hilfe freuen

Rara

Edit: Für OTL-Scan habe ich erst ab Donnerstag Zeit.

cosinus 07.12.2011 19:05
Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.

rara 08.12.2011 17:34
Hallo cosinus,

ich glaub ich habs jetzt selbst hinbekommen. Ich benutzte die Anleitung von botfrei und hab im abgesicherten Modus mit Eingabeaufforderung die Registry bearbeitet. Die Registry war auch erst vom "Admin deaktiviert", habe sie aber per Script "Disableregistytools.vbs" aufbekommen. Ich habe dort "Winlogon" repariert und danach noch die Registry nach hrt54... durchsucht. Ich habe noch einige Einträge(u.a. bei Zusatzprogramme) gefunden und gelöscht.
Wäre vielleicht für lukasm interessant, der anscheinend dasselbe Problem gehabt hat.
Malwarebytes, Spybot, Tdsskiller und Avira DE Cleaner fanden nichts mehr, AntivirPersonal fand noch ein paar wahrscheinlich ältere harmlose Sachen.
Ich glaube der Fall ist jetzt erledigt.

Gruss
rara

cosinus 08.12.2011 20:48
Zitat:
Ich glaube der Fall ist jetzt erledigt.
Nee so einfach ist das nicht. Man muss schon weitere Bereiche abklopfen.

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


rara 09.12.2011 15:12
Hallo cosinus,

ich habe jetzt erst Malwarebytes durchlaufen lassen, dann Eset.
Malwarebytes hat nichts gefunden, Eset 3(1 auf Partition C, 2 auf D; wahrscheinlich was altes, harmloses)

Ich poste erst mal die Reports von Avira Antivir(hat als einziges was gefunden), die am 06. und 08. was gefunden haben:
Zitat:
Beginne mit der Suche in 'C:\Users\Rainer\AppData\Local\Temp\0.9822716582184313.exe'
C:\Users\Rainer\AppData\Local\Temp\0.9822716582184313.exe
[FUND] Ist das Trojanische Pferd TR/Ransom.BP
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a8532c0.qua' verschoben!
Zitat:
Beginne mit der Suche in 'C:\'
C:\System Volume Information\_restore{D01D3B98-AFDB-4804-8C21-4975C6A2B124}\RP118\A0051318.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{D01D3B98-AFDB-4804-8C21-4975C6A2B124}\RP118\A0051344.exe
[FUND] Ist das Trojanische Pferd TR/Ransom.BP
C:\Users\Rainer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\618d3b81-69b67907
[FUND] Ist das Trojanische Pferd TR/Ransom.BP
C:\Users\Rainer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\14da3279-56cb9258
[0] Archivtyp: ZIP
--> v1.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Tharra.B

Beginne mit der Desinfektion:
C:\Users\Rainer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\14da3279-56cb9258
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Tharra.B
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a9e4a2b.qua' verschoben!
C:\Users\Rainer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\618d3b81-69b67907
[FUND] Ist das Trojanische Pferd TR/Ransom.BP
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '52556581.qua' verschoben!
C:\System Volume Information\_restore{D01D3B98-AFDB-4804-8C21-4975C6A2B124}\RP118\A0051344.exe
[FUND] Ist das Trojanische Pferd TR/Ransom.BP
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '00023f69.qua' verschoben!
C:\System Volume Information\_restore{D01D3B98-AFDB-4804-8C21-4975C6A2B124}\RP118\A0051318.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '663570ab.qua' verschoben!
Die Log von Malwarebytes:
Zitat:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8340

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

09.12.2011 12:21:24
mbam-log-2011-12-09 (12-21-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 326388
Laufzeit: 53 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
und von Eset(Befehl über "Ausführen funktionierte nicht, dies ist "export to text file):
Zitat:
C:\Users\Rainer\Downloads\SoftonicDownloader_fuer_gpl-mpeg-1-2-directshow-decoder-filter.exe a variant of Win32/SoftonicDownloader.A application
D:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Temp\NERO13716\Toolbar.exe Win32/Toolbar.AskSBar application
D:\RECYCLER\S-1-5-21-1606980848-412668190-682003330-1003\Dc5.exe Win32/Toggle application

cosinus 09.12.2011 15:36
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

rara 10.12.2011 13:40
Hallo cosinus,
sorry für die Wartezeit, aber jetzt hab ich die OTL. Bin gespannt auf deine Antwort.

Code:
OTL logfile created on: 12/10/2011 1:22:33 PM - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Rainer\Desktop
 Ultimate Edition N  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3.25 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 74.56% Memory free
6.50 Gb Paging File | 5.39 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 400.86 Gb Total Space | 334.72 Gb Free Space | 83.50% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 128.82 Gb Free Space | 65.95% Space Free | Partition Type: NTFS
Drive G: | 15.05 Gb Total Space | 13.93 Gb Free Space | 92.52% Space Free | Partition Type: FAT32
 
Computer Name: RAINER-PC | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/12/10 13:16:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
PRC - [2011/07/28 14:41:05 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2011/07/21 11:07:01 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/17 16:43:27 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2011/02/18 17:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/11/05 19:59:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/06/15 16:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010/06/15 16:49:50 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
PRC - [2010/05/05 03:15:32 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/05 03:14:56 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/22 15:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/04/13 15:53:13 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b867fbc0d573ac5e5fe71143d9caf43b\System.Web.ni.dll
MOD - [2011/04/13 15:53:08 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/04/13 15:52:49 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/04/13 15:52:44 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/04/13 15:52:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/04/13 15:52:26 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/04/13 15:52:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/04/13 15:52:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2011/03/21 19:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/05/27 11:40:48 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/04/16 13:20:06 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009/06/10 13:14:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009/06/10 13:14:06 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/12/08 18:56:57 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/21 11:07:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/17 16:43:27 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/07/26 15:00:24 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/06/15 16:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010/05/05 03:14:56 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/03/22 15:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/12/15 21:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2003/02/21 14:07:48 | 000,196,691 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Common Files\AVM\De_serv.exe -- (de_serv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/10/25 20:51:35 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/10/25 20:51:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/07/21 11:07:01 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/21 11:07:01 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/12 13:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/15 16:49:46 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/05/15 16:30:50 | 000,461,400 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/05/05 03:46:22 | 005,550,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/05/05 03:46:22 | 005,550,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/05 02:23:00 | 000,176,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/02/24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/13 09:10:36 | 000,096,368 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2009/07/17 19:52:00 | 000,155,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/05/11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/09/12 01:07:00 | 000,715,264 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fdssbase.sys -- (FDSSBASE) AVM FRITZ!Card DSL SL (WinXP/2000)
DRV - [2006/09/12 01:07:00 | 000,045,952 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmdsloe.sys -- (AVMDSLPPPOE)
DRV - [2006/09/12 01:07:00 | 000,039,440 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmndsl.sys -- (AVMNDSL)
DRV - [2003/02/21 14:07:48 | 000,027,648 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Aadev.sys -- (aadev)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 79 A3 C3 A7 2D CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/02/07 12:40:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/28 14:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/02 16:33:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/02 16:33:25 | 000,000,000 | ---D | M]
 
[2010/05/28 12:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Extensions
[2011/12/02 16:33:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions
[2011/12/02 16:33:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/26 19:46:14 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2011/12/08 16:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011/12/08 16:41:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/12/02 16:33:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/02 16:33:23 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/12/02 16:33:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/02 16:33:23 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/12/02 16:33:23 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/12/02 16:33:23 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/12/02 16:33:23 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AWatch] C:\Program Files\Teledat 320\Awatch.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk = C:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{149AA515-96D9-4A7A-8C9D-300BC27D0B89}: NameServer = 217.0.43.161 217.0.43.177
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8BE80C4-B5DA-4C17-BB44-9AC5D0DD54D8}: NameServer = 217.0.43.161 217.0.43.177
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/19 22:28:59 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe ()
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ffdshow.ax ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/12/10 13:16:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
[2011/12/09 14:46:48 | 000,000,000 | ---D | C] -- C:\Eset
[2011/12/09 12:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/09 11:54:11 | 000,000,000 | ---D | C] -- C:\Games
[2011/12/08 16:48:49 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2011/12/08 16:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/06 23:43:41 | 000,000,000 | ---D | C] -- C:\Users\Rainer\AppData\Roaming\Malwarebytes
[2011/12/06 23:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/06 23:42:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/06 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/06 21:48:40 | 000,000,000 | ---D | C] -- C:\Antibundestrojaner
[2011/12/06 21:35:24 | 000,000,000 | ---D | C] -- C:\Reg entsperren
[2011/12/04 21:47:51 | 000,000,000 | ---D | C] -- C:\Users\Rainer\dwhelper
[2011/11/24 22:37:23 | 000,000,000 | ---D | C] -- C:\Jagdfieber.2.German.2008.DVDRip.XviD-SiGHT
[2011/11/19 16:07:59 | 000,000,000 | ---D | C] -- C:\Users\Rainer\AppData\Local\Skyrim
[2011/11/19 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\My Games
[2011/11/19 14:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/11/19 14:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/11/19 14:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2004/11/24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/12/10 13:16:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
[2011/12/10 13:15:08 | 000,662,236 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/12/10 13:15:08 | 000,624,578 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/10 13:15:08 | 000,134,232 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/12/10 13:15:08 | 000,110,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/10 13:10:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/10 13:10:27 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/09 11:54:39 | 000,001,664 | ---- | M] () -- C:\Users\Rainer\Desktop\Ski Challenge 12 (AT) starten.lnk
[2011/12/09 01:52:25 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 01:52:24 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/08 16:55:13 | 000,002,029 | ---- | M] () -- C:\Users\Rainer\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011/12/08 16:55:13 | 000,001,958 | ---- | M] () -- C:\Users\Rainer\Desktop\Avira DE-Cleaner.lnk
[2011/12/07 00:05:48 | 000,000,008 | RHS- | M] () -- C:\Users\Rainer\ntuser.pol
[2011/12/06 23:42:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 22:49:53 | 000,000,105 | ---- | M] () -- C:\reg
[2011/12/02 16:33:53 | 000,002,002 | ---- | M] () -- C:\Users\Rainer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/30 20:42:26 | 000,000,215 | ---- | M] () -- C:\Users\Rainer\Desktop\The Elder Scrolls V Skyrim.url
[2011/11/26 01:12:49 | 293,097,791 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:08:33 | 000,001,841 | ---- | M] () -- C:\Users\Rainer\Desktop\SkyrimLauncher.exe - Verknüpfung.lnk
[2011/11/19 14:54:51 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
 
========== Files Created - No Company Name ==========
 
[2011/12/09 11:54:39 | 000,001,664 | ---- | C] () -- C:\Users\Rainer\Desktop\Ski Challenge 12 (AT) starten.lnk
[2011/12/08 16:55:13 | 000,002,029 | ---- | C] () -- C:\Users\Rainer\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011/12/08 16:55:13 | 000,001,958 | ---- | C] () -- C:\Users\Rainer\Desktop\Avira DE-Cleaner.lnk
[2011/12/07 00:01:55 | 000,000,008 | RHS- | C] () -- C:\Users\Rainer\ntuser.pol
[2011/12/06 23:42:52 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 22:49:29 | 000,000,105 | ---- | C] () -- C:\reg
[2011/11/30 20:42:26 | 000,000,215 | ---- | C] () -- C:\Users\Rainer\Desktop\The Elder Scrolls V Skyrim.url
[2011/11/26 01:12:49 | 293,097,791 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:08:33 | 000,001,841 | ---- | C] () -- C:\Users\Rainer\Desktop\SkyrimLauncher.exe - Verknüpfung.lnk
[2011/11/19 14:54:51 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/25 18:45:20 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/10/25 18:45:19 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/08/29 21:23:59 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/08/26 15:47:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS78.DLL
[2010/07/31 01:01:34 | 000,007,680 | ---- | C] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/27 16:18:16 | 000,662,236 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/27 16:18:16 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/27 16:18:16 | 000,134,232 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/27 16:18:16 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/05/22 00:55:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/21 16:26:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/05/21 16:21:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010/05/05 02:21:48 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/04/28 22:17:50 | 000,002,110 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/03/25 16:56:00 | 000,203,331 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/08/27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009/07/14 05:55:27 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:02:04 | 000,257,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,624,578 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,110,216 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 00:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 16:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 19:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/12/19 16:15:58 | 004,338,246 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/12/17 18:41:18 | 000,884,237 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008/12/17 18:22:58 | 000,093,184 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008/12/17 18:22:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/12/17 18:17:34 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/12/17 17:59:54 | 000,560,802 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2006/11/02 17:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\System32\sherlock2.exe
[2006/09/12 01:07:00 | 000,199,112 | ---- | C] () -- C:\Windows\System32\fdssbase.bin
[2004/10/03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
 
========== LOP Check ==========
 
[2011/10/12 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Audacity
[2010/08/28 12:39:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Auslogics
[2010/08/29 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited
[2010/05/28 11:53:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\CheckPoint
[2011/03/19 13:02:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FreeFLVConverter
[2010/12/15 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\IrfanView
[2010/09/14 21:35:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ProtectDISC
[2010/05/25 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\T-Online
[2011/03/17 10:50:37 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/10/27 17:07:46 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010/08/13 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Adobe
[2011/11/10 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Apple Computer
[2010/06/20 10:53:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ATI
[2011/10/12 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Audacity
[2010/08/28 12:39:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Auslogics
[2010/10/31 20:57:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Avira
[2010/08/29 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited
[2010/05/28 11:53:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\CheckPoint
[2010/11/30 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\DivX
[2011/03/19 13:02:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FreeFLVConverter
[2010/05/21 16:13:24 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Identities
[2010/12/15 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\IrfanView
[2010/05/27 15:46:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Macromedia
[2011/12/06 23:43:41 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Malwarebytes
[2011/09/12 12:33:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Media Player Classic
[2011/11/26 11:19:02 | 000,000,000 | --SD | M] -- C:\Users\Rainer\AppData\Roaming\Microsoft
[2010/05/28 12:12:07 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Mozilla
[2010/08/29 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nero
[2010/09/14 21:35:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ProtectDISC
[2011/07/28 14:41:47 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Real
[2010/05/25 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\T-Online
[2011/08/18 17:13:13 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\vlc
[2010/06/24 23:00:11 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011/01/24 19:43:45 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Rainer\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011/11/20 21:18:22 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Rainer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010/05/27 11:50:07 | 001,631,736 | ---- | M] (AVM GmbH) -- C:\avm_fritzcard_dsl_sl_xp_2000_build_060912.exe
[2010/05/23 10:37:52 | 024,812,656 | ---- | M] (AVM Berlin                                                  ) -- C:\FRITZ!_UP_030704.exe
[2009/05/22 10:32:22 | 006,772,608 | ---- | M] (Microsoft Corporation) -- C:\IP32Deu.exe
[2010/05/23 10:08:27 | 005,080,112 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH                                                                                                                                                                                                                                                              ) -- C:\netzmanager_setup.exe
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/05/15 16:30:50 | 000,461,400 | ---- | M] (Check Point Software Technologies LTD) Unable to obtain MD5 -- C:\Windows\system32\drivers\vsdatant.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:16:15 | 000,193,024 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\sppcomapi.dll

< End of report >

cosinus 12.12.2011 09:44
Zitat:
(Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
(Check Point Software Technologies LTD) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
ZoneAlarm ist kontraproduktiver Müll, bitte umgehend deinstallieren und die Windows-Firewall einschalten!
Mach danach ein neues OTL wie oben.

rara 13.12.2011 13:50
Zitat:
ZoneAlarm ist kontraproduktiver Müll, bitte umgehend deinstallieren und die Windows-Firewall einschalten!
Mach danach ein neues OTL wie oben.
Du machst mir Spass. ;-)
Darfst du mir eine andere(kostenlose) Firewall empfehlen?

Hier nochmal die neue OTL:
Code:
OTL logfile created on: 12/13/2011 1:24:56 PM - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Rainer\Desktop
 Ultimate Edition N  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3.25 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 72.13% Memory free
6.50 Gb Paging File | 5.45 Gb Available in Paging File | 83.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 400.86 Gb Total Space | 332.35 Gb Free Space | 82.91% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 128.82 Gb Free Space | 65.95% Space Free | Partition Type: NTFS
 
Computer Name: RAINER-PC | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/12/10 13:16:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
PRC - [2011/07/28 14:41:05 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2011/07/21 11:07:01 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/17 16:43:27 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/11/05 19:59:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/05/05 03:15:32 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/05 03:14:56 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/22 15:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/04/13 15:53:13 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b867fbc0d573ac5e5fe71143d9caf43b\System.Web.ni.dll
MOD - [2011/04/13 15:53:08 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/04/13 15:52:49 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/04/13 15:52:44 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/04/13 15:52:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/04/13 15:52:26 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/04/13 15:52:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/04/13 15:52:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2011/03/21 19:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/05/27 11:40:48 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/04/16 13:20:06 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009/06/10 13:14:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009/06/10 13:14:06 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/12/08 18:56:57 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/21 11:07:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/17 16:43:27 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/07/26 15:00:24 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/05/05 03:14:56 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/03/22 15:40:22 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/12/15 21:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2003/02/21 14:07:48 | 000,196,691 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Common Files\AVM\De_serv.exe -- (de_serv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/10/25 20:51:35 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/10/25 20:51:35 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/07/21 11:07:01 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/21 11:07:01 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/12 13:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/05/05 03:46:22 | 005,550,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/05/05 03:46:22 | 005,550,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/05 02:23:00 | 000,176,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/02/24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/13 09:10:36 | 000,096,368 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2009/07/17 19:52:00 | 000,155,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/05/11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/09/12 01:07:00 | 000,715,264 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fdssbase.sys -- (FDSSBASE) AVM FRITZ!Card DSL SL (WinXP/2000)
DRV - [2006/09/12 01:07:00 | 000,045,952 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmdsloe.sys -- (AVMDSLPPPOE)
DRV - [2006/09/12 01:07:00 | 000,039,440 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmndsl.sys -- (AVMNDSL)
DRV - [2003/02/21 14:07:48 | 000,027,648 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Aadev.sys -- (aadev)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 79 A3 C3 A7 2D CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/28 14:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/02 16:33:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/02 16:33:25 | 000,000,000 | ---D | M]
 
[2010/05/28 12:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Extensions
[2011/12/02 16:33:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions
[2011/12/02 16:33:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/26 19:46:14 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\u268tl1a.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2011/12/08 16:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011/12/08 16:41:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/12/02 16:33:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/02 16:33:23 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/12/02 16:33:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/02 16:33:23 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/12/02 16:33:23 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/12/02 16:33:23 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/12/02 16:33:23 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AWatch] C:\Program Files\Teledat 320\Awatch.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk = C:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{149AA515-96D9-4A7A-8C9D-300BC27D0B89}: NameServer = 217.0.43.161 217.0.43.177
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/19 22:28:59 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe ()
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: vsmon - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ffdshow.ax ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/12/13 13:21:25 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/12/10 13:46:23 | 000,000,000 | ---D | C] -- C:\OTL
[2011/12/10 13:16:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
[2011/12/09 14:46:48 | 000,000,000 | ---D | C] -- C:\Eset
[2011/12/09 12:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/09 11:54:11 | 000,000,000 | ---D | C] -- C:\Games
[2011/12/08 16:48:49 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2011/12/08 16:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/06 23:43:41 | 000,000,000 | ---D | C] -- C:\Users\Rainer\AppData\Roaming\Malwarebytes
[2011/12/06 23:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/06 23:42:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/06 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/06 21:48:40 | 000,000,000 | ---D | C] -- C:\Antibundestrojaner
[2011/12/06 21:35:24 | 000,000,000 | ---D | C] -- C:\Reg entsperren
[2011/12/04 21:47:51 | 000,000,000 | ---D | C] -- C:\Users\Rainer\dwhelper
[2011/11/19 16:07:59 | 000,000,000 | ---D | C] -- C:\Users\Rainer\AppData\Local\Skyrim
[2011/11/19 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\My Games
[2011/11/19 14:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/11/19 14:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/11/19 14:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2004/11/24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/12/13 13:25:47 | 000,662,236 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/12/13 13:25:47 | 000,624,578 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/13 13:25:47 | 000,134,232 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/12/13 13:25:47 | 000,110,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/13 13:20:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/13 13:20:47 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/13 13:19:56 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011/12/10 13:16:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Desktop\OTL.exe
[2011/12/09 11:54:39 | 000,001,664 | ---- | M] () -- C:\Users\Rainer\Desktop\Ski Challenge 12 (AT) starten.lnk
[2011/12/09 01:52:25 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 01:52:24 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/08 16:55:13 | 000,002,029 | ---- | M] () -- C:\Users\Rainer\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011/12/08 16:55:13 | 000,001,958 | ---- | M] () -- C:\Users\Rainer\Desktop\Avira DE-Cleaner.lnk
[2011/12/07 00:05:48 | 000,000,008 | RHS- | M] () -- C:\Users\Rainer\ntuser.pol
[2011/12/06 23:42:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 22:49:53 | 000,000,105 | ---- | M] () -- C:\reg
[2011/12/02 16:33:53 | 000,002,002 | ---- | M] () -- C:\Users\Rainer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/30 20:42:26 | 000,000,215 | ---- | M] () -- C:\Users\Rainer\Desktop\The Elder Scrolls V Skyrim.url
[2011/11/26 01:12:49 | 293,097,791 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:08:33 | 000,001,841 | ---- | M] () -- C:\Users\Rainer\Desktop\SkyrimLauncher.exe - Verknüpfung.lnk
[2011/11/19 14:54:51 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
 
========== Files Created - No Company Name ==========
 
[2011/12/13 13:19:55 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/12/09 11:54:39 | 000,001,664 | ---- | C] () -- C:\Users\Rainer\Desktop\Ski Challenge 12 (AT) starten.lnk
[2011/12/08 16:55:13 | 000,002,029 | ---- | C] () -- C:\Users\Rainer\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011/12/08 16:55:13 | 000,001,958 | ---- | C] () -- C:\Users\Rainer\Desktop\Avira DE-Cleaner.lnk
[2011/12/07 00:01:55 | 000,000,008 | RHS- | C] () -- C:\Users\Rainer\ntuser.pol
[2011/12/06 23:42:52 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 22:49:29 | 000,000,105 | ---- | C] () -- C:\reg
[2011/11/30 20:42:26 | 000,000,215 | ---- | C] () -- C:\Users\Rainer\Desktop\The Elder Scrolls V Skyrim.url
[2011/11/26 01:12:49 | 293,097,791 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:08:33 | 000,001,841 | ---- | C] () -- C:\Users\Rainer\Desktop\SkyrimLauncher.exe - Verknüpfung.lnk
[2011/11/19 14:54:51 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/25 18:45:20 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/10/25 18:45:19 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/08/29 21:23:59 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/08/26 15:47:15 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS78.DLL
[2010/07/31 01:01:34 | 000,007,680 | ---- | C] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/27 16:18:16 | 000,662,236 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/27 16:18:16 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/27 16:18:16 | 000,134,232 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/27 16:18:16 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/05/22 00:55:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/21 16:26:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/05/21 16:21:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010/05/05 02:21:48 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/04/28 22:17:50 | 000,002,110 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/03/25 16:56:00 | 000,203,331 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/08/27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009/07/14 05:55:27 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:02:04 | 000,257,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,624,578 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,110,216 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 00:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 16:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 19:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/12/19 16:15:58 | 004,338,246 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/12/17 18:41:18 | 000,884,237 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008/12/17 18:22:58 | 000,093,184 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008/12/17 18:22:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/12/17 18:17:34 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/12/17 17:59:54 | 000,560,802 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2006/11/02 17:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\System32\sherlock2.exe
[2006/09/12 01:07:00 | 000,199,112 | ---- | C] () -- C:\Windows\System32\fdssbase.bin
[2004/10/03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
 
========== LOP Check ==========
 
[2011/10/12 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Audacity
[2010/08/28 12:39:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Auslogics
[2010/08/29 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited
[2010/05/28 11:53:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\CheckPoint
[2011/03/19 13:02:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FreeFLVConverter
[2010/12/15 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\IrfanView
[2010/09/14 21:35:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ProtectDISC
[2010/05/25 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\T-Online
[2011/03/17 10:50:37 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/10/27 17:07:46 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010/08/13 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Adobe
[2011/11/10 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Apple Computer
[2010/06/20 10:53:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ATI
[2011/10/12 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Audacity
[2010/08/28 12:39:33 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Auslogics
[2010/10/31 20:57:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Avira
[2010/08/29 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited
[2010/05/28 11:53:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\CheckPoint
[2010/11/30 19:52:02 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\DivX
[2011/03/19 13:02:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FreeFLVConverter
[2010/05/21 16:13:24 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Identities
[2010/12/15 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\IrfanView
[2010/05/27 15:46:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Macromedia
[2011/12/06 23:43:41 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Malwarebytes
[2011/09/12 12:33:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Media Player Classic
[2011/11/26 11:19:02 | 000,000,000 | --SD | M] -- C:\Users\Rainer\AppData\Roaming\Microsoft
[2010/05/28 12:12:07 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Mozilla
[2010/08/29 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nero
[2010/09/14 21:35:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ProtectDISC
[2011/07/28 14:41:47 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Real
[2010/05/25 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\T-Online
[2011/08/18 17:13:13 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\vlc
[2010/06/24 23:00:11 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011/01/24 19:43:45 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Rainer\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011/11/20 21:18:22 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Rainer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010/05/27 11:50:07 | 001,631,736 | ---- | M] (AVM GmbH) -- C:\avm_fritzcard_dsl_sl_xp_2000_build_060912.exe
[2010/05/23 10:37:52 | 024,812,656 | ---- | M] (AVM Berlin                                                  ) -- C:\FRITZ!_UP_030704.exe
[2009/05/22 10:32:22 | 006,772,608 | ---- | M] (Microsoft Corporation) -- C:\IP32Deu.exe
[2010/05/23 10:08:27 | 005,080,112 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH                                                                                                                                                                                                                                                              ) -- C:\netzmanager_setup.exe
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:16:15 | 000,193,024 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\sppcomapi.dll

< End of report >

cosinus 13.12.2011 14:58
Zitat:
Darfst du mir eine andere(kostenlose) Firewall empfehlen?
Wurde schon erwähnt. Windows-Firewall.
Alles andere ist kontraproduktiver Nonsens, aber die Software-Industrie will nunmal jeden so einen Mist andrehen.


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 79 A3 C3 A7 2D CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/19 22:28:59 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

rara 13.12.2011 20:19
Voila(nach Neustart):
Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ deleted successfully.
C:\Programme\Softonic_Deutsch\tbSoft.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ not found.
File C:\Programme\Softonic_Deutsch\tbSoft.dll not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ not found.
File C:\Programme\Softonic_Deutsch\tbSoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ not found.
File C:\Programme\Softonic_Deutsch\tbSoft.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}\ not found.
File C:\Programme\Softonic_Deutsch\tbSoft.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
D:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d92abe36-795c-11e0-80de-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d92abe36-795c-11e0-80de-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d92abe36-795c-11e0-80de-806e6f6e6963}\ not found.
File E:\SETUP.EXE not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Guest
->Temp folder emptied: 3297456 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3493241 bytes
 
User: Public
 
User: Rainer
->Temp folder emptied: 89131019 bytes
->Temporary Internet Files folder emptied: 50265887 bytes
->Java cache emptied: 633481 bytes
->FireFox cache emptied: 212225775 bytes
->Flash cache emptied: 38896 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 267348 bytes
RecycleBin emptied: 63074103 bytes
 
Total Files Cleaned = 403.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12132011_200712

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Das u .a. mit "autoexec.bat moved" hört sich irgendwie nicht gut an. Kannst du mir bitte kurz erklären, was mit diesem Fix passiert ist?
Vorab schon mal Danke für deine Mühe.

cosinus 13.12.2011 20:37
Das ist ein ganz normaler Fix wie die anderen Einträge (Zeilen) im Grunde auch. Nichts mit "nicht gut" oder gar gefährlich.

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

rara 13.12.2011 23:54
Das sind die Dateien vom "Report". Habe sont nichts vom TDSS-Killer gefunden(Pfad bei Win7?)
Code:
23:31:22.0615 1328        TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06
23:32:36.0155 1328        ============================================================
23:32:36.0155 1328        Current date / time: 2011/12/13 23:32:36.0155
23:32:36.0155 1328        SystemInfo:
23:32:36.0155 1328       
23:32:36.0165 1328        OS Version: 6.1.7600 ServicePack: 0.0
23:32:36.0165 1328        Product type: Workstation
23:32:36.0165 1328        ComputerName: RAINER-PC
23:32:36.0165 1328        UserName: Rainer
23:32:36.0165 1328        Windows directory: C:\Windows
23:32:36.0165 1328        System windows directory: C:\Windows
23:32:36.0165 1328        Processor architecture: Intel x86
23:32:36.0165 1328        Number of processors: 4
23:32:36.0165 1328        Page size: 0x1000
23:32:36.0165 1328        Boot type: Normal boot
23:32:36.0165 1328        ============================================================
23:32:37.0065 1328        Initialize success
23:33:42.0595 0752        ============================================================
23:33:42.0595 0752        Scan started
23:33:42.0595 0752        Mode: Manual; SigCheck; TDLFS;
23:33:42.0595 0752        ============================================================
23:33:43.0175 0752        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
23:33:43.0265 0752        1394ohci - ok
23:33:43.0305 0752        aadev          (e6fb5ddbbd1f30ccac950465b0d710ff) C:\Windows\system32\DRIVERS\aadev.sys
23:33:43.0325 0752        aadev ( UnsignedFile.Multi.Generic ) - warning
23:33:43.0325 0752        aadev - detected UnsignedFile.Multi.Generic (1)
23:33:43.0385 0752        acedrv11        (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
23:33:43.0405 0752        acedrv11 - ok
23:33:43.0435 0752        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
23:33:43.0445 0752        ACPI - ok
23:33:43.0475 0752        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
23:33:43.0515 0752        AcpiPmi - ok
23:33:43.0555 0752        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:33:43.0575 0752        adp94xx - ok
23:33:43.0605 0752        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:33:43.0615 0752        adpahci - ok
23:33:43.0635 0752        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:33:43.0645 0752        adpu320 - ok
23:33:43.0685 0752        AFD            (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
23:33:43.0795 0752        AFD - ok
23:33:43.0815 0752        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
23:33:43.0825 0752        agp440 - ok
23:33:43.0845 0752        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:33:43.0855 0752        aic78xx - ok
23:33:43.0875 0752        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
23:33:43.0885 0752        aliide - ok
23:33:43.0915 0752        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
23:33:43.0925 0752        amdagp - ok
23:33:43.0945 0752        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
23:33:43.0955 0752        amdide - ok
23:33:43.0975 0752        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:33:44.0005 0752        AmdK8 - ok
23:33:44.0185 0752        amdkmdag        (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:33:44.0305 0752        amdkmdag - ok
23:33:44.0345 0752        amdkmdap        (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
23:33:44.0385 0752        amdkmdap - ok
23:33:44.0415 0752        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:33:44.0435 0752        AmdPPM - ok
23:33:44.0455 0752        amdsata        (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
23:33:44.0485 0752        amdsata - ok
23:33:44.0515 0752        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:33:44.0525 0752        amdsbs - ok
23:33:44.0545 0752        amdxata        (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
23:33:44.0555 0752        amdxata - ok
23:33:44.0595 0752        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
23:33:44.0635 0752        AppID - ok
23:33:44.0725 0752        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:33:44.0755 0752        arc - ok
23:33:44.0775 0752        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:33:44.0795 0752        arcsas - ok
23:33:44.0825 0752        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:33:44.0875 0752        AsyncMac - ok
23:33:44.0885 0752        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
23:33:44.0895 0752        atapi - ok
23:33:45.0015 0752        atikmdag        (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:33:45.0065 0752        atikmdag - ok
23:33:45.0115 0752        atksgt          (547f07839f71a4357a5e503646cac2b0) C:\Windows\system32\DRIVERS\atksgt.sys
23:33:45.0125 0752        atksgt - ok
23:33:45.0155 0752        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
23:33:45.0165 0752        avgntflt - ok
23:33:45.0185 0752        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
23:33:45.0185 0752        avipbb - ok
23:33:45.0215 0752        AVMDSLPPPOE    (588124fffc48ab597852c8f6ef98e5ba) C:\Windows\system32\DRIVERS\avmdsloe.sys
23:33:45.0235 0752        AVMDSLPPPOE - ok
23:33:45.0255 0752        AVMNDSL        (61ae58c70c2ccef558d1f411570a9b60) C:\Windows\system32\DRIVERS\avmndsl.sys
23:33:45.0275 0752        AVMNDSL - ok
23:33:45.0325 0752        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:33:45.0395 0752        b06bdrv - ok
23:33:45.0425 0752        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:33:45.0465 0752        b57nd60x - ok
23:33:45.0495 0752        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:33:45.0545 0752        Beep - ok
23:33:45.0565 0752        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:33:45.0575 0752        blbdrive - ok
23:33:45.0605 0752        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
23:33:45.0645 0752        bowser - ok
23:33:45.0665 0752        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:33:45.0685 0752        BrFiltLo - ok
23:33:45.0705 0752        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:33:45.0725 0752        BrFiltUp - ok
23:33:45.0755 0752        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:33:45.0785 0752        Brserid - ok
23:33:45.0805 0752        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:33:45.0835 0752        BrSerWdm - ok
23:33:45.0855 0752        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:33:45.0885 0752        BrUsbMdm - ok
23:33:45.0905 0752        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:33:45.0915 0752        BrUsbSer - ok
23:33:45.0945 0752        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:33:45.0965 0752        BTHMODEM - ok
23:33:45.0995 0752        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:33:46.0025 0752        cdfs - ok
23:33:46.0055 0752        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
23:33:46.0075 0752        cdrom - ok
23:33:46.0095 0752        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:33:46.0105 0752        circlass - ok
23:33:46.0155 0752        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:33:46.0165 0752        CLFS - ok
23:33:46.0205 0752        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:33:46.0225 0752        CmBatt - ok
23:33:46.0245 0752        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
23:33:46.0255 0752        cmdide - ok
23:33:46.0275 0752        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
23:33:46.0305 0752        CNG - ok
23:33:46.0325 0752        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:33:46.0335 0752        Compbatt - ok
23:33:46.0355 0752        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:33:46.0375 0752        CompositeBus - ok
23:33:46.0405 0752        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:33:46.0415 0752        crcdisk - ok
23:33:46.0465 0752        CSC            (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
23:33:46.0485 0752        CSC - ok
23:33:46.0515 0752        DfsC            (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
23:33:46.0545 0752        DfsC - ok
23:33:46.0565 0752        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:33:46.0625 0752        discache - ok
23:33:46.0645 0752        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:33:46.0655 0752        Disk - ok
23:33:46.0715 0752        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:33:46.0745 0752        drmkaud - ok
23:33:46.0805 0752        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
23:33:46.0825 0752        DXGKrnl - ok
23:33:46.0915 0752        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:33:46.0985 0752        ebdrv - ok
23:33:47.0015 0752        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:33:47.0035 0752        elxstor - ok
23:33:47.0055 0752        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
23:33:47.0085 0752        ErrDev - ok
23:33:47.0115 0752        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:33:47.0145 0752        exfat - ok
23:33:47.0165 0752        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:33:47.0185 0752        fastfat - ok
23:33:47.0205 0752        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:33:47.0215 0752        fdc - ok
23:33:47.0265 0752        FDSSBASE        (7b6287db392d3f17a2a1cfd69346ab36) C:\Windows\system32\DRIVERS\fdssbase.sys
23:33:47.0315 0752        FDSSBASE - ok
23:33:47.0325 0752        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:33:47.0335 0752        FileInfo - ok
23:33:47.0355 0752        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:33:47.0385 0752        Filetrace - ok
23:33:47.0395 0752        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:33:47.0415 0752        flpydisk - ok
23:33:47.0435 0752        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:33:47.0445 0752        FltMgr - ok
23:33:47.0455 0752        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:33:47.0465 0752        FsDepends - ok
23:33:47.0475 0752        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:33:47.0485 0752        Fs_Rec - ok
23:33:47.0515 0752        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
23:33:47.0525 0752        fvevol - ok
23:33:47.0535 0752        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:33:47.0545 0752        gagp30kx - ok
23:33:47.0555 0752        gdrv - ok
23:33:47.0575 0752        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:33:47.0615 0752        hcw85cir - ok
23:33:47.0675 0752        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
23:33:47.0755 0752        HdAudAddService - ok
23:33:47.0795 0752        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:47.0835 0752        HDAudBus - ok
23:33:47.0865 0752        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:33:47.0885 0752        HidBatt - ok
23:33:47.0905 0752        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:33:47.0955 0752        HidBth - ok
23:33:47.0975 0752        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:33:47.0985 0752        HidIr - ok
23:33:48.0015 0752        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
23:33:48.0045 0752        HidUsb - ok
23:33:48.0075 0752        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:33:48.0085 0752        HpSAMD - ok
23:33:48.0115 0752        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
23:33:48.0145 0752        HTTP - ok
23:33:48.0165 0752        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
23:33:48.0165 0752        hwpolicy - ok
23:33:48.0225 0752        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:48.0265 0752        i8042prt - ok
23:33:48.0295 0752        iaStorV        (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
23:33:48.0305 0752        iaStorV - ok
23:33:48.0335 0752        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:33:48.0345 0752        iirsp - ok
23:33:48.0445 0752        IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\Windows\system32\drivers\RTKVHDA.sys
23:33:48.0485 0752        IntcAzAudAddService - ok
23:33:48.0505 0752        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
23:33:48.0515 0752        intelide - ok
23:33:48.0545 0752        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:33:48.0555 0752        intelppm - ok
23:33:48.0585 0752        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:48.0595 0752        IpFilterDriver - ok
23:33:48.0615 0752        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:33:48.0635 0752        IPMIDRV - ok
23:33:48.0655 0752        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:33:48.0675 0752        IPNAT - ok
23:33:48.0695 0752        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:33:48.0735 0752        IRENUM - ok
23:33:48.0755 0752        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
23:33:48.0765 0752        isapnp - ok
23:33:48.0805 0752        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
23:33:48.0815 0752        iScsiPrt - ok
23:33:48.0845 0752        JRAID          (7d5053a827ff5be3a7d0ae5dd5dba308) C:\Windows\system32\DRIVERS\jraid.sys
23:33:48.0855 0752        JRAID - ok
23:33:48.0865 0752        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:48.0875 0752        kbdclass - ok
23:33:48.0905 0752        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:48.0935 0752        kbdhid - ok
23:33:48.0965 0752        KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
23:33:48.0985 0752        KSecDD - ok
23:33:49.0005 0752        KSecPkg        (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
23:33:49.0025 0752        KSecPkg - ok
23:33:49.0075 0752        Lavasoft Kernexplorer - ok
23:33:49.0145 0752        Lbd            (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
23:33:49.0145 0752        Lbd - ok
23:33:49.0185 0752        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
23:33:49.0195 0752        lirsgt - ok
23:33:49.0225 0752        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:33:49.0285 0752        lltdio - ok
23:33:49.0315 0752        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:33:49.0325 0752        LSI_FC - ok
23:33:49.0345 0752        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:33:49.0355 0752        LSI_SAS - ok
23:33:49.0385 0752        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:33:49.0385 0752        LSI_SAS2 - ok
23:33:49.0415 0752        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:33:49.0425 0752        LSI_SCSI - ok
23:33:49.0445 0752        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:33:49.0505 0752        luafv - ok
23:33:49.0525 0752        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:33:49.0535 0752        megasas - ok
23:33:49.0565 0752        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:33:49.0575 0752        MegaSR - ok
23:33:49.0595 0752        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:33:49.0635 0752        Modem - ok
23:33:49.0665 0752        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:33:49.0685 0752        monitor - ok
23:33:49.0705 0752        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:33:49.0715 0752        mouclass - ok
23:33:49.0745 0752        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:33:49.0755 0752        mouhid - ok
23:33:49.0775 0752        mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
23:33:49.0785 0752        mountmgr - ok
23:33:49.0805 0752        mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
23:33:49.0815 0752        mpio - ok
23:33:49.0835 0752        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:33:49.0875 0752        mpsdrv - ok
23:33:49.0905 0752        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
23:33:49.0915 0752        MRxDAV - ok
23:33:49.0965 0752        mrxsmb          (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:49.0995 0752        mrxsmb - ok
23:33:50.0015 0752        mrxsmb10        (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:50.0045 0752        mrxsmb10 - ok
23:33:50.0065 0752        mrxsmb20        (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:50.0075 0752        mrxsmb20 - ok
23:33:50.0105 0752        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
23:33:50.0115 0752        msahci - ok
23:33:50.0135 0752        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
23:33:50.0145 0752        msdsm - ok
23:33:50.0185 0752        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:33:50.0205 0752        Msfs - ok
23:33:50.0225 0752        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:33:50.0255 0752        mshidkmdf - ok
23:33:50.0275 0752        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
23:33:50.0285 0752        msisadrv - ok
23:33:50.0315 0752        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:33:50.0335 0752        MSKSSRV - ok
23:33:50.0355 0752        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:50.0395 0752        MSPCLOCK - ok
23:33:50.0415 0752        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:33:50.0435 0752        MSPQM - ok
23:33:50.0455 0752        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:33:50.0465 0752        MsRPC - ok
23:33:50.0475 0752        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:50.0485 0752        mssmbios - ok
23:33:50.0495 0752        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:33:50.0515 0752        MSTEE - ok
23:33:50.0535 0752        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:33:50.0555 0752        MTConfig - ok
23:33:50.0575 0752        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:33:50.0575 0752        Mup - ok
23:33:50.0605 0752        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:33:50.0625 0752        NativeWifiP - ok
23:33:50.0655 0752        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
23:33:50.0695 0752        NDIS - ok
23:33:50.0715 0752        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:33:50.0745 0752        NdisCap - ok
23:33:50.0785 0752        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:50.0815 0752        NdisTapi - ok
23:33:50.0845 0752        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:50.0865 0752        Ndisuio - ok
23:33:50.0885 0752        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:50.0915 0752        NdisWan - ok
23:33:50.0935 0752        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
23:33:50.0955 0752        NDProxy - ok
23:33:50.0965 0752        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:33:50.0995 0752        NetBIOS - ok
23:33:51.0025 0752        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
23:33:51.0045 0752        NetBT - ok
23:33:51.0085 0752        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:33:51.0095 0752        nfrd960 - ok
23:33:51.0155 0752        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:33:51.0175 0752        Npfs - ok
23:33:51.0185 0752        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:33:51.0205 0752        nsiproxy - ok
23:33:51.0245 0752        Ntfs            (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
23:33:51.0265 0752        Ntfs - ok
23:33:51.0285 0752        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:33:51.0305 0752        Null - ok
23:33:51.0335 0752        nvraid          (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
23:33:51.0335 0752        nvraid - ok
23:33:51.0365 0752        nvstor          (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
23:33:51.0365 0752        nvstor - ok
23:33:51.0395 0752        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
23:33:51.0405 0752        nv_agp - ok
23:33:51.0425 0752        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:51.0425 0752        ohci1394 - ok
23:33:51.0445 0752        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:33:51.0455 0752        Parport - ok
23:33:51.0465 0752        partmgr        (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
23:33:51.0475 0752        partmgr - ok
23:33:51.0495 0752        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:33:51.0515 0752        Parvdm - ok
23:33:51.0545 0752        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
23:33:51.0545 0752        pci - ok
23:33:51.0565 0752        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
23:33:51.0575 0752        pciide - ok
23:33:51.0595 0752        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:33:51.0605 0752        pcmcia - ok
23:33:51.0625 0752        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:33:51.0635 0752        pcw - ok
23:33:51.0665 0752        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:33:51.0695 0752        PEAUTH - ok
23:33:51.0755 0752        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:33:51.0775 0752        PptpMiniport - ok
23:33:51.0795 0752        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:33:51.0815 0752        Processor - ok
23:33:51.0835 0752        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:33:51.0855 0752        Psched - ok
23:33:51.0915 0752        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:33:51.0955 0752        ql2300 - ok
23:33:51.0975 0752        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:33:51.0985 0752        ql40xx - ok
23:33:52.0005 0752        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:33:52.0035 0752        QWAVEdrv - ok
23:33:52.0055 0752        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:33:52.0075 0752        RasAcd - ok
23:33:52.0125 0752        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:33:52.0175 0752        RasAgileVpn - ok
23:33:52.0195 0752        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:52.0215 0752        Rasl2tp - ok
23:33:52.0235 0752        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:52.0275 0752        RasPppoe - ok
23:33:52.0295 0752        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:33:52.0315 0752        RasSstp - ok
23:33:52.0335 0752        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
23:33:52.0405 0752        rdbss - ok
23:33:52.0425 0752        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:33:52.0435 0752        rdpbus - ok
23:33:52.0455 0752        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:52.0485 0752        RDPCDD - ok
23:33:52.0525 0752        RDPDR          (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
23:33:52.0565 0752        RDPDR - ok
23:33:52.0585 0752        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:33:52.0615 0752        RDPENCDD - ok
23:33:52.0635 0752        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:33:52.0655 0752        RDPREFMP - ok
23:33:52.0675 0752        RDPWD          (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
23:33:52.0695 0752        RDPWD - ok
23:33:52.0715 0752        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
23:33:52.0715 0752        rdyboost - ok
23:33:52.0745 0752        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:33:52.0795 0752        rspndr - ok
23:33:52.0825 0752        RTHDMIAzAudService (3f521ee3308fe66bcfe688dbbc7acf7f) C:\Windows\system32\drivers\RtHDMIV.sys
23:33:52.0875 0752        RTHDMIAzAudService - ok
23:33:52.0905 0752        RTL8167        (6465166dd9b2f841dabad16abdadbe98) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:33:52.0965 0752        RTL8167 - ok
23:33:53.0015 0752        s3cap          (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
23:33:53.0045 0752        s3cap - ok
23:33:53.0075 0752        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
23:33:53.0085 0752        sbp2port - ok
23:33:53.0135 0752        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
23:33:53.0165 0752        scfilter - ok
23:33:53.0205 0752        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:33:53.0255 0752        secdrv - ok
23:33:53.0295 0752        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:33:53.0315 0752        Serenum - ok
23:33:53.0345 0752        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:33:53.0375 0752        Serial - ok
23:33:53.0395 0752        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:33:53.0415 0752        sermouse - ok
23:33:53.0445 0752        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
23:33:53.0475 0752        sffdisk - ok
23:33:53.0495 0752        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:33:53.0505 0752        sffp_mmc - ok
23:33:53.0535 0752        sffp_sd        (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:33:53.0545 0752        sffp_sd - ok
23:33:53.0565 0752        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:33:53.0585 0752        sfloppy - ok
23:33:53.0605 0752        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
23:33:53.0615 0752        sisagp - ok
23:33:53.0635 0752        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:33:53.0645 0752        SiSRaid2 - ok
23:33:53.0665 0752        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:33:53.0665 0752        SiSRaid4 - ok
23:33:53.0725 0752        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:33:53.0765 0752        Smb - ok
23:33:53.0785 0752        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:33:53.0795 0752        spldr - ok
23:33:53.0835 0752        srv            (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
23:33:53.0895 0752        srv - ok
23:33:53.0925 0752        srv2            (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
23:33:53.0955 0752        srv2 - ok
23:33:53.0975 0752        srvnet          (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
23:33:53.0995 0752        srvnet - ok
23:33:54.0025 0752        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
23:33:54.0035 0752        ssmdrv - ok
23:33:54.0075 0752        StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys
23:33:54.0095 0752        StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:33:54.0095 0752        StarOpen - detected UnsignedFile.Multi.Generic (1)
23:33:54.0145 0752        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:33:54.0165 0752        stexstor - ok
23:33:54.0205 0752        storflt        (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
23:33:54.0215 0752        storflt - ok
23:33:54.0225 0752        storvsc        (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
23:33:54.0235 0752        storvsc - ok
23:33:54.0255 0752        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
23:33:54.0265 0752        swenum - ok
23:33:54.0345 0752        Tcpip          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
23:33:54.0395 0752        Tcpip - ok
23:33:54.0425 0752        TCPIP6          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
23:33:54.0455 0752        TCPIP6 - ok
23:33:54.0465 0752        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
23:33:54.0485 0752        tcpipreg - ok
23:33:54.0515 0752        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
23:33:54.0525 0752        TDPIPE - ok
23:33:54.0555 0752        TDTCP          (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
23:33:54.0595 0752        TDTCP - ok
23:33:54.0615 0752        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
23:33:54.0655 0752        tdx - ok
23:33:54.0675 0752        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
23:33:54.0675 0752        TermDD - ok
23:33:54.0725 0752        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:54.0775 0752        tssecsrv - ok
23:33:54.0805 0752        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
23:33:54.0825 0752        tunnel - ok
23:33:54.0855 0752        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:33:54.0855 0752        uagp35 - ok
23:33:54.0885 0752        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
23:33:54.0925 0752        udfs - ok
23:33:54.0965 0752        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:33:54.0965 0752        uliagpkx - ok
23:33:54.0995 0752        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
23:33:55.0005 0752        umbus - ok
23:33:55.0025 0752        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:33:55.0045 0752        UmPass - ok
23:33:55.0095 0752        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:55.0115 0752        usbccgp - ok
23:33:55.0135 0752        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
23:33:55.0145 0752        usbcir - ok
23:33:55.0165 0752        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
23:33:55.0175 0752        usbehci - ok
23:33:55.0195 0752        usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
23:33:55.0225 0752        usbhub - ok
23:33:55.0245 0752        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
23:33:55.0245 0752        usbohci - ok
23:33:55.0275 0752        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:33:55.0285 0752        usbprint - ok
23:33:55.0315 0752        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:55.0325 0752        USBSTOR - ok
23:33:55.0355 0752        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:55.0365 0752        usbuhci - ok
23:33:55.0385 0752        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:33:55.0395 0752        vdrvroot - ok
23:33:55.0405 0752        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:55.0415 0752        vga - ok
23:33:55.0435 0752        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:33:55.0455 0752        VgaSave - ok
23:33:55.0475 0752        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
23:33:55.0485 0752        vhdmp - ok
23:33:55.0505 0752        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
23:33:55.0515 0752        viaagp - ok
23:33:55.0535 0752        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:33:55.0545 0752        ViaC7 - ok
23:33:55.0555 0752        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
23:33:55.0565 0752        viaide - ok
23:33:55.0595 0752        vmbus          (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
23:33:55.0605 0752        vmbus - ok
23:33:55.0625 0752        VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
23:33:55.0655 0752        VMBusHID - ok
23:33:55.0685 0752        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
23:33:55.0705 0752        volmgr - ok
23:33:55.0725 0752        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:33:55.0735 0752        volmgrx - ok
23:33:55.0765 0752        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
23:33:55.0775 0752        volsnap - ok
23:33:55.0805 0752        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:33:55.0815 0752        vsmraid - ok
23:33:55.0835 0752        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:33:55.0865 0752        vwifibus - ok
23:33:55.0885 0752        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:33:55.0895 0752        WacomPen - ok
23:33:55.0915 0752        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:33:55.0945 0752        WANARP - ok
23:33:55.0945 0752        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:33:55.0965 0752        Wanarpv6 - ok
23:33:55.0985 0752        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:33:55.0985 0752        Wd - ok
23:33:56.0015 0752        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:33:56.0025 0752        Wdf01000 - ok
23:33:56.0065 0752        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:33:56.0075 0752        WfpLwf - ok
23:33:56.0105 0752        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:33:56.0105 0752        WIMMount - ok
23:33:56.0135 0752        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:56.0175 0752        WmiAcpi - ok
23:33:56.0195 0752        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:33:56.0235 0752        ws2ifsl - ok
23:33:56.0255 0752        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
23:33:56.0285 0752        WudfPf - ok
23:33:56.0325 0752        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:33:56.0405 0752        \Device\Harddisk0\DR0 - ok
23:33:56.0415 0752        Boot (0x1200)  (8c856c6f5782a7ca9a4f1454e652c9e6) \Device\Harddisk0\DR0\Partition0
23:33:56.0415 0752        \Device\Harddisk0\DR0\Partition0 - ok
23:33:56.0445 0752        Boot (0x1200)  (acd48db454ce996123cbaa8cbbf897be) \Device\Harddisk0\DR0\Partition1
23:33:56.0445 0752        \Device\Harddisk0\DR0\Partition1 - ok
23:33:56.0445 0752        ============================================================
23:33:56.0445 0752        Scan finished
23:33:56.0445 0752        ============================================================
23:33:56.0465 2044        Detected object count: 2
23:33:56.0465 2044        Actual detected object count: 2
23:34:41.0485 2044        aadev ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:41.0485 2044        aadev ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:41.0485 2044        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:41.0485 2044        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:36:05.0015 3872        ============================================================
23:36:05.0015 3872        Scan started
23:36:05.0015 3872        Mode: Manual; SigCheck; TDLFS;
23:36:05.0015 3872        ============================================================
23:36:05.0275 3872        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
23:36:05.0295 3872        1394ohci - ok
23:36:05.0315 3872        aadev          (e6fb5ddbbd1f30ccac950465b0d710ff) C:\Windows\system32\DRIVERS\aadev.sys
23:36:05.0315 3872        aadev ( UnsignedFile.Multi.Generic ) - warning
23:36:05.0315 3872        aadev - detected UnsignedFile.Multi.Generic (1)
23:36:05.0355 3872        acedrv11        (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
23:36:05.0365 3872        acedrv11 - ok
23:36:05.0385 3872        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
23:36:05.0405 3872        ACPI - ok
23:36:05.0425 3872        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
23:36:05.0435 3872        AcpiPmi - ok
23:36:05.0465 3872        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:36:05.0485 3872        adp94xx - ok
23:36:05.0505 3872        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:36:05.0525 3872        adpahci - ok
23:36:05.0545 3872        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:36:05.0555 3872        adpu320 - ok
23:36:05.0595 3872        AFD            (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
23:36:05.0625 3872        AFD - ok
23:36:05.0645 3872        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
23:36:05.0645 3872        agp440 - ok
23:36:05.0695 3872        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:36:05.0695 3872        aic78xx - ok
23:36:05.0745 3872        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
23:36:05.0745 3872        aliide - ok
23:36:05.0765 3872        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
23:36:05.0785 3872        amdagp - ok
23:36:05.0795 3872        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
23:36:05.0805 3872        amdide - ok
23:36:05.0815 3872        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:36:05.0825 3872        AmdK8 - ok
23:36:05.0975 3872        amdkmdag        (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:06.0035 3872        amdkmdag - ok
23:36:06.0055 3872        amdkmdap        (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
23:36:06.0065 3872        amdkmdap - ok
23:36:06.0085 3872        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:36:06.0095 3872        AmdPPM - ok
23:36:06.0115 3872        amdsata        (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
23:36:06.0115 3872        amdsata - ok
23:36:06.0135 3872        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:36:06.0145 3872        amdsbs - ok
23:36:06.0155 3872        amdxata        (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
23:36:06.0165 3872        amdxata - ok
23:36:06.0185 3872        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
23:36:06.0185 3872        AppID - ok
23:36:06.0215 3872        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:36:06.0215 3872        arc - ok
23:36:06.0235 3872        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:36:06.0245 3872        arcsas - ok
23:36:06.0265 3872        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:06.0285 3872        AsyncMac - ok
23:36:06.0305 3872        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
23:36:06.0305 3872        atapi - ok
23:36:06.0395 3872        atikmdag        (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:06.0455 3872        atikmdag - ok
23:36:06.0485 3872        atksgt          (547f07839f71a4357a5e503646cac2b0) C:\Windows\system32\DRIVERS\atksgt.sys
23:36:06.0495 3872        atksgt - ok
23:36:06.0525 3872        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
23:36:06.0535 3872        avgntflt - ok
23:36:06.0555 3872        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
23:36:06.0565 3872        avipbb - ok
23:36:06.0595 3872        AVMDSLPPPOE    (588124fffc48ab597852c8f6ef98e5ba) C:\Windows\system32\DRIVERS\avmdsloe.sys
23:36:06.0615 3872        AVMDSLPPPOE - ok
23:36:06.0625 3872        AVMNDSL        (61ae58c70c2ccef558d1f411570a9b60) C:\Windows\system32\DRIVERS\avmndsl.sys
23:36:06.0635 3872        AVMNDSL - ok
23:36:06.0665 3872        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:36:06.0675 3872        b06bdrv - ok
23:36:06.0695 3872        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:36:06.0715 3872        b57nd60x - ok
23:36:06.0735 3872        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:36:06.0755 3872        Beep - ok
23:36:06.0775 3872        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:36:06.0795 3872        blbdrive - ok
23:36:06.0825 3872        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
23:36:06.0835 3872        bowser - ok
23:36:06.0855 3872        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:36:06.0885 3872        BrFiltLo - ok
23:36:06.0905 3872        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:36:06.0915 3872        BrFiltUp - ok
23:36:06.0945 3872        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:36:06.0955 3872        Brserid - ok
23:36:06.0975 3872        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:36:06.0985 3872        BrSerWdm - ok
23:36:07.0015 3872        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:36:07.0035 3872        BrUsbMdm - ok
23:36:07.0045 3872        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:36:07.0055 3872        BrUsbSer - ok
23:36:07.0075 3872        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:36:07.0085 3872        BTHMODEM - ok
23:36:07.0115 3872        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:36:07.0135 3872        cdfs - ok
23:36:07.0155 3872        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
23:36:07.0155 3872        cdrom - ok
23:36:07.0175 3872        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:36:07.0185 3872        circlass - ok
23:36:07.0235 3872        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:36:07.0255 3872        CLFS - ok
23:36:07.0275 3872        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:36:07.0285 3872        CmBatt - ok
23:36:07.0305 3872        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
23:36:07.0315 3872        cmdide - ok
23:36:07.0335 3872        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
23:36:07.0355 3872        CNG - ok
23:36:07.0365 3872        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:36:07.0375 3872        Compbatt - ok
23:36:07.0395 3872        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:36:07.0405 3872        CompositeBus - ok
23:36:07.0425 3872        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:36:07.0435 3872        crcdisk - ok
23:36:07.0485 3872        CSC            (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
23:36:07.0505 3872        CSC - ok
23:36:07.0525 3872        DfsC            (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
23:36:07.0545 3872        DfsC - ok
23:36:07.0565 3872        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:36:07.0575 3872        discache - ok
23:36:07.0595 3872        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:36:07.0595 3872        Disk - ok
23:36:07.0635 3872        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:36:07.0665 3872        drmkaud - ok
23:36:07.0725 3872        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
23:36:07.0745 3872        DXGKrnl - ok
23:36:07.0845 3872        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:36:07.0885 3872        ebdrv - ok
23:36:07.0915 3872        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:36:07.0925 3872        elxstor - ok
23:36:07.0945 3872        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
23:36:07.0955 3872        ErrDev - ok
23:36:07.0985 3872        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:36:08.0005 3872        exfat - ok
23:36:08.0025 3872        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:36:08.0045 3872        fastfat - ok
23:36:08.0065 3872        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:36:08.0075 3872        fdc - ok
23:36:08.0115 3872        FDSSBASE        (7b6287db392d3f17a2a1cfd69346ab36) C:\Windows\system32\DRIVERS\fdssbase.sys
23:36:08.0155 3872        FDSSBASE - ok
23:36:08.0175 3872        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:36:08.0175 3872        FileInfo - ok
23:36:08.0195 3872        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:36:08.0215 3872        Filetrace - ok
23:36:08.0235 3872        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:36:08.0245 3872        flpydisk - ok
23:36:08.0265 3872        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:36:08.0275 3872        FltMgr - ok
23:36:08.0295 3872        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:36:08.0305 3872        FsDepends - ok
23:36:08.0325 3872        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:36:08.0325 3872        Fs_Rec - ok
23:36:08.0355 3872        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
23:36:08.0365 3872        fvevol - ok
23:36:08.0385 3872        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:36:08.0395 3872        gagp30kx - ok
23:36:08.0395 3872        gdrv - ok
23:36:08.0415 3872        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:36:08.0425 3872        hcw85cir - ok
23:36:08.0455 3872        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
23:36:08.0465 3872        HdAudAddService - ok
23:36:08.0485 3872        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:36:08.0495 3872        HDAudBus - ok
23:36:08.0505 3872        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:36:08.0516 3872        HidBatt - ok
23:36:08.0536 3872        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:36:08.0546 3872        HidBth - ok
23:36:08.0566 3872        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:36:08.0576 3872        HidIr - ok
23:36:08.0586 3872        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
23:36:08.0596 3872        HidUsb - ok
23:36:08.0626 3872        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:36:08.0636 3872        HpSAMD - ok
23:36:08.0656 3872        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
23:36:08.0686 3872        HTTP - ok
23:36:08.0696 3872        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
23:36:08.0706 3872        hwpolicy - ok
23:36:08.0716 3872        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
23:36:08.0726 3872        i8042prt - ok
23:36:08.0756 3872        iaStorV        (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
23:36:08.0766 3872        iaStorV - ok
23:36:08.0786 3872        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:36:08.0796 3872        iirsp - ok
23:36:08.0886 3872        IntcAzAudAddService (5ceef2cccb4fe00d3ffbfeb12bcfa07f) C:\Windows\system32\drivers\RTKVHDA.sys
23:36:08.0936 3872        IntcAzAudAddService - ok
23:36:08.0956 3872        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
23:36:08.0956 3872        intelide - ok
23:36:08.0976 3872        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:36:08.0986 3872        intelppm - ok
23:36:09.0006 3872        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:09.0016 3872        IpFilterDriver - ok
23:36:09.0036 3872        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:36:09.0046 3872        IPMIDRV - ok
23:36:09.0066 3872        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:36:09.0086 3872        IPNAT - ok
23:36:09.0106 3872        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:36:09.0116 3872        IRENUM - ok
23:36:09.0126 3872        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
23:36:09.0136 3872        isapnp - ok
23:36:09.0156 3872        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
23:36:09.0156 3872        iScsiPrt - ok
23:36:09.0176 3872        JRAID          (7d5053a827ff5be3a7d0ae5dd5dba308) C:\Windows\system32\DRIVERS\jraid.sys
23:36:09.0176 3872        JRAID - ok
23:36:09.0196 3872        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:36:09.0206 3872        kbdclass - ok
23:36:09.0226 3872        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
23:36:09.0226 3872        kbdhid - ok
23:36:09.0256 3872        KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
23:36:09.0256 3872        KSecDD - ok
23:36:09.0276 3872        KSecPkg        (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
23:36:09.0286 3872        KSecPkg - ok
23:36:09.0306 3872        Lavasoft Kernexplorer - ok
23:36:09.0346 3872        Lbd            (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
23:36:09.0346 3872        Lbd - ok
23:36:09.0386 3872        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
23:36:09.0396 3872        lirsgt - ok
23:36:09.0416 3872        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:36:09.0446 3872        lltdio - ok
23:36:09.0476 3872        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:36:09.0486 3872        LSI_FC - ok
23:36:09.0506 3872        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:36:09.0516 3872        LSI_SAS - ok
23:36:09.0536 3872        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:36:09.0546 3872        LSI_SAS2 - ok
23:36:09.0576 3872        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:36:09.0586 3872        LSI_SCSI - ok
23:36:09.0606 3872        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:36:09.0636 3872        luafv - ok
23:36:09.0656 3872        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:36:09.0666 3872        megasas - ok
23:36:09.0696 3872        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:36:09.0706 3872        MegaSR - ok
23:36:09.0726 3872        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:36:09.0756 3872        Modem - ok
23:36:09.0776 3872        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:36:09.0786 3872        monitor - ok
23:36:09.0806 3872        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:36:09.0816 3872        mouclass - ok
23:36:09.0836 3872        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:36:09.0846 3872        mouhid - ok
23:36:09.0866 3872        mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
23:36:09.0876 3872        mountmgr - ok
23:36:09.0896 3872        mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
23:36:09.0906 3872        mpio - ok
23:36:09.0916 3872        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:36:09.0946 3872        mpsdrv - ok
23:36:09.0976 3872        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
23:36:09.0986 3872        MRxDAV - ok
23:36:10.0026 3872        mrxsmb          (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:36:10.0046 3872        mrxsmb - ok
23:36:10.0076 3872        mrxsmb10        (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:36:10.0086 3872        mrxsmb10 - ok
23:36:10.0106 3872        mrxsmb20        (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:36:10.0116 3872        mrxsmb20 - ok
23:36:10.0136 3872        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
23:36:10.0136 3872        msahci - ok
23:36:10.0156 3872        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
23:36:10.0166 3872        msdsm - ok
23:36:10.0186 3872        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:36:10.0206 3872        Msfs - ok
23:36:10.0216 3872        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:36:10.0236 3872        mshidkmdf - ok
23:36:10.0246 3872        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
23:36:10.0256 3872        msisadrv - ok
23:36:10.0266 3872        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:36:10.0286 3872        MSKSSRV - ok
23:36:10.0296 3872        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:36:10.0316 3872        MSPCLOCK - ok
23:36:10.0336 3872        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:36:10.0346 3872        MSPQM - ok
23:36:10.0366 3872        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:36:10.0376 3872        MsRPC - ok
23:36:10.0396 3872        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
23:36:10.0396 3872        mssmbios - ok
23:36:10.0416 3872        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:36:10.0426 3872        MSTEE - ok
23:36:10.0446 3872        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:36:10.0456 3872        MTConfig - ok
23:36:10.0466 3872        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:36:10.0476 3872        Mup - ok
23:36:10.0506 3872        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:36:10.0516 3872        NativeWifiP - ok
23:36:10.0546 3872        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
23:36:10.0556 3872        NDIS - ok
23:36:10.0576 3872        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:36:10.0596 3872        NdisCap - ok
23:36:10.0616 3872        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:36:10.0636 3872        NdisTapi - ok
23:36:10.0656 3872        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
23:36:10.0666 3872        Ndisuio - ok
23:36:10.0696 3872        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
23:36:10.0736 3872        NdisWan - ok
23:36:10.0756 3872        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
23:36:10.0776 3872        NDProxy - ok
23:36:10.0796 3872        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:36:10.0806 3872        NetBIOS - ok
23:36:10.0826 3872        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
23:36:10.0846 3872        NetBT - ok
23:36:10.0866 3872        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:36:10.0876 3872        nfrd960 - ok
23:36:10.0896 3872        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:36:10.0916 3872        Npfs - ok
23:36:10.0926 3872        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:36:10.0946 3872        nsiproxy - ok
23:36:10.0986 3872        Ntfs            (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
23:36:11.0006 3872        Ntfs - ok
23:36:11.0026 3872        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:36:11.0036 3872        Null - ok
23:36:11.0056 3872        nvraid          (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
23:36:11.0066 3872        nvraid - ok
23:36:11.0086 3872        nvstor          (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
23:36:11.0096 3872        nvstor - ok
23:36:11.0116 3872        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
23:36:11.0136 3872        nv_agp - ok
23:36:11.0166 3872        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
23:36:11.0186 3872        ohci1394 - ok
23:36:11.0226 3872        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:36:11.0246 3872        Parport - ok
23:36:11.0266 3872        partmgr        (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
23:36:11.0276 3872        partmgr - ok
23:36:11.0306 3872        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:36:11.0316 3872        Parvdm - ok
23:36:11.0336 3872        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
23:36:11.0346 3872        pci - ok
23:36:11.0356 3872        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
23:36:11.0366 3872        pciide - ok
23:36:11.0386 3872        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:36:11.0396 3872        pcmcia - ok
23:36:11.0416 3872        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:36:11.0426 3872        pcw - ok
23:36:11.0456 3872        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:36:11.0486 3872        PEAUTH - ok
23:36:11.0526 3872        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:36:11.0546 3872        PptpMiniport - ok
23:36:11.0566 3872        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:36:11.0576 3872        Processor - ok
23:36:11.0596 3872        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:36:11.0616 3872        Psched - ok
23:36:11.0656 3872        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:36:11.0676 3872        ql2300 - ok
23:36:11.0706 3872        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:36:11.0716 3872        ql40xx - ok
23:36:11.0736 3872        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:36:11.0746 3872        QWAVEdrv - ok
23:36:11.0756 3872        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:36:11.0776 3872        RasAcd - ok
23:36:11.0816 3872        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:36:11.0856 3872        RasAgileVpn - ok
23:36:11.0876 3872        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:36:11.0896 3872        Rasl2tp - ok
23:36:11.0906 3872        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:36:11.0926 3872        RasPppoe - ok
23:36:11.0936 3872        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:36:11.0956 3872        RasSstp - ok
23:36:11.0976 3872        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
23:36:11.0996 3872        rdbss - ok
23:36:12.0016 3872        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:36:12.0026 3872        rdpbus - ok
23:36:12.0046 3872        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:36:12.0056 3872        RDPCDD - ok
23:36:12.0106 3872        RDPDR          (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
23:36:12.0106 3872        RDPDR - ok
23:36:12.0126 3872        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:36:12.0146 3872        RDPENCDD - ok
23:36:12.0166 3872        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:36:12.0186 3872        RDPREFMP - ok
23:36:12.0206 3872        RDPWD          (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
23:36:12.0226 3872        RDPWD - ok
23:36:12.0246 3872        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
23:36:12.0256 3872        rdyboost - ok
23:36:12.0276 3872        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:36:12.0296 3872        rspndr - ok
23:36:12.0316 3872        RTHDMIAzAudService (3f521ee3308fe66bcfe688dbbc7acf7f) C:\Windows\system32\drivers\RtHDMIV.sys
23:36:12.0316 3872        RTHDMIAzAudService - ok
23:36:12.0336 3872        RTL8167        (6465166dd9b2f841dabad16abdadbe98) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:36:12.0346 3872        RTL8167 - ok
23:36:12.0386 3872        s3cap          (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
23:36:12.0416 3872        s3cap - ok
23:36:12.0436 3872        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
23:36:12.0446 3872        sbp2port - ok
23:36:12.0466 3872        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
23:36:12.0496 3872        scfilter - ok
23:36:12.0526 3872        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:36:12.0556 3872        secdrv - ok
23:36:12.0576 3872        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:36:12.0586 3872        Serenum - ok
23:36:12.0606 3872        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:36:12.0616 3872        Serial - ok
23:36:12.0626 3872        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:36:12.0636 3872        sermouse - ok
23:36:12.0666 3872        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
23:36:12.0676 3872        sffdisk - ok
23:36:12.0696 3872        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:36:12.0706 3872        sffp_mmc - ok
23:36:12.0726 3872        sffp_sd        (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:36:12.0736 3872        sffp_sd - ok
23:36:12.0756 3872        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:36:12.0756 3872        sfloppy - ok
23:36:12.0786 3872        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
23:36:12.0786 3872        sisagp - ok
23:36:12.0806 3872        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:36:12.0806 3872        SiSRaid2 - ok
23:36:12.0826 3872        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:36:12.0826 3872        SiSRaid4 - ok
23:36:12.0846 3872        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:36:12.0866 3872        Smb - ok
23:36:12.0896 3872        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:36:12.0896 3872        spldr - ok
23:36:12.0946 3872        srv            (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
23:36:12.0956 3872        srv - ok
23:36:12.0976 3872        srv2            (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
23:36:12.0986 3872        srv2 - ok
23:36:12.0996 3872        srvnet          (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
23:36:13.0006 3872        srvnet - ok
23:36:13.0026 3872        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
23:36:13.0026 3872        ssmdrv - ok
23:36:13.0066 3872        StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys
23:36:13.0066 3872        StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:36:13.0066 3872        StarOpen - detected UnsignedFile.Multi.Generic (1)
23:36:13.0086 3872        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:36:13.0096 3872        stexstor - ok
23:36:13.0106 3872        storflt        (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
23:36:13.0116 3872        storflt - ok
23:36:13.0136 3872        storvsc        (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
23:36:13.0136 3872        storvsc - ok
23:36:13.0156 3872        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
23:36:13.0166 3872        swenum - ok
23:36:13.0236 3872        Tcpip          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
23:36:13.0296 3872        Tcpip - ok
23:36:13.0316 3872        TCPIP6          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
23:36:13.0346 3872        TCPIP6 - ok
23:36:13.0366 3872        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
23:36:13.0386 3872        tcpipreg - ok
23:36:13.0406 3872        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
23:36:13.0426 3872        TDPIPE - ok
23:36:13.0446 3872        TDTCP          (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
23:36:13.0466 3872        TDTCP - ok
23:36:13.0486 3872        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
23:36:13.0506 3872        tdx - ok
23:36:13.0516 3872        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
23:36:13.0526 3872        TermDD - ok
23:36:13.0556 3872        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:36:13.0566 3872        tssecsrv - ok
23:36:13.0586 3872        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
23:36:13.0606 3872        tunnel - ok
23:36:13.0626 3872        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:36:13.0626 3872        uagp35 - ok
23:36:13.0656 3872        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
23:36:13.0676 3872        udfs - ok
23:36:13.0706 3872        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:36:13.0716 3872        uliagpkx - ok
23:36:13.0736 3872        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
23:36:13.0736 3872        umbus - ok
23:36:13.0756 3872        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:36:13.0766 3872        UmPass - ok
23:36:13.0806 3872        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
23:36:13.0806 3872        usbccgp - ok
23:36:13.0836 3872        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
23:36:13.0846 3872        usbcir - ok
23:36:13.0866 3872        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
23:36:13.0876 3872        usbehci - ok
23:36:13.0896 3872        usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
23:36:13.0896 3872        usbhub - ok
23:36:13.0916 3872        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
23:36:13.0926 3872        usbohci - ok
23:36:13.0946 3872        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:36:13.0956 3872        usbprint - ok
23:36:13.0986 3872        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:36:13.0986 3872        USBSTOR - ok
23:36:14.0006 3872        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
23:36:14.0016 3872        usbuhci - ok
23:36:14.0036 3872        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:36:14.0046 3872        vdrvroot - ok
23:36:14.0066 3872        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:36:14.0066 3872        vga - ok
23:36:14.0086 3872        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:36:14.0106 3872        VgaSave - ok
23:36:14.0126 3872        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
23:36:14.0126 3872        vhdmp - ok
23:36:14.0156 3872        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
23:36:14.0156 3872        viaagp - ok
23:36:14.0176 3872        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:36:14.0186 3872        ViaC7 - ok
23:36:14.0206 3872        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
23:36:14.0206 3872        viaide - ok
23:36:14.0246 3872        vmbus          (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
23:36:14.0276 3872        vmbus - ok
23:36:14.0296 3872        VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
23:36:14.0306 3872        VMBusHID - ok
23:36:14.0326 3872        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
23:36:14.0336 3872        volmgr - ok
23:36:14.0366 3872        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:36:14.0376 3872        volmgrx - ok
23:36:14.0396 3872        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
23:36:14.0416 3872        volsnap - ok
23:36:14.0436 3872        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:36:14.0446 3872        vsmraid - ok
23:36:14.0476 3872        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:36:14.0486 3872        vwifibus - ok
23:36:14.0506 3872        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:36:14.0516 3872        WacomPen - ok
23:36:14.0536 3872        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:36:14.0566 3872        WANARP - ok
23:36:14.0566 3872        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:36:14.0596 3872        Wanarpv6 - ok
23:36:14.0626 3872        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:36:14.0626 3872        Wd - ok
23:36:14.0656 3872        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:36:14.0666 3872        Wdf01000 - ok
23:36:14.0696 3872        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:36:14.0706 3872        WfpLwf - ok
23:36:14.0736 3872        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:36:14.0736 3872        WIMMount - ok
23:36:14.0766 3872        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:36:14.0776 3872        WmiAcpi - ok
23:36:14.0786 3872        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:36:14.0806 3872        ws2ifsl - ok
23:36:14.0836 3872        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
23:36:14.0846 3872        WudfPf - ok
23:36:14.0866 3872        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:36:14.0956 3872        \Device\Harddisk0\DR0 - ok
23:36:14.0956 3872        Boot (0x1200)  (8c856c6f5782a7ca9a4f1454e652c9e6) \Device\Harddisk0\DR0\Partition0
23:36:14.0956 3872        \Device\Harddisk0\DR0\Partition0 - ok
23:36:14.0986 3872        Boot (0x1200)  (acd48db454ce996123cbaa8cbbf897be) \Device\Harddisk0\DR0\Partition1
23:36:14.0986 3872        \Device\Harddisk0\DR0\Partition1 - ok
23:36:14.0996 3872        ============================================================
23:36:14.0996 3872        Scan finished
23:36:14.0996 3872        ============================================================
23:36:15.0006 3344        Detected object count: 2
23:36:15.0006 3344        Actual detected object count: 2
23:37:46.0076 3344        aadev ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:46.0076 3344        aadev ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:37:46.0076 3344        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:46.0076 3344        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 14.12.2011 11:36
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

rara 14.12.2011 22:36
Hallo Cosinus,

hier ist die Log-Datei von ComboFix:
Code:
ComboFix 11-12-13.03 - Rainer 14.12.2011  22:20:55.1.4 - x86
Microsoft Windows 7 Ultimate N  6.1.7600.0.1252.49.1033.18.3326.2335 [GMT 1:00]
ausgeführt von:: c:\users\Rainer\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-11-14 bis 2011-12-14  ))))))))))))))))))))))))))))))
.
.
2011-12-14 21:24 . 2011-12-14 21:24        --------        d-----w-        c:\users\Rainer\AppData\Local\temp
2011-12-14 21:24 . 2011-12-14 21:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-12-13 22:41 . 2011-12-13 22:41        684297        ----a-w-        C:\unhide.exe
2011-12-13 19:07 . 2011-12-13 19:07        --------        d-----w-        C:\_OTL
2011-12-13 12:21 . 2011-12-13 12:21        --------        d-----w-        c:\windows\Internet Logs
2011-12-13 12:19 . 2011-12-13 12:19        2560        ----a-w-        c:\windows\_MSRSTRT.EXE
2011-12-10 12:46 . 2011-12-10 12:46        --------        d-----w-        C:\OTL
2011-12-09 13:46 . 2011-12-09 13:47        --------        d-----w-        C:\Eset
2011-12-09 11:44 . 2011-12-09 11:44        --------        d-----w-        c:\program files\ESET
2011-12-09 10:54 . 2011-12-09 10:54        --------        d-----w-        C:\Games
2011-12-08 15:48 . 2011-12-08 15:48        --------        d-----w-        C:\tdsskiller
2011-12-08 15:41 . 2011-12-08 15:41        --------        d-----w-        c:\program files\Common Files\Java
2011-12-06 22:43 . 2011-12-06 22:43        --------        d-----w-        c:\users\Rainer\AppData\Roaming\Malwarebytes
2011-12-06 22:42 . 2011-12-06 22:42        --------        d-----w-        c:\programdata\Malwarebytes
2011-12-06 22:42 . 2011-12-06 22:42        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-12-06 22:42 . 2011-08-31 16:00        22216        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-12-06 20:48 . 2011-12-06 20:48        --------        d-----w-        C:\Antibundestrojaner
2011-12-06 20:35 . 2011-12-06 20:35        --------        d-----w-        C:\Reg entsperren
2011-12-04 20:47 . 2011-12-04 20:47        --------        d-----w-        c:\users\Rainer\dwhelper
2011-12-02 15:33 . 2011-12-02 15:33        89048        ----a-w-        c:\program files\Mozilla Firefox\libEGL.dll
2011-12-02 15:33 . 2011-12-02 15:33        478168        ----a-w-        c:\program files\Mozilla Firefox\libGLESv2.dll
2011-12-02 15:33 . 2011-12-02 15:33        2106216        ----a-w-        c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-12-02 15:33 . 2011-12-02 15:33        1998168        ----a-w-        c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-12-02 15:33 . 2011-12-02 15:33        1989592        ----a-w-        c:\program files\Mozilla Firefox\mozjs.dll
2011-12-02 15:33 . 2011-12-02 15:33        15832        ----a-w-        c:\program files\Mozilla Firefox\mozalloc.dll
2011-12-02 15:33 . 2011-12-02 15:33        134104        ----a-w-        c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-12-02 15:33 . 2011-12-02 15:33        801752        ----a-w-        c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-11-26 23:42 . 2011-11-26 23:42        --------        d-----w-        c:\users\Guest
2011-11-19 15:07 . 2011-11-19 15:07        --------        d-----w-        c:\users\Rainer\AppData\Local\Skyrim
2011-11-19 13:54 . 2011-12-08 17:57        --------        d-----w-        c:\program files\Common Files\Steam
2011-11-19 13:54 . 2011-12-14 21:12        --------        d-----w-        c:\program files\Steam
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-25 19:51 . 2011-10-25 17:45        83872        ----a-w-        c:\windows\system32\drivers\atksgt.sys
2011-10-25 19:51 . 2011-10-25 17:45        25888        ----a-w-        c:\windows\system32\drivers\lirsgt.sys
2011-10-24 13:29 . 2011-10-24 13:29        94208        ----a-w-        c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29        69632        ----a-w-        c:\windows\system32\QuickTime.qts
2011-10-03 04:06 . 2010-08-18 12:47        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-12-02 15:33 . 2011-12-02 15:33        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2011-11-19 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-18 7711264]
"AWatch"="c:\program files\Teledat 320\Awatch.exe" [2003-03-05 495616]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-05 281768]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-07-28 273544]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe [2010-3-22 1540096]
.
c:\users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe [2010-3-22 1540096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 06:22        59240        ----a-w-        c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 06:36        36864        ------r-        c:\windows\RaidTool\xInsIDE.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S2 aadev;AVM ADSL Adapter Device;c:\windows\system32\DRIVERS\aadev.sys [2003-02-21 27648]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-17 136360]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 AVMDSLPPPOE;AVM DSL PPPoE CAPI Driver;c:\windows\system32\DRIVERS\avmdsloe.sys [2006-09-12 45952]
S3 AVMNDSL;AVM DSL NDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\avmndsl.sys [2006-09-12 39440]
S3 FDSSBASE;AVM FRITZ!Card DSL SL (WinXP/2000);c:\windows\system32\DRIVERS\fdssbase.sys [2006-09-12 715264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
nosGetPlusHelper        REG_MULTI_SZ          nosGetPlusHelper
.
Inhalt des "geplante Tasks" Ordners
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: Interfaces\{149AA515-96D9-4A7A-8C9D-300BC27D0B89}: NameServer = 217.0.43.161 217.0.43.177
TCP: Interfaces\{A8BE80C4-B5DA-4C17-BB44-9AC5D0DD54D8}: NameServer = 217.0.43.161 217.0.43.177
FF - ProfilePath - c:\users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\u268tl1a.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Top50 V4 - c:\windows\IsUn0407.exe
AddRemove-Teledat 320 - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-12-14  22:27:49
ComboFix-quarantined-files.txt  2011-12-14 21:27
.
Vor Suchlauf: 57 Verzeichnis(se), 356.721.078.272 Bytes frei
Nach Suchlauf: 59 Verzeichnis(se), 356.626.657.280 Bytes frei
.
- - End Of File - - 9ABB9DCB812C13929B96E7B1AD391983
Ich habe keine Warnmeldungen erhalten und nichts bestätigen müssen. Das war doch (hoffentlich) der letzte Scan?


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:55 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22