Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bundespolizei Trojaner (https://www.trojaner-board.de/108090-bundespolizei-trojaner.html)

ginimo 14.01.2012 20:59
Bundespolizei Trojaner
 
Juhu Helfer,

ich hab mir (mal wieder) ein Trojaner eingefangen. Da ich den "Aus Sicherheitsgründen wurde ihr Sicherheitssystem blockiert" Trojaner erst vor ein paar Wochen hatte, hab ich bereits ein Malware Scan gemacht und es scheint als wäre alles i.O. Ich würd aber gern auf Nummer sicher gehen. Daher hier die Logfiles. Achso, welches Virenprogramm wäre denn zu empfehlen, dass mir das zukünftig nicht 1x im Monat passiert? :dummguck:

cosinus 16.01.2012 16:00
Du hast schon wieder diese ransomware?
Ich hab dir letztes Mal zum Schluss einen Updatetext gepostet. Was hast du davon nicht umgesetzt?
Ich glaub kaum dass du den Mist wieder drauf hättest wenn du an jedes Updates gedacht hättest. Gerade Flashplayer, Java oder PDF-Viewer

ginimo 19.01.2012 15:04
Oh man, sorry! :eek::wtf:
In dem Moment wo ich "Dann wären wir durch" gelesen habe, bin ich den Rest nur noch überflogen. :stirn:
Ich hab jetzt Secunia installiert und die ganzen Updates gemacht. Liegt es echt nur an den fehlenden Updates und mehr kann ich zur Sicherheit nicht machen? Und sehen die LogFiles soweit ok aus?

cosinus 19.01.2012 21:17
Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ginimo 23.01.2012 22:29
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eaa9370e92756745b2f73bfc406f99b5
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-20 06:36:02
# local_time=2011-12-20 07:36:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775166 100 100 210175 99302694 261635 0
# compatibility_mode=5892 16776573 100 100 8528 161938858 0 0
# compatibility_mode=8192 67108863 100 0 8282 8282 0 0
# scanned=1155
# found=0
# cleaned=0
# scan_time=32
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eaa9370e92756745b2f73bfc406f99b5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-20 08:25:07
# local_time=2011-12-20 09:25:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775166 100 100 210325 99302844 261785 0
# compatibility_mode=5892 16776573 100 100 8678 161939008 0 0
# compatibility_mode=8192 67108863 100 0 8432 8432 0 0
# scanned=204839
# found=5
# cleaned=0
# scan_time=6427
C:\Users\Gini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\58ce481b-279336f9 a variant of Java/TrojanDownloader.Agent.ME trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\63b90e34-30b6a901 Win32/LockScreen.AIG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\c3423b7-5e8d1d63 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\ccc963b-15ddf887 probably a variant of Java/Exploit.CVE-2011-3544.G trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\Roaming\Microsoft\dllhsts.exe Win32/LockScreen.AIG trojan (unable to clean) 00000000000000000000000000000000 I
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eaa9370e92756745b2f73bfc406f99b5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 02:55:14
# local_time=2011-12-28 03:55:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 837933 99930452 308920 0
# compatibility_mode=5892 16776573 100 100 12753 162566616 0 0
# compatibility_mode=8192 67108863 100 0 636040 636040 0 0
# scanned=204861
# found=3
# cleaned=0
# scan_time=7025
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\Downloads\PDFCreator-1_2_3_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\12212011_203844\C_Users\Gini\AppData\Roaming\Microsoft\dllhsts.exe Win32/LockScreen.AIG trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eaa9370e92756745b2f73bfc406f99b5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-23 03:42:44
# local_time=2012-01-23 04:42:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 5347 102222813 71736 0
# compatibility_mode=5892 16776573 100 100 157493 164858977 0 0
# compatibility_mode=8192 67108863 100 0 2928401 2928401 0 0
# scanned=209360
# found=15
# cleaned=0
# scan_time=7114
C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SEPVZLHF\pdfforgeToolbar[1].msi a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\78bf8d65-7b1eb159 Java/Exploit.CVE-2011-3544.W trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\Downloads\PDFCreator-1_2_3_setup(1).exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gini\Downloads\PDFCreator-1_2_3_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
${Memory} a variant of Win32/Adware.Toolbar.Dealio application 00000000000000000000000000000000 I

cosinus 24.01.2012 09:33
Gegen den PDFCreator ist nichts einzuwenden, aber du solltest nicht blind immer den Voreinstellungen vertrauen. Das Setup installiert dieses unnütze Browser-Plugin (Toolbar)!

Deinstallier diese Toolbars mal

ginimo 24.01.2012 23:13
ok deinstalliert. die häkchen bei den voreinstellungen mach ich meistens raus. (scheint mir diesmal nur entgangen zu sein)
soll ich noch irgendetwas machen?

cosinus 25.01.2012 10:12
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

ginimo 27.01.2012 00:34
OTL Logfile:
Code:
OTL logfile created on: 27.01.2012 00:07:31 - Run 7
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Gini\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,18% Memory free
4,23 Gb Paging File | 2,46 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,20 Gb Total Space | 35,73 Gb Free Space | 16,15% Space Free | Partition Type: NTFS
Drive D: | 11,68 Gb Total Space | 2,21 Gb Free Space | 18,88% Space Free | Partition Type: NTFS
 
Computer Name: GINI-PC | User Name: Gini | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\Gini\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\T-Mobile\InternetManager_Z\Bin\mcserver.exe (ZTE)
PRC - C:\Program Files\T-Mobile\InternetManager_Z\Bin\db_daemon.exe ()
PRC - C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe ()
PRC - C:\Program Files\T-Mobile\InternetManager_Z\Bin\gconfd-2.exe ()
PRC - C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\Common Files\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
PRC - C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\WindowsMobile\wmdSync.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\audio.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\itapi.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\coder.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\log.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\db_daemon.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\gconfd-2.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\libgconfbackend-xml.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\libgconf-2.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\dbus-1.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\sqlite3.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\fsync.dll ()
MOD - C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\fsync.dll ()
MOD - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\tcpsock_object.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\zlib1.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\libxml2.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_Z\Bin\libexpat.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\WINDOWS\System32\btwhidcs.dll ()
MOD - C:\Program Files\Common Files\Teleca Shared\boost_log-vc80-mt-1_33.dll ()
MOD - C:\WINDOWS\System32\aac_parser.ax ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (hasplms) -- C:\Windows\System32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\WINDOWS\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\WINDOWS\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\WINDOWS\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (PSI) -- C:\WINDOWS\System32\drivers\psi_mf.sys (Secunia)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (tcpipBM) -- C:\WINDOWS\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- C:\Windows\system32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (ZTEusbser6k) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (smserial) -- C:\WINDOWS\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HTCAND32) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (WSDScan) -- C:\WINDOWS\System32\drivers\WSDScan.sys (Microsoft Corporation)
DRV - (winusb) -- C:\WINDOWS\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (Hardlock) -- C:\Windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksfridge) -- C:\Windows\system32\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV - (NETw5v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (cdrblock) -- C:\WINDOWS\System32\drivers\cdrblock.sys (Canopus Co,. Ltd.)
DRV - (WSDPrintDevice) -- C:\WINDOWS\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw4v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (GT680x) -- C:\WINDOWS\System32\drivers\Tr11691g.sys (  )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trojaner-board.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.order.3: ""
FF - prefs.js..browser.search.order.4: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Gini\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gini\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_Z\Bin\addon [2010.12.04 19:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.27 00:06:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.16 23:53:36 | 000,000,000 | ---D | M]
 
[2009.08.04 22:07:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gini\AppData\Roaming\mozilla\Extensions
[2012.01.24 23:34:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gini\AppData\Roaming\mozilla\Firefox\Profiles\rme4ooak.default\extensions
[2010.02.05 21:33:03 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\Gini\AppData\Roaming\mozilla\Firefox\Profiles\rme4ooak.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010.04.26 04:21:35 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Gini\AppData\Roaming\mozilla\Firefox\Profiles\rme4ooak.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.20 14:56:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.11 03:25:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.01.27 00:06:35 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.17 02:38:42 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011.12.17 02:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.17 02:38:42 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011.12.17 02:38:42 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011.12.17 02:38:42 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2011.12.21 21:46:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\WINDOWS\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus S20 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Gini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gini\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab (DLM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1CC96D9-7745-4F6E-A238-4D941A15E209}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF38E2E8-A3E5-432E-BFA0-EA4F3DC1DDA4}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Gini\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gini\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {57C1E4AB-0EAB-9314-7649-86BC13BBE07B} - Microsoft Windows Media Player 11.0
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F1AB6F8D-00D4-C54E-2448-B05A7D5053C4} - Browser Customizations
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.CDV5 - cdv5codc.dll File not found
Drivers32: vidc.CDVC - cdvccodc.dll File not found
Drivers32: vidc.CDVH - cdvhcodc.dll File not found
Drivers32: vidc.CLLC - cllccodc.dll File not found
Drivers32: vidc.CMIC - cmiccodc.dll File not found
Drivers32: vidc.CUVC - cuvccodc.dll File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.LWLR - C:\Windows\System32\rgbacodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave3 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.26 21:36:30 | 000,000,000 | ---D | C] -- C:\Users\Gini\Desktop\Goethe!
[2012.01.26 21:36:20 | 000,000,000 | ---D | C] -- C:\Users\Gini\Desktop\Eine für 4
[2012.01.25 00:11:38 | 000,000,000 | ---D | C] -- C:\Users\Gini\Desktop\Magix Video 17 Deluxe
[2012.01.25 00:09:13 | 000,000,000 | ---D | C] -- C:\Users\Gini\Desktop\Geburtstag Claudi
[2012.01.17 10:04:03 | 000,000,000 | ---D | C] -- C:\Users\Gini\AppData\Roaming\pdfforge
[2012.01.17 10:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.01.17 10:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.01.16 23:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.01.16 23:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.01.16 23:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.01.16 23:24:14 | 000,000,000 | ---D | C] -- C:\Users\Gini\AppData\Local\Secunia PSI
[2012.01.16 23:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011.12.28 01:40:25 | 000,000,000 | ---D | C] -- C:\Users\Gini\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.28 01:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.28 01:39:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.12.28 01:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010.02.07 18:11:16 | 000,017,168 | ---- | C] (  ) -- C:\Windows\System32\drivers\Tr11691g.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.27 00:01:28 | 000,048,032 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.01.27 00:01:28 | 000,048,032 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.01.27 00:01:21 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.27 00:01:21 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.27 00:01:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.26 21:53:22 | 000,123,904 | ---- | M] () -- C:\Users\Gini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.26 21:38:05 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.26 21:38:05 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.26 21:38:05 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.26 21:38:05 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.26 13:27:14 | 000,000,163 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012.01.26 13:26:14 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.26 01:57:23 | 000,001,689 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.01.25 00:50:30 | 000,877,646 | ---- | M] () -- C:\Users\Gini\Desktop\DSC06663.JPG
[2012.01.25 00:49:56 | 000,792,509 | ---- | M] () -- C:\Users\Gini\Desktop\DSC066601.jpg
[2012.01.25 00:49:01 | 000,810,196 | ---- | M] () -- C:\Users\Gini\Desktop\DSC06664.JPG
[2012.01.24 23:34:17 | 003,425,503 | ---- | M] () -- C:\Users\Gini\Desktop\DSC06660.JPG
[2012.01.20 14:56:50 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.17 10:06:01 | 000,023,986 | ---- | M] () -- C:\Users\Gini\AppData\Roaming\wklnhst.dat
[2012.01.17 10:00:41 | 000,000,114 | ---- | M] () -- C:\Windows\System32\~.inf
[2012.01.17 01:05:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.01.17 01:04:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.01.17 00:53:43 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.01.17 00:53:43 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.01.17 00:53:35 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.01.16 23:53:20 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.01.16 23:24:08 | 000,000,859 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.01.14 20:04:54 | 000,008,484 | ---- | M] () -- C:\Users\Gini\AppData\Local\d3d9caps.dat
[2012.01.14 19:00:24 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.12 23:26:29 | 000,000,512 | ---- | M] () -- C:\Users\Gini\Desktop\MBR.dat
[2012.01.09 22:20:27 | 001,827,426 | ---- | M] () -- C:\Users\Gini\Desktop\Barmer GEK - eGK.pdf
[2012.01.09 21:52:41 | 000,699,026 | ---- | M] () -- C:\Users\Gini\Desktop\0. Szene Unterwelt - Stand 09.01.2012.pdf
[2012.01.09 21:52:32 | 000,697,743 | ---- | M] () -- C:\Users\Gini\Desktop\2.pdf
[2011.12.28 01:39:22 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.25 00:49:55 | 000,792,509 | ---- | C] () -- C:\Users\Gini\Desktop\DSC066601.jpg
[2012.01.24 23:20:44 | 003,425,503 | ---- | C] () -- C:\Users\Gini\Desktop\DSC06660.JPG
[2012.01.24 23:20:43 | 000,810,196 | ---- | C] () -- C:\Users\Gini\Desktop\DSC06664.JPG
[2012.01.24 23:20:42 | 000,877,646 | ---- | C] () -- C:\Users\Gini\Desktop\DSC06663.JPG
[2012.01.17 10:03:58 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.01.17 09:47:46 | 000,000,114 | ---- | C] () -- C:\Windows\System32\~.inf
[2012.01.17 01:05:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.01.17 01:04:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.01.17 01:03:55 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.01.17 00:53:35 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.01.16 23:53:20 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.01.16 23:24:08 | 000,000,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.01.16 23:24:08 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.01.14 20:08:11 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.14 19:00:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.12 23:26:29 | 000,000,512 | ---- | C] () -- C:\Users\Gini\Desktop\MBR.dat
[2012.01.09 22:18:41 | 001,827,426 | ---- | C] () -- C:\Users\Gini\Desktop\Barmer GEK - eGK.pdf
[2012.01.09 21:52:41 | 000,699,026 | ---- | C] () -- C:\Users\Gini\Desktop\0. Szene Unterwelt - Stand 09.01.2012.pdf
[2012.01.09 21:52:28 | 000,697,743 | ---- | C] () -- C:\Users\Gini\Desktop\2.pdf
[2011.12.28 01:39:22 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.21 21:33:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.12.21 21:33:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.12.21 21:33:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.12.21 21:33:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.12.21 21:33:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.15 00:04:15 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.05.24 23:09:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.02.26 10:40:09 | 000,000,000 | ---- | C] () -- C:\Windows\canopus.ini
[2011.02.26 10:18:47 | 000,143,360 | ---- | C] () -- C:\Windows\System32\pavedius5db.dll
[2011.02.26 10:18:47 | 000,143,360 | ---- | C] () -- C:\Windows\System32\pavedius.dll
[2011.02.17 03:58:26 | 000,000,000 | ---- | C] () -- C:\Windows\DbgOut.INI
[2010.11.12 11:28:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.11.11 22:00:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.11.11 22:00:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.09.06 10:08:36 | 000,033,792 | ---- | C] () -- C:\Windows\System32\rgbacodec.dll
[2010.03.08 18:02:38 | 000,697,897 | ---- | C] () -- C:\Windows\unins000.exe
[2010.03.08 18:02:38 | 000,026,018 | ---- | C] () -- C:\Windows\unins000.dat
[2010.03.02 11:11:30 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.03.02 11:11:30 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.03.02 11:11:30 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.03.02 11:11:30 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.03.02 11:11:30 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.03.02 11:11:30 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.03.02 11:11:30 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.03.02 11:11:30 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.03.02 11:11:30 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.03.02 11:11:30 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.03.02 11:11:30 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.03.02 11:11:30 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.03.02 11:11:30 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.03.02 11:11:30 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.03.02 11:11:30 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.03.02 11:11:30 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.03.02 11:11:30 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.03.02 11:11:30 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.03.02 11:11:30 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.03.02 11:08:08 | 000,000,025 | ---- | C] () -- C:\Windows\CSES20.ini
[2010.02.07 18:23:13 | 000,030,720 | ---- | C] () -- C:\Windows\EWhiteu12.dat
[2010.02.07 18:23:13 | 000,000,004 | ---- | C] () -- C:\Windows\AErroru3.dat
[2010.02.07 18:23:11 | 000,030,720 | ---- | C] () -- C:\Windows\EDarku12.dat
[2010.02.07 18:23:08 | 000,000,006 | ---- | C] () -- C:\Windows\EExpou.dat
[2010.02.07 18:23:08 | 000,000,003 | ---- | C] () -- C:\Windows\EOffsetu.dat
[2010.02.07 18:23:08 | 000,000,003 | ---- | C] () -- C:\Windows\EGain6.dat
[2010.02.07 18:11:16 | 000,188,416 | ---- | C] () -- C:\Windows\Ausba2.dll
[2010.02.07 18:11:16 | 000,026,624 | ---- | C] () -- C:\Windows\artcomm.dll
[2010.02.07 18:11:16 | 000,011,457 | ---- | C] () -- C:\Windows\Trust32.ini
[2010.02.07 18:11:16 | 000,002,495 | ---- | C] () -- C:\Windows\Ausba2.INI
[2009.12.25 08:51:28 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.06 16:59:45 | 000,048,032 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.06 16:59:44 | 000,048,032 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.23 23:43:48 | 000,008,484 | ---- | C] () -- C:\Users\Gini\AppData\Local\d3d9caps.dat
[2009.09.30 16:44:39 | 000,023,986 | ---- | C] () -- C:\Users\Gini\AppData\Roaming\wklnhst.dat
[2009.08.05 02:20:13 | 000,123,904 | ---- | C] () -- C:\Users\Gini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.04 20:18:27 | 000,027,240 | ---- | C] () -- C:\Users\Gini\AppData\Roaming\nvModes.001
[2009.08.04 20:18:26 | 000,027,240 | ---- | C] () -- C:\Users\Gini\AppData\Roaming\nvModes.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008.04.15 20:59:45 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008.04.15 20:59:45 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008.04.15 20:59:16 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008.04.15 20:50:48 | 000,001,689 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.11.26 21:18:49 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2007.11.26 21:18:49 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.26 21:18:48 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2007.11.26 21:18:48 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2007.09.05 11:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 003,761,448 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011.12.24 22:58:58 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\1&1 Mail & Media GmbH
[2012.01.02 02:56:54 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\BitTorrent
[2011.02.26 10:38:17 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Canopus
[2011.09.08 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.07.28 22:02:08 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DAEMON Tools Lite
[2011.05.29 22:34:01 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DeepBurner
[2011.12.24 23:35:26 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DVDVideoSoft
[2011.01.06 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.09.01 14:13:56 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\EuroTalk
[2010.03.28 00:22:51 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Facebook
[2010.07.30 23:24:11 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\foobar2000
[2011.03.01 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\FreeFLVConverter
[2009.12.17 04:19:33 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\gtk-2.0
[2010.05.25 21:17:21 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\ICQ
[2010.12.04 19:50:10 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\InternetManager_Z
[2012.01.16 23:50:44 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\IrfanView
[2011.06.29 13:31:47 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\MAGIX
[2010.03.05 06:42:06 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\OpenOffice.org
[2012.01.17 10:04:03 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\pdfforge
[2010.12.04 16:54:35 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\T-Mobile
[2010.12.04 19:35:15 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\T-Mobile Internet Manager
[2011.02.17 01:48:58 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Teleca
[2009.09.30 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Template
[2010.10.24 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\TubeBox
[2009.08.05 14:27:02 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\WildTangent
[2012.01.26 01:57:22 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.12.24 22:58:58 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\1&1 Mail & Media GmbH
[2011.09.17 19:53:51 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Adobe
[2011.12.08 15:57:29 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Apple Computer
[2011.01.27 23:12:09 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Avira
[2012.01.02 02:56:54 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\BitTorrent
[2011.02.26 10:38:17 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Canopus
[2011.09.08 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.01.13 08:07:15 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\CyberLink
[2011.07.28 22:02:08 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DAEMON Tools Lite
[2011.05.29 22:34:01 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DeepBurner
[2010.05.31 20:41:34 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DivX
[2012.01.17 00:32:24 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Download Manager
[2012.01.01 20:13:24 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\dvdcss
[2011.12.24 23:35:26 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DVDVideoSoft
[2011.01.06 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.09.01 14:13:56 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\EuroTalk
[2010.03.28 00:22:51 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Facebook
[2010.07.30 23:24:11 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\foobar2000
[2011.03.01 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\FreeFLVConverter
[2009.08.09 07:14:18 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Google
[2010.06.26 00:13:15 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\GTek
[2009.12.17 04:19:33 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\gtk-2.0
[2010.08.24 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Helper
[2009.08.06 01:20:53 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Hewlett-Packard
[2009.08.08 04:57:41 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\HP
[2012.01.19 14:43:39 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\HpUpdate
[2010.05.25 21:17:21 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\ICQ
[2009.08.04 16:52:29 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Identities
[2010.01.16 23:31:42 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\InstallShield
[2010.12.04 19:50:10 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\InternetManager_Z
[2012.01.16 23:50:44 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\IrfanView
[2009.08.04 16:50:38 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Macromedia
[2011.06.29 13:31:47 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\MAGIX
[2011.12.20 16:19:47 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Media Center Programs
[2011.12.21 20:38:47 | 000,000,000 | --SD | M] -- C:\Users\Gini\AppData\Roaming\Microsoft
[2009.08.04 22:07:29 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Mozilla
[2010.09.13 22:12:54 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\NCH Software
[2010.03.05 06:42:06 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\OpenOffice.org
[2012.01.17 10:04:03 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\pdfforge
[2012.01.27 00:11:39 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Skype
[2011.07.14 23:02:13 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\skypePM
[2011.12.28 01:40:25 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\SUPERAntiSpyware.com
[2009.08.04 16:53:05 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Symantec
[2010.12.04 16:54:35 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\T-Mobile
[2010.12.04 19:35:15 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\T-Mobile Internet Manager
[2011.02.17 01:48:58 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Teleca
[2009.09.30 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\Template
[2010.10.24 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\TubeBox
[2012.01.08 12:24:54 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\vlc
[2009.08.05 14:27:02 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\WildTangent
[2009.08.15 20:42:09 | 000,000,000 | ---D | M] -- C:\Users\Gini\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.03.28 00:22:51 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Gini\AppData\Roaming\Facebook\uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007.11.26 14:33:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007.11.26 14:33:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007.11.26 14:33:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\ERDNT\cache\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.08.04 18:13:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009.08.04 18:13:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009.08.04 18:13:57 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\ERDNT\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2007.07.13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iastor.sys
[2007.07.13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\SWSETUP\Drivers\ITM\Winall\Driver\iastor.sys
[2007.07.13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\System32\drivers\iaStor.sys
[2007.07.13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys
[2007.07.13 05:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\iastor.sys
[2007.07.13 05:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\SWSETUP\Drivers\ITM\Winall\Driver64\iastor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.11.26 13:01:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\WINDOWS\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\WINDOWS\ERDNT\cache\user32.dll
[2007.11.26 13:01:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\WINDOWS\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\WINDOWS\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\WINDOWS\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\ERDNT\cache\wininit.exe
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\System32\wininit.exe
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\WINDOWS\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.01.17 00:53:35 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012.01.17 00:53:35 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2012.01.17 00:53:33 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
--- --- ---

cosinus 27.01.2012 10:38
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

ginimo 28.01.2012 19:22
Code:
19:03:52.0272 5160        TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
19:03:52.0418 5160        ============================================================
19:03:52.0418 5160        Current date / time: 2012/01/28 19:03:52.0418
19:03:52.0418 5160        SystemInfo:
19:03:52.0418 5160       
19:03:52.0418 5160        OS Version: 6.0.6002 ServicePack: 2.0
19:03:52.0418 5160        Product type: Workstation
19:03:52.0418 5160        ComputerName: GINI-PC
19:03:52.0419 5160        UserName: Gini
19:03:52.0419 5160        Windows directory: C:\Windows
19:03:52.0419 5160        System windows directory: C:\Windows
19:03:52.0419 5160        Processor architecture: Intel x86
19:03:52.0419 5160        Number of processors: 2
19:03:52.0419 5160        Page size: 0x1000
19:03:52.0419 5160        Boot type: Normal boot
19:03:52.0419 5160        ============================================================
19:03:53.0395 5160        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:03:53.0484 5160        Initialize success
19:19:23.0986 4108        ============================================================
19:19:23.0986 4108        Scan started
19:19:23.0986 4108        Mode: Manual; SigCheck; TDLFS;
19:19:23.0986 4108        ============================================================
19:19:24.0707 4108        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:19:24.0963 4108        ACPI - ok
19:19:25.0152 4108        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:19:25.0176 4108        adp94xx - ok
19:19:25.0339 4108        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:19:25.0356 4108        adpahci - ok
19:19:25.0385 4108        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:19:25.0397 4108        adpu160m - ok
19:19:25.0465 4108        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:19:25.0478 4108        adpu320 - ok
19:19:25.0642 4108        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:19:25.0779 4108        AFD - ok
19:19:25.0910 4108        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:19:25.0926 4108        agp440 - ok
19:19:25.0954 4108        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:19:25.0973 4108        aic78xx - ok
19:19:26.0132 4108        aksfridge      (730e9d3bb324fb1899005aea63c6782d) C:\Windows\system32\drivers\aksfridge.sys
19:19:26.0241 4108        aksfridge - ok
19:19:26.0388 4108        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:19:26.0397 4108        aliide - ok
19:19:26.0458 4108        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:19:26.0468 4108        amdagp - ok
19:19:26.0569 4108        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:19:26.0579 4108        amdide - ok
19:19:26.0606 4108        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:19:26.0761 4108        AmdK7 - ok
19:19:26.0861 4108        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:19:26.0935 4108        AmdK8 - ok
19:19:27.0122 4108        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:19:27.0135 4108        arc - ok
19:19:27.0179 4108        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:19:27.0197 4108        arcsas - ok
19:19:27.0309 4108        as6eio - ok
19:19:27.0371 4108        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:27.0495 4108        AsyncMac - ok
19:19:27.0610 4108        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:19:27.0632 4108        atapi - ok
19:19:27.0733 4108        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
19:19:27.0777 4108        avgio - ok
19:19:27.0907 4108        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
19:19:27.0963 4108        avgntflt - ok
19:19:28.0076 4108        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
19:19:28.0085 4108        avipbb - ok
19:19:28.0251 4108        BCM43XV        (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
19:19:28.0356 4108        BCM43XV - ok
19:19:28.0479 4108        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:19:28.0561 4108        Beep - ok
19:19:28.0675 4108        blbdrive - ok
19:19:28.0760 4108        BMLoad          (70cd6d71fc48bbbd1385d7b35aeadecc) C:\Windows\system32\drivers\BMLoad.sys
19:19:28.0789 4108        BMLoad ( UnsignedFile.Multi.Generic ) - warning
19:19:28.0789 4108        BMLoad - detected UnsignedFile.Multi.Generic (1)
19:19:28.0957 4108        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:19:29.0012 4108        bowser - ok
19:19:29.0142 4108        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:19:29.0242 4108        BrFiltLo - ok
19:19:29.0345 4108        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:19:29.0417 4108        BrFiltUp - ok
19:19:29.0557 4108        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:19:29.0619 4108        Brserid - ok
19:19:29.0648 4108        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:19:29.0731 4108        BrSerWdm - ok
19:19:29.0834 4108        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:19:29.0894 4108        BrUsbMdm - ok
19:19:29.0909 4108        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:19:29.0968 4108        BrUsbSer - ok
19:19:30.0112 4108        BthEnum        (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
19:19:30.0154 4108        BthEnum - ok
19:19:30.0307 4108        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:19:30.0403 4108        BTHMODEM - ok
19:19:30.0490 4108        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
19:19:30.0547 4108        BthPan - ok
19:19:30.0694 4108        BTHPORT        (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
19:19:30.0765 4108        BTHPORT - ok
19:19:30.0880 4108        BTHUSB          (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
19:19:30.0919 4108        BTHUSB - ok
19:19:31.0083 4108        btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
19:19:31.0098 4108        btwaudio - ok
19:19:31.0245 4108        btwavdt        (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
19:19:31.0262 4108        btwavdt - ok
19:19:31.0280 4108        btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
19:19:31.0293 4108        btwrchid - ok
19:19:31.0397 4108        CA561 - ok
19:19:31.0443 4108        catchme - ok
19:19:31.0578 4108        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:19:31.0617 4108        cdfs - ok
19:19:31.0753 4108        cdrblock        (15e3e2920adac7450e0c7ae5f23a5f53) C:\Windows\system32\DRIVERS\cdrblock.sys
19:19:31.0761 4108        cdrblock - ok
19:19:31.0834 4108        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:19:31.0865 4108        cdrom - ok
19:19:31.0958 4108        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:19:32.0024 4108        circlass - ok
19:19:32.0097 4108        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:19:32.0117 4108        CLFS - ok
19:19:32.0272 4108        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:19:32.0317 4108        CmBatt - ok
19:19:32.0358 4108        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:19:32.0368 4108        cmdide - ok
19:19:32.0513 4108        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:19:32.0524 4108        Compbatt - ok
19:19:32.0551 4108        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:19:32.0561 4108        crcdisk - ok
19:19:32.0648 4108        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:19:32.0703 4108        Crusoe - ok
19:19:32.0800 4108        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:19:32.0856 4108        DfsC - ok
19:19:33.0001 4108        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:19:33.0012 4108        disk - ok
19:19:33.0111 4108        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:19:33.0198 4108        drmkaud - ok
19:19:33.0309 4108        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:19:33.0337 4108        DXGKrnl - ok
19:19:33.0499 4108        E100B          (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
19:19:33.0579 4108        E100B - ok
19:19:33.0602 4108        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:19:33.0689 4108        E1G60 - ok
19:19:33.0849 4108        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:19:33.0861 4108        Ecache - ok
19:19:33.0919 4108        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:19:33.0935 4108        elxstor - ok
19:19:34.0114 4108        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:19:34.0173 4108        exfat - ok
19:19:34.0333 4108        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:19:34.0357 4108        fastfat - ok
19:19:34.0498 4108        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:19:34.0562 4108        fdc - ok
19:19:34.0648 4108        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:19:34.0662 4108        FileInfo - ok
19:19:34.0740 4108        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:19:34.0793 4108        Filetrace - ok
19:19:34.0850 4108        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:34.0904 4108        flpydisk - ok
19:19:35.0011 4108        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:19:35.0023 4108        FltMgr - ok
19:19:35.0218 4108        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:19:35.0235 4108        Fs_Rec - ok
19:19:35.0281 4108        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:19:35.0292 4108        gagp30kx - ok
19:19:35.0443 4108        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:19:35.0452 4108        GEARAspiWDM - ok
19:19:35.0497 4108        GT680x          (2c82b2b948cd8cef370d820178bc821c) C:\Windows\system32\Drivers\Tr11691g.SYS
19:19:35.0527 4108        GT680x ( UnsignedFile.Multi.Generic ) - warning
19:19:35.0527 4108        GT680x - detected UnsignedFile.Multi.Generic (1)
19:19:35.0649 4108        Hardlock        (2a2448dd47208722c0cf3665687ae9f6) C:\Windows\system32\drivers\hardlock.sys
19:19:35.0708 4108        Hardlock - ok
19:19:35.0869 4108        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:19:35.0947 4108        HdAudAddService - ok
19:19:35.0989 4108        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:36.0049 4108        HDAudBus - ok
19:19:36.0162 4108        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:19:36.0249 4108        HidBth - ok
19:19:36.0287 4108        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:19:36.0364 4108        HidIr - ok
19:19:36.0500 4108        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:19:36.0544 4108        HidUsb - ok
19:19:36.0678 4108        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:19:36.0688 4108        HpCISSs - ok
19:19:36.0740 4108        HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:19:36.0766 4108        HpqKbFiltr - ok
19:19:36.0895 4108        HpqRemHid      (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
19:19:36.0942 4108        HpqRemHid - ok
19:19:37.0096 4108        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:19:37.0149 4108        HSFHWAZL - ok
19:19:37.0207 4108        HSF_DPV        (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:19:37.0279 4108        HSF_DPV - ok
19:19:37.0424 4108        HTCAND32        (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:19:37.0468 4108        HTCAND32 - ok
19:19:37.0589 4108        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:19:37.0669 4108        HTTP - ok
19:19:37.0823 4108        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:19:37.0835 4108        i2omp - ok
19:19:37.0904 4108        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:37.0956 4108        i8042prt - ok
19:19:38.0138 4108        ialm            (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:19:38.0318 4108        ialm - ok
19:19:38.0448 4108        iaStor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys
19:19:38.0468 4108        iaStor - ok
19:19:38.0505 4108        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:19:38.0531 4108        iaStorV - ok
19:19:38.0665 4108        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:19:38.0691 4108        iirsp - ok
19:19:38.0846 4108        IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys
19:19:38.0964 4108        IntcAzAudAddService - ok
19:19:39.0080 4108        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:19:39.0089 4108        intelide - ok
19:19:39.0143 4108        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:19:39.0177 4108        intelppm - ok
19:19:39.0330 4108        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:39.0362 4108        IpFilterDriver - ok
19:19:39.0374 4108        IpInIp - ok
19:19:39.0420 4108        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:19:39.0463 4108        IPMIDRV - ok
19:19:39.0591 4108        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:19:39.0642 4108        IPNAT - ok
19:19:39.0798 4108        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:19:39.0837 4108        IRENUM - ok
19:19:39.0867 4108        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:19:39.0880 4108        isapnp - ok
19:19:40.0033 4108        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:19:40.0054 4108        iScsiPrt - ok
19:19:40.0099 4108        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:19:40.0116 4108        iteatapi - ok
19:19:40.0213 4108        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:19:40.0223 4108        iteraid - ok
19:19:40.0258 4108        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:40.0269 4108        kbdclass - ok
19:19:40.0301 4108        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:40.0334 4108        kbdhid - ok
19:19:40.0452 4108        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:19:40.0472 4108        KSecDD - ok
19:19:40.0645 4108        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:19:40.0682 4108        lltdio - ok
19:19:40.0732 4108        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:19:40.0743 4108        LSI_FC - ok
19:19:40.0858 4108        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:19:40.0871 4108        LSI_SAS - ok
19:19:40.0920 4108        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:19:40.0934 4108        LSI_SCSI - ok
19:19:41.0048 4108        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:19:41.0095 4108        luafv - ok
19:19:41.0130 4108        massfilter      (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
19:19:41.0174 4108        massfilter - ok
19:19:41.0313 4108        MBAMProtector  (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
19:19:41.0329 4108        MBAMProtector - ok
19:19:41.0403 4108        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:19:41.0420 4108        megasas - ok
19:19:41.0544 4108        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:19:41.0599 4108        Modem - ok
19:19:41.0760 4108        MODEMCSA        (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
19:19:41.0805 4108        MODEMCSA - ok
19:19:41.0930 4108        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:19:41.0973 4108        monitor - ok
19:19:42.0063 4108        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:19:42.0074 4108        mouclass - ok
19:19:42.0151 4108        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:19:42.0176 4108        mouhid - ok
19:19:42.0288 4108        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:19:42.0301 4108        MountMgr - ok
19:19:42.0424 4108        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:19:42.0436 4108        mpio - ok
19:19:42.0513 4108        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:19:42.0573 4108        mpsdrv - ok
19:19:42.0686 4108        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:19:42.0696 4108        Mraid35x - ok
19:19:42.0784 4108        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:19:42.0841 4108        MRxDAV - ok
19:19:42.0953 4108        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:42.0997 4108        mrxsmb - ok
19:19:43.0076 4108        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:43.0116 4108        mrxsmb10 - ok
19:19:43.0208 4108        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:43.0246 4108        mrxsmb20 - ok
19:19:43.0340 4108        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
19:19:43.0352 4108        msahci - ok
19:19:43.0413 4108        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:19:43.0427 4108        msdsm - ok
19:19:43.0507 4108        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:19:43.0572 4108        Msfs - ok
19:19:43.0683 4108        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:19:43.0699 4108        msisadrv - ok
19:19:43.0802 4108        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:19:43.0864 4108        MSKSSRV - ok
19:19:43.0939 4108        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:44.0000 4108        MSPCLOCK - ok
19:19:44.0052 4108        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:19:44.0138 4108        MSPQM - ok
19:19:44.0229 4108        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:19:44.0264 4108        MsRPC - ok
19:19:44.0342 4108        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:19:44.0367 4108        mssmbios - ok
19:19:44.0451 4108        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:19:44.0543 4108        MSTEE - ok
19:19:44.0616 4108        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:19:44.0627 4108        Mup - ok
19:19:44.0743 4108        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:19:44.0787 4108        NativeWifiP - ok
19:19:44.0906 4108        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:19:44.0927 4108        NDIS - ok
19:19:45.0064 4108        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:45.0100 4108        NdisTapi - ok
19:19:45.0138 4108        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:45.0162 4108        Ndisuio - ok
19:19:45.0221 4108        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:45.0270 4108        NdisWan - ok
19:19:45.0405 4108        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:19:45.0445 4108        NDProxy - ok
19:19:45.0576 4108        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:19:45.0600 4108        NetBIOS - ok
19:19:45.0656 4108        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:19:45.0679 4108        netbt - ok
19:19:45.0901 4108        NETw4v32        (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
19:19:46.0034 4108        NETw4v32 - ok
19:19:46.0271 4108        NETw5v32        (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
19:19:46.0549 4108        NETw5v32 - ok
19:19:46.0659 4108        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:19:46.0676 4108        nfrd960 - ok
19:19:46.0722 4108        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:19:46.0755 4108        Npfs - ok
19:19:46.0877 4108        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:19:46.0940 4108        nsiproxy - ok
19:19:47.0011 4108        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:19:47.0071 4108        Ntfs - ok
19:19:47.0175 4108        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:19:47.0265 4108        ntrigdigi - ok
19:19:47.0297 4108        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:19:47.0350 4108        Null - ok
19:19:47.0711 4108        nvlddmkm        (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:19:48.0163 4108        nvlddmkm - ok
19:19:48.0279 4108        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:19:48.0290 4108        nvraid - ok
19:19:48.0309 4108        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:19:48.0319 4108        nvstor - ok
19:19:48.0468 4108        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:19:48.0483 4108        nv_agp - ok
19:19:48.0493 4108        NwlnkFlt - ok
19:19:48.0505 4108        NwlnkFwd - ok
19:19:48.0574 4108        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:19:48.0612 4108        ohci1394 - ok
19:19:48.0754 4108        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:19:48.0836 4108        Parport - ok
19:19:48.0875 4108        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:19:48.0887 4108        partmgr - ok
19:19:48.0988 4108        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:19:49.0045 4108        Parvdm - ok
19:19:49.0086 4108        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:19:49.0099 4108        pci - ok
19:19:49.0216 4108        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
19:19:49.0225 4108        pciide - ok
19:19:49.0265 4108        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:19:49.0278 4108        pcmcia - ok
19:19:49.0488 4108        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:19:49.0588 4108        PEAUTH - ok
19:19:49.0760 4108        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:19:49.0804 4108        PptpMiniport - ok
19:19:49.0846 4108        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:19:49.0933 4108        Processor - ok
19:19:50.0072 4108        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:19:50.0130 4108        PSched - ok
19:19:50.0269 4108        PSI            (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
19:19:50.0291 4108        PSI - ok
19:19:50.0499 4108        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:19:50.0533 4108        ql2300 - ok
19:19:50.0634 4108        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:19:50.0645 4108        ql40xx - ok
19:19:50.0720 4108        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:19:50.0755 4108        QWAVEdrv - ok
19:19:50.0886 4108        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:19:50.0919 4108        RasAcd - ok
19:19:50.0959 4108        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:50.0985 4108        Rasl2tp - ok
19:19:51.0086 4108        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:51.0129 4108        RasPppoe - ok
19:19:51.0222 4108        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:19:51.0252 4108        RasSstp - ok
19:19:51.0292 4108        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:19:51.0321 4108        rdbss - ok
19:19:51.0426 4108        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:51.0482 4108        RDPCDD - ok
19:19:51.0547 4108        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:19:51.0646 4108        rdpdr - ok
19:19:51.0760 4108        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:19:51.0802 4108        RDPENCDD - ok
19:19:51.0863 4108        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:19:51.0901 4108        RDPWD - ok
19:19:52.0053 4108        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
19:19:52.0103 4108        RFCOMM - ok
19:19:52.0247 4108        rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:19:52.0294 4108        rimmptsk - ok
19:19:52.0436 4108        rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:19:52.0499 4108        rimsptsk - ok
19:19:52.0639 4108        rismxdp        (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
19:19:52.0701 4108        rismxdp - ok
19:19:52.0769 4108        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:19:52.0832 4108        rspndr - ok
19:19:52.0971 4108        RTL8169        (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:19:53.0039 4108        RTL8169 - ok
19:19:53.0128 4108        SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:19:53.0135 4108        SASDIFSV - ok
19:19:53.0150 4108        SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:19:53.0158 4108        SASKUTIL - ok
19:19:53.0284 4108        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:19:53.0294 4108        sbp2port - ok
19:19:53.0336 4108        sdbus          (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
19:19:53.0374 4108        sdbus - ok
19:19:53.0487 4108        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:19:53.0539 4108        secdrv - ok
19:19:53.0570 4108        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:19:53.0624 4108        Serenum - ok
19:19:53.0740 4108        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:19:53.0801 4108        Serial - ok
19:19:53.0907 4108        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:19:53.0940 4108        sermouse - ok
19:19:53.0974 4108        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
19:19:53.0993 4108        sffdisk - ok
19:19:54.0101 4108        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:19:54.0151 4108        sffp_mmc - ok
19:19:54.0183 4108        sffp_sd        (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:19:54.0210 4108        sffp_sd - ok
19:19:54.0317 4108        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:19:54.0368 4108        sfloppy - ok
19:19:54.0394 4108        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:19:54.0407 4108        sisagp - ok
19:19:54.0514 4108        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:19:54.0527 4108        SiSRaid2 - ok
19:19:54.0552 4108        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:19:54.0566 4108        SiSRaid4 - ok
19:19:54.0616 4108        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:19:54.0649 4108        Smb - ok
19:19:54.0826 4108        smserial        (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
19:19:54.0915 4108        smserial - ok
19:19:55.0048 4108        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:19:55.0065 4108        spldr - ok
19:19:55.0134 4108        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:19:55.0185 4108        srv - ok
19:19:55.0294 4108        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:19:55.0352 4108        srv2 - ok
19:19:55.0384 4108        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:19:55.0398 4108        srvnet - ok
19:19:55.0512 4108        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:19:55.0519 4108        ssmdrv - ok
19:19:55.0595 4108        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:19:55.0605 4108        swenum - ok
19:19:55.0718 4108        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:19:55.0728 4108        Symc8xx - ok
19:19:55.0738 4108        SymIMMP - ok
19:19:55.0766 4108        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:19:55.0776 4108        Sym_hi - ok
19:19:55.0805 4108        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:19:55.0816 4108        Sym_u3 - ok
19:19:55.0948 4108        SynTP          (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
19:19:55.0962 4108        SynTP - ok
19:19:56.0028 4108        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:19:56.0071 4108        Tcpip - ok
19:19:56.0195 4108        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:19:56.0231 4108        Tcpip6 - ok
19:19:56.0335 4108        tcpipBM        (74905ebcbb8cbdb1f3c0b1778bbcb4bc) C:\Windows\system32\drivers\tcpipBM.sys
19:19:56.0354 4108        tcpipBM ( UnsignedFile.Multi.Generic ) - warning
19:19:56.0354 4108        tcpipBM - detected UnsignedFile.Multi.Generic (1)
19:19:56.0397 4108        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:19:56.0427 4108        tcpipreg - ok
19:19:56.0532 4108        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:19:56.0603 4108        TDPIPE - ok
19:19:56.0631 4108        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:19:56.0673 4108        TDTCP - ok
19:19:56.0785 4108        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:19:56.0820 4108        tdx - ok
19:19:56.0926 4108        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:19:56.0938 4108        TermDD - ok
19:19:56.0981 4108        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:57.0023 4108        tssecsrv - ok
19:19:57.0161 4108        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:19:57.0203 4108        tunmp - ok
19:19:57.0311 4108        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:19:57.0363 4108        tunnel - ok
19:19:57.0401 4108        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:19:57.0411 4108        uagp35 - ok
19:19:57.0533 4108        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:19:57.0557 4108        udfs - ok
19:19:57.0607 4108        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:19:57.0617 4108        uliagpkx - ok
19:19:57.0713 4108        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:19:57.0728 4108        uliahci - ok
19:19:57.0767 4108        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:19:57.0781 4108        UlSata - ok
19:19:57.0885 4108        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:19:57.0899 4108        ulsata2 - ok
19:19:57.0943 4108        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:19:57.0984 4108        umbus - ok
19:19:58.0141 4108        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:19:58.0197 4108        USBAAPL - ok
19:19:58.0312 4108        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:58.0368 4108        usbccgp - ok
19:19:58.0491 4108        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:19:58.0597 4108        usbcir - ok
19:19:58.0733 4108        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:19:58.0774 4108        usbehci - ok
19:19:58.0817 4108        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:19:58.0872 4108        usbhub - ok
19:19:58.0978 4108        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:19:59.0058 4108        usbohci - ok
19:19:59.0103 4108        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:19:59.0145 4108        usbprint - ok
19:19:59.0281 4108        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:19:59.0350 4108        usbscan - ok
19:19:59.0404 4108        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:59.0482 4108        USBSTOR - ok
19:19:59.0601 4108        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:19:59.0651 4108        usbuhci - ok
19:19:59.0744 4108        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:19:59.0828 4108        usbvideo - ok
19:19:59.0936 4108        usb_rndisx      (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
19:19:59.0960 4108        usb_rndisx - ok
19:20:00.0033 4108        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:00.0073 4108        vga - ok
19:20:00.0173 4108        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:20:00.0211 4108        VgaSave - ok
19:20:00.0265 4108        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:20:00.0276 4108        viaagp - ok
19:20:00.0362 4108        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:20:00.0420 4108        ViaC7 - ok
19:20:00.0509 4108        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:20:00.0524 4108        viaide - ok
19:20:00.0630 4108        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:20:00.0641 4108        volmgr - ok
19:20:00.0718 4108        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:20:00.0735 4108        volmgrx - ok
19:20:00.0826 4108        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:20:00.0840 4108        volsnap - ok
19:20:00.0918 4108        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:20:00.0930 4108        vsmraid - ok
19:20:01.0021 4108        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:20:01.0089 4108        WacomPen - ok
19:20:01.0162 4108        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:20:01.0201 4108        Wanarp - ok
19:20:01.0205 4108        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:20:01.0230 4108        Wanarpv6 - ok
19:20:01.0312 4108        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:20:01.0325 4108        Wd - ok
19:20:01.0386 4108        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:20:01.0415 4108        Wdf01000 - ok
19:20:01.0571 4108        winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:20:01.0631 4108        winachsf - ok
19:20:01.0710 4108        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
19:20:01.0754 4108        winusb - ok
19:20:01.0842 4108        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:20:01.0881 4108        WmiAcpi - ok
19:20:01.0995 4108        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:20:02.0035 4108        WpdUsb - ok
19:20:02.0130 4108        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:20:02.0190 4108        ws2ifsl - ok
19:20:02.0325 4108        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:20:02.0358 4108        WSDPrintDevice - ok
19:20:02.0417 4108        WSDScan        (65d1ff8aaff4a7d8f787a290e5087816) C:\Windows\system32\DRIVERS\WSDScan.sys
19:20:02.0449 4108        WSDScan - ok
19:20:02.0564 4108        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:02.0607 4108        WUDFRd - ok
19:20:02.0684 4108        ZTEusbmdm6k    (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:20:02.0724 4108        ZTEusbmdm6k - ok
19:20:02.0847 4108        ZTEusbnmea      (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:20:02.0867 4108        ZTEusbnmea - ok
19:20:02.0893 4108        ZTEusbser6k    (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:20:02.0914 4108        ZTEusbser6k - ok
19:20:02.0971 4108        MBR (0x1B8)    (ab2261d98ab453077a8fc300866b802f) \Device\Harddisk0\DR0
19:20:03.0836 4108        \Device\Harddisk0\DR0 - ok
19:20:03.0842 4108        Boot (0x1200)  (ded8f0cbff98bc813ae9fd22a5eee9b1) \Device\Harddisk0\DR0\Partition0
19:20:03.0844 4108        \Device\Harddisk0\DR0\Partition0 - ok
19:20:03.0867 4108        Boot (0x1200)  (6b5b1302ec484030ce305201feee8dd9) \Device\Harddisk0\DR0\Partition1
19:20:03.0869 4108        \Device\Harddisk0\DR0\Partition1 - ok
19:20:03.0870 4108        ============================================================
19:20:03.0870 4108        Scan finished
19:20:03.0870 4108        ============================================================
19:20:03.0895 3636        Detected object count: 3
19:20:03.0895 3636        Actual detected object count: 3
19:20:11.0208 3636        BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:11.0208 3636        BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:11.0210 3636        GT680x ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:11.0210 3636        GT680x ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:11.0212 3636        tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:11.0212 3636        tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 29.01.2012 18:51
Ist soweit nun aufällig. Rechner jetzt wieder in Ordnung?

ginimo 31.01.2012 16:13
jep, soweit läuft fast alles... ;)
mein internet bricht häufig ab. wir hatten ziemlich zeitnahe einen neuen router bekommen und ich kann nicht einschätzen ob es mit dem zusamenhängt oder mit meinem WiFi.

cosinus 31.01.2012 16:25
Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.
Lad dir mal sowas wie Knoppix oder Ubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal ausgiebig die Internetverbindung unter Linux und berichte ob die Verbindung dort stabil ist


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:02 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28