Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Log-Analyse und Auswertung: TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 3 1 2 3
Alt 18.08.2012, 11:42   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.08.2012, 19:30   #17
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Code:
ATTFilter
OTL logfile created on: 18.08.2012 20:01:58 - Run 2
OTL by OldTimer - Version 3.2.58.0     Folder = C:\Users\Zerocool 2009\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,92% Memory free
6,19 Gb Paging File | 4,67 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 22,84 Gb Free Space | 20,50% Space Free | Partition Type: NTFS
Drive D: | 111,44 Gb Total Space | 103,88 Gb Free Space | 93,21% Space Free | Partition Type: NTFS
 
Computer Name: ZEROCOOL2009 | User Name: Zerocool 2009 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.18 19:56:20 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
PRC - [2012.08.08 20:21:21 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010.09.14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.09.09 14:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.07.25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.03.11 14:47:25 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.03 17:40:49 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\ZEROCO~1\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008.07.20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 18:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.07.02 04:51:00 | 000,821,768 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008.05.15 21:15:04 | 000,102,400 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
PRC - [2008.05.12 23:11:04 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.05.12 23:10:54 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.04.28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.23 16:58:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.03.07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.16 19:35:14 | 000,103,696 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
PRC - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.15 19:10:13 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.06.15 15:09:04 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 15:08:45 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.05.10 13:21:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 13:15:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.10 13:14:08 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.10 13:13:50 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2009.11.16 21:31:58 | 000,069,632 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.31 23:13:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.10.31 23:13:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.10.31 23:13:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.05.12 23:11:06 | 000,753,664 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.05.12 23:11:02 | 000,007,680 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008.05.09 13:04:04 | 000,147,456 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\CLVistaAudioMixer.dll
MOD - [2008.05.09 12:55:52 | 000,176,128 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\mm\_CLHDPlayer.dll
MOD - [2008.05.09 12:55:48 | 000,692,224 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_bsddb.pyd
MOD - [2008.05.09 12:55:48 | 000,006,656 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\winsound.pyd
MOD - [2008.05.09 12:55:46 | 000,479,232 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_ssl.pyd
MOD - [2008.05.09 12:55:46 | 000,135,168 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\pyexpat.pyd
MOD - [2008.05.09 12:55:46 | 000,049,152 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_socket.pyd
MOD - [2008.05.09 12:55:40 | 000,065,536 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\zlib.pyd
MOD - [2008.04.23 16:58:20 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.03.05 00:38:16 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.16 19:35:34 | 000,053,248 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\mm\_CLMSBrowser.dll
MOD - [2008.01.16 19:35:26 | 000,479,232 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_ssl.pyd
MOD - [2008.01.16 19:35:26 | 000,049,152 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_socket.pyd
MOD - [2008.01.16 19:35:24 | 000,692,224 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_bsddb.pyd
MOD - [2008.01.16 19:35:24 | 000,405,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\unicodedata.pyd
MOD - [2008.01.16 19:35:24 | 000,006,656 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\winsound.pyd
MOD - [2008.01.16 19:35:22 | 000,135,168 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\pyexpat.pyd
MOD - [2008.01.16 19:35:14 | 000,065,536 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\zlib.pyd
MOD - [2008.01.16 19:35:12 | 000,039,936 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\CLVistaAudioMixer.dll
MOD - [2008.01.16 19:35:04 | 000,184,399 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLNetMediaDMA.dll
MOD - [2008.01.16 19:35:04 | 000,127,074 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLNetMediaCDS.dll
MOD - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.08.15 19:03:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.20 20:49:44 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\clwvd.sys -- (clwvd)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.01.09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.10.03 11:53:19 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.11 13:33:11 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.08.07 09:05:44 | 007,545,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.08.07 09:05:42 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.07.28 09:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.05.09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.04.28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.04.21 05:07:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.21 11:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.16 19:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.05.11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007.05.09 01:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007.03.28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.03.05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 05:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007.03.05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007.03.05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE308
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE308
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes,DefaultScope = {B7131AF1-38F8-4649-BFEF-028C2F02F9C8}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=ntJ1vLMjzzqiWBbfvC7Wdcq80o4?q={searchTerms}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=0fc6abe7-9006-40bc-8950-d7f13e543b3e&apn_sauid=229EF2EC-ECB8-4382-911E-EE185AE02D46
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{B7131AF1-38F8-4649-BFEF-028C2F02F9C8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://web.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.11 14:59:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 20:49:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 15:35:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 20:49:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 15:35:17 | 000,000,000 | ---D | M]
 
[2010.11.25 23:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Extensions
[2012.08.10 20:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions
[2010.11.28 14:11:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.28 12:19:28 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions\maps@ovi.com
[2011.12.19 22:18:39 | 000,000,933 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\11-suche.xml
[2011.12.19 22:18:39 | 000,002,419 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 22:18:39 | 000,010,525 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\gmx-suche.xml
[2011.12.19 22:18:39 | 000,002,457 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\lastminute.xml
[2011.12.19 22:18:39 | 000,005,508 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\webde-suche.xml
[2012.03.29 16:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.20 20:49:46 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.17 17:23:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.20 20:49:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.20 20:49:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.20 20:49:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.20 20:49:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.20 20:49:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.20 20:49:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_15-windows-i586.cab (Java Plug-in 1.3.1_15)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E6AE4EF-C04C-45F9-8F7E-23246DA528DA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9D8EA02-4A67-433C-8EB2-54278859636D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= -  File not found
MsConfig - StartUpReg: mcagent_exe - hkey= - key= -  File not found
MsConfig - StartUpReg: NokiaSuite.exe - hkey= - key= - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.18 19:56:18 | 000,598,016 | ---- | C] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
[2012.08.18 10:39:35 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Documents\Nokia Suite
[2012.08.14 22:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.08.14 22:07:27 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Zerocool 2009\Desktop\esetsmartinstaller_enu.exe
[2012.08.05 22:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.05 22:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.05 21:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.08.05 21:46:57 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.08.01 08:38:54 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Local\Macromedia
[2012.07.30 18:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVT BlueSoleil
[2012.07.29 11:38:57 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Austriapack
[2012.07.28 21:07:08 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Harrys Schwerlast
[2012.07.28 21:04:37 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\HarrysMap3.9
[2012.07.22 17:26:25 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Wycieczka2
[2012.07.21 12:44:46 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Roaming\Avira
[2012.07.21 12:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.21 12:38:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.07.21 12:38:34 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.07.21 12:38:34 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.07.21 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.07.20 14:50:33 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\basen
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2012.08.18 20:08:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 20:08:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 20:08:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.18 20:02:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.18 19:59:58 | 000,270,243 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.18 19:59:58 | 000,270,219 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.18 19:56:20 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
[2012.08.18 10:08:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.18 08:09:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.08.18 08:08:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 17:15:25 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.16 11:53:43 | 000,618,227 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\adwcleaner.exe
[2012.08.14 22:07:29 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Zerocool 2009\Desktop\esetsmartinstaller_enu.exe
[2012.08.14 19:51:29 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.11 10:55:14 | 000,206,336 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.09 07:17:30 | 131,681,472 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.08 09:55:21 | 000,054,656 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\Gmer.rar
[2012.08.07 15:17:17 | 000,302,592 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\g9y7v07t.exe
[2012.08.07 14:33:45 | 000,000,020 | ---- | M] () -- C:\Users\Zerocool 2009\defogger_reenable
[2012.08.05 22:18:36 | 000,223,664 | ---- | M] () -- C:\Users\Zerocool 2009\Documents\cc_20120805_221800.reg
[2012.08.05 22:07:24 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.05 21:48:24 | 000,000,680 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Local\d3d9caps.dat
[2012.08.05 21:46:57 | 000,001,021 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\Revo Uninstaller.lnk
[2012.07.30 18:30:07 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2012.07.30 18:30:05 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\BlueSoleil.lnk
[2012.07.30 18:29:52 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.30 18:25:53 | 000,621,952 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.30 18:25:53 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.30 18:25:53 | 000,123,852 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.30 18:25:53 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.24 17:17:25 | 034,031,318 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\MOD_! 24 7 2012 17 14 30.scs
[2012.07.22 10:04:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.07.22 10:04:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.07.21 12:39:22 | 000,001,811 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.19 20:12:56 | 000,000,240 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\qf
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\System32\
[2012.08.16 11:53:41 | 000,618,227 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\adwcleaner.exe
[2012.08.09 07:17:30 | 131,681,472 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.08.08 09:55:20 | 000,054,656 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\Gmer.rar
[2012.08.07 15:17:17 | 000,302,592 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\g9y7v07t.exe
[2012.08.07 14:33:18 | 000,000,020 | ---- | C] () -- C:\Users\Zerocool 2009\defogger_reenable
[2012.08.05 22:18:08 | 000,223,664 | ---- | C] () -- C:\Users\Zerocool 2009\Documents\cc_20120805_221800.reg
[2012.08.05 22:07:24 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.05 21:59:23 | 000,001,712 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U\00000001.@
[2012.08.05 21:46:57 | 000,001,021 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\Revo Uninstaller.lnk
[2012.08.05 15:05:53 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U\00000001.@
[2012.08.01 08:34:59 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.30 18:30:05 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\BlueSoleil.lnk
[2012.07.30 18:21:22 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012.07.28 00:59:06 | 034,031,318 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\MOD_! 24 7 2012 17 14 30.scs
[2012.07.22 10:19:54 | 000,000,240 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\qf
[2012.07.22 10:04:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.07.22 10:04:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.07.22 10:02:52 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.07.21 12:39:22 | 000,001,811 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.01.11 14:31:32 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
[2012.01.11 14:31:32 | 000,002,048 | -HS- | C] () -- C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
[2011.07.02 21:30:03 | 000,000,851 | ---- | C] () -- C:\Users\Zerocool 2009\.recently-used.xbel
[2011.02.27 21:06:50 | 000,010,709 | ---- | C] () -- C:\Windows\hpwscr19.dat
[2011.01.27 19:06:58 | 000,548,864 | ---- | C] () -- C:\Windows\System32\JWinAPI.dll
[2010.11.15 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempBz2996.html
[2010.11.15 21:29:04 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Temphj4964.html
[2010.11.15 21:11:56 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempDt5560.html
[2010.11.15 21:11:56 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempAp5560.html
[2010.11.15 21:11:48 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempPC5560.html
[2010.11.15 21:11:48 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Tempgd5560.html
[2010.11.15 21:03:46 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Temppg3312.html
[2010.11.15 21:03:46 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempLS3312.html
[2010.11.15 21:03:45 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempkW3312.html
[2010.11.15 21:03:45 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempKU3312.html
[2010.11.15 20:41:46 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempPD3652.html
[2010.11.15 20:15:27 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempBX5508.html
[2009.08.11 13:34:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.05.05 08:20:48 | 000,000,456 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Roaming\settings.ini
[2009.01.07 21:09:28 | 000,000,680 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\d3d9caps.dat
[2009.01.05 18:11:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.01.05 17:48:50 | 000,206,336 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.03 17:45:33 | 000,270,243 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.03 17:45:26 | 000,270,219 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Acer GameZone Console
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2012.08.17 21:02:50 | 000,000,000 | -HSD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\.#
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Acer GameZone Console
[2009.01.11 13:24:00 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Ashampoo
[2011.12.09 18:54:13 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\bizarre creations
[2011.05.19 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Canon
[2012.08.05 22:14:06 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DAEMON Tools Lite
[2009.01.18 22:18:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\eSobi
[2009.01.05 18:25:49 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu
[2010.11.15 20:14:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu 10
[2011.03.23 18:19:33 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GetRightToGo
[2011.07.02 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\gtk-2.0
[2009.04.08 16:15:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\ipla
[2010.10.03 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Leadertech
[2010.01.18 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Lexware
[2009.01.25 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\MusicNet
[2009.01.26 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nowe Gadu-Gadu
[2009.09.17 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenFM
[2009.04.13 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenOffice.org
[2012.07.22 10:27:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\PC Suite
[2012.07.21 11:53:01 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Samsung
[2010.11.03 20:24:21 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu
[2010.05.09 20:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\uTorrent
[2012.08.17 21:38:40 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.08.17 21:02:50 | 000,000,000 | -HSD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\.#
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Acer GameZone Console
[2009.01.11 13:13:36 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Adobe
[2009.08.15 15:54:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Apple Computer
[2009.01.11 13:24:00 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Ashampoo
[2012.07.21 12:44:46 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Avira
[2011.12.09 18:54:13 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\bizarre creations
[2011.05.19 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Canon
[2011.08.14 14:30:26 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Corel
[2009.01.23 16:43:26 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\CyberLink
[2012.08.05 22:14:06 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DAEMON Tools Lite
[2009.05.17 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DivX
[2009.01.18 22:18:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\eSobi
[2009.01.05 18:25:49 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu
[2010.11.15 20:14:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu 10
[2011.03.23 18:19:33 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GetRightToGo
[2009.01.03 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Google
[2009.01.07 20:32:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GRETECH
[2011.07.02 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\gtk-2.0
[2009.01.03 17:40:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Identities
[2009.04.08 16:15:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\ipla
[2010.10.03 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Leadertech
[2010.01.18 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Lexware
[2009.01.03 17:40:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Macromedia
[2012.01.10 23:55:08 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Media Center Programs
[2009.01.11 11:49:45 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Media Player Classic
[2012.08.01 08:38:54 | 000,000,000 | --SD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Microsoft
[2010.04.11 08:21:14 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks
[2010.11.25 23:20:16 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla
[2009.01.25 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\MusicNet
[2009.01.09 22:28:47 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nero
[2009.01.26 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nowe Gadu-Gadu
[2009.09.17 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenFM
[2009.04.13 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenOffice.org
[2012.07.22 10:27:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\PC Suite
[2010.03.11 15:09:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Real
[2012.07.21 11:53:01 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Samsung
[2012.08.18 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Skype
[2012.03.29 16:07:38 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\skypePM
[2010.11.03 20:24:21 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu
[2010.05.09 20:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\uTorrent
[2009.05.17 18:03:56 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\vlc
[2012.08.09 21:29:16 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Winamp
[2009.01.09 22:14:48 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.04.11 08:21:14 | 000,144,053 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\uninstall.exe
[2010.02.11 21:31:38 | 000,097,216 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.07.06 20:26:58 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
[2010.02.23 22:09:27 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.03.07 20:43:23 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010.03.08 10:27:27 | 000,079,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.10\RUP\vista.exe
[2010.06.28 18:38:02 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.11\setup.exe
[2010.12.03 20:20:29 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.13\chr\ChromeInstaller.exe
[2011.01.31 21:15:19 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2009.06.13 19:37:01 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg0\realplayer11gold.exe
[2009.06.25 20:07:29 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe
[2009.07.06 20:26:58 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg2\realplayer11gold.exe
[2012.07.08 17:07:06 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
[2010.11.03 20:24:08 | 000,696,341 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu\unins000.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys
[2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
__________________
Alt 18.08.2012, 19:31   #18
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Code:
ATTFilter
OTL logfile created on: 18.08.2012 20:01:58 - Run 2
OTL by OldTimer - Version 3.2.58.0     Folder = C:\Users\Zerocool 2009\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,92% Memory free
6,19 Gb Paging File | 4,67 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 22,84 Gb Free Space | 20,50% Space Free | Partition Type: NTFS
Drive D: | 111,44 Gb Total Space | 103,88 Gb Free Space | 93,21% Space Free | Partition Type: NTFS
 
Computer Name: ZEROCOOL2009 | User Name: Zerocool 2009 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.18 19:56:20 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
PRC - [2012.08.08 20:21:21 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010.09.14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.09.09 14:38:16 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.07.25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.03.11 14:47:25 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.03 17:40:49 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\ZEROCO~1\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008.07.20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 18:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.07.02 04:51:00 | 000,821,768 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008.05.15 21:15:04 | 000,102,400 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
PRC - [2008.05.12 23:11:04 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.05.12 23:10:54 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.04.28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.23 16:58:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.03.07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.16 19:35:14 | 000,103,696 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
PRC - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.15 19:10:13 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.06.15 15:09:04 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 15:08:45 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.05.10 13:21:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 13:15:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.10 13:14:08 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.10 13:13:50 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2009.11.16 21:31:58 | 000,069,632 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.31 23:13:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.10.31 23:13:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.10.31 23:13:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.05.12 23:11:06 | 000,753,664 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.05.12 23:11:02 | 000,007,680 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008.05.09 13:04:04 | 000,147,456 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\CLVistaAudioMixer.dll
MOD - [2008.05.09 12:55:52 | 000,176,128 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\mm\_CLHDPlayer.dll
MOD - [2008.05.09 12:55:48 | 000,692,224 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_bsddb.pyd
MOD - [2008.05.09 12:55:48 | 000,006,656 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\winsound.pyd
MOD - [2008.05.09 12:55:46 | 000,479,232 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_ssl.pyd
MOD - [2008.05.09 12:55:46 | 000,135,168 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\pyexpat.pyd
MOD - [2008.05.09 12:55:46 | 000,049,152 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\Koan\_socket.pyd
MOD - [2008.05.09 12:55:40 | 000,065,536 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\zlib.pyd
MOD - [2008.04.23 16:58:20 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.03.05 00:38:16 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.16 19:35:34 | 000,053,248 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\mm\_CLMSBrowser.dll
MOD - [2008.01.16 19:35:26 | 000,479,232 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_ssl.pyd
MOD - [2008.01.16 19:35:26 | 000,049,152 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_socket.pyd
MOD - [2008.01.16 19:35:24 | 000,692,224 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\_bsddb.pyd
MOD - [2008.01.16 19:35:24 | 000,405,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\unicodedata.pyd
MOD - [2008.01.16 19:35:24 | 000,006,656 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\winsound.pyd
MOD - [2008.01.16 19:35:22 | 000,135,168 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Koan\pyexpat.pyd
MOD - [2008.01.16 19:35:14 | 000,065,536 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\zlib.pyd
MOD - [2008.01.16 19:35:12 | 000,039,936 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\CLVistaAudioMixer.dll
MOD - [2008.01.16 19:35:04 | 000,184,399 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLNetMediaDMA.dll
MOD - [2008.01.16 19:35:04 | 000,127,074 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLNetMediaCDS.dll
MOD - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.08.15 19:03:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.20 20:49:44 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.03.05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\clwvd.sys -- (clwvd)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.01.09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.10.03 11:53:19 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.11 13:33:11 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.08.07 09:05:44 | 007,545,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.08.07 09:05:42 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.07.28 09:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.05.09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.04.28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.04.21 05:07:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.21 11:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.16 19:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.05.11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007.05.09 01:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007.03.28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.03.05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 05:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007.03.05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007.03.05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE308
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE308
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes,DefaultScope = {B7131AF1-38F8-4649-BFEF-028C2F02F9C8}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=ntJ1vLMjzzqiWBbfvC7Wdcq80o4?q={searchTerms}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=0fc6abe7-9006-40bc-8950-d7f13e543b3e&apn_sauid=229EF2EC-ECB8-4382-911E-EE185AE02D46
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{B7131AF1-38F8-4649-BFEF-028C2F02F9C8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://web.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.11 14:59:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 20:49:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 15:35:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 20:49:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 15:35:17 | 000,000,000 | ---D | M]
 
[2010.11.25 23:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Extensions
[2012.08.10 20:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions
[2010.11.28 14:11:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.28 12:19:28 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Zerocool 2009\AppData\Roaming\mozilla\Firefox\Profiles\ie7pj207.default\extensions\maps@ovi.com
[2011.12.19 22:18:39 | 000,000,933 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\11-suche.xml
[2011.12.19 22:18:39 | 000,002,419 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 22:18:39 | 000,010,525 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\gmx-suche.xml
[2011.12.19 22:18:39 | 000,002,457 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\lastminute.xml
[2011.12.19 22:18:39 | 000,005,508 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\searchplugins\webde-suche.xml
[2012.03.29 16:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.20 20:49:46 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.17 17:23:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.20 20:49:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.20 20:49:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.20 20:49:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.20 20:49:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.20 20:49:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.20 20:49:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.3.1/jinstall-1_3_1_15-windows-i586.cab (Java Plug-in 1.3.1_15)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E6AE4EF-C04C-45F9-8F7E-23246DA528DA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9D8EA02-4A67-433C-8EB2-54278859636D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= -  File not found
MsConfig - StartUpReg: mcagent_exe - hkey= - key= -  File not found
MsConfig - StartUpReg: NokiaSuite.exe - hkey= - key= - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.18 19:56:18 | 000,598,016 | ---- | C] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
[2012.08.18 10:39:35 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Documents\Nokia Suite
[2012.08.14 22:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.08.14 22:07:27 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Zerocool 2009\Desktop\esetsmartinstaller_enu.exe
[2012.08.05 22:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.05 22:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.05 21:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.08.05 21:46:57 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.08.01 08:38:54 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Local\Macromedia
[2012.07.30 18:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVT BlueSoleil
[2012.07.29 11:38:57 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Austriapack
[2012.07.28 21:07:08 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Harrys Schwerlast
[2012.07.28 21:04:37 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\HarrysMap3.9
[2012.07.22 17:26:25 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\Wycieczka2
[2012.07.21 12:44:46 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\AppData\Roaming\Avira
[2012.07.21 12:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.21 12:38:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.07.21 12:38:34 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.07.21 12:38:34 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.07.21 12:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.07.20 14:50:33 | 000,000,000 | ---D | C] -- C:\Users\Zerocool 2009\Desktop\basen
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2012.08.18 20:08:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 20:08:49 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 20:08:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.18 20:02:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.18 19:59:58 | 000,270,243 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.18 19:59:58 | 000,270,219 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.18 19:56:20 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Zerocool 2009\Desktop\OTL(1).exe
[2012.08.18 10:08:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.18 08:09:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.08.18 08:08:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 17:15:25 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.16 11:53:43 | 000,618,227 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\adwcleaner.exe
[2012.08.14 22:07:29 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Zerocool 2009\Desktop\esetsmartinstaller_enu.exe
[2012.08.14 19:51:29 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.11 10:55:14 | 000,206,336 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.09 07:17:30 | 131,681,472 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.08 09:55:21 | 000,054,656 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\Gmer.rar
[2012.08.07 15:17:17 | 000,302,592 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\g9y7v07t.exe
[2012.08.07 14:33:45 | 000,000,020 | ---- | M] () -- C:\Users\Zerocool 2009\defogger_reenable
[2012.08.05 22:18:36 | 000,223,664 | ---- | M] () -- C:\Users\Zerocool 2009\Documents\cc_20120805_221800.reg
[2012.08.05 22:07:24 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.05 21:48:24 | 000,000,680 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Local\d3d9caps.dat
[2012.08.05 21:46:57 | 000,001,021 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\Revo Uninstaller.lnk
[2012.07.30 18:30:07 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2012.07.30 18:30:05 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\BlueSoleil.lnk
[2012.07.30 18:29:52 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.30 18:25:53 | 000,621,952 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.30 18:25:53 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.30 18:25:53 | 000,123,852 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.30 18:25:53 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.24 17:17:25 | 034,031,318 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\MOD_! 24 7 2012 17 14 30.scs
[2012.07.22 10:04:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.07.22 10:04:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.07.21 12:39:22 | 000,001,811 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.19 20:12:56 | 000,000,240 | ---- | M] () -- C:\Users\Zerocool 2009\Desktop\qf
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\System32\
[2012.08.16 11:53:41 | 000,618,227 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\adwcleaner.exe
[2012.08.09 07:17:30 | 131,681,472 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.08.08 09:55:20 | 000,054,656 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\Gmer.rar
[2012.08.07 15:17:17 | 000,302,592 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\g9y7v07t.exe
[2012.08.07 14:33:18 | 000,000,020 | ---- | C] () -- C:\Users\Zerocool 2009\defogger_reenable
[2012.08.05 22:18:08 | 000,223,664 | ---- | C] () -- C:\Users\Zerocool 2009\Documents\cc_20120805_221800.reg
[2012.08.05 22:07:24 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.05 21:59:23 | 000,001,712 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U\00000001.@
[2012.08.05 21:46:57 | 000,001,021 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\Revo Uninstaller.lnk
[2012.08.05 15:05:53 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U\00000001.@
[2012.08.01 08:34:59 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.30 18:30:05 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\BlueSoleil.lnk
[2012.07.30 18:21:22 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012.07.28 00:59:06 | 034,031,318 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\MOD_! 24 7 2012 17 14 30.scs
[2012.07.22 10:19:54 | 000,000,240 | ---- | C] () -- C:\Users\Zerocool 2009\Desktop\qf
[2012.07.22 10:04:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.07.22 10:04:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.07.22 10:02:52 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.07.21 12:39:22 | 000,001,811 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.01.11 14:31:32 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
[2012.01.11 14:31:32 | 000,002,048 | -HS- | C] () -- C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
[2011.07.02 21:30:03 | 000,000,851 | ---- | C] () -- C:\Users\Zerocool 2009\.recently-used.xbel
[2011.02.27 21:06:50 | 000,010,709 | ---- | C] () -- C:\Windows\hpwscr19.dat
[2011.01.27 19:06:58 | 000,548,864 | ---- | C] () -- C:\Windows\System32\JWinAPI.dll
[2010.11.15 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempBz2996.html
[2010.11.15 21:29:04 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Temphj4964.html
[2010.11.15 21:11:56 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempDt5560.html
[2010.11.15 21:11:56 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempAp5560.html
[2010.11.15 21:11:48 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempPC5560.html
[2010.11.15 21:11:48 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Tempgd5560.html
[2010.11.15 21:03:46 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\Temppg3312.html
[2010.11.15 21:03:46 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempLS3312.html
[2010.11.15 21:03:45 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempkW3312.html
[2010.11.15 21:03:45 | 000,002,089 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempKU3312.html
[2010.11.15 20:41:46 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempPD3652.html
[2010.11.15 20:15:27 | 000,002,432 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\TempBX5508.html
[2009.08.11 13:34:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.05.05 08:20:48 | 000,000,456 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Roaming\settings.ini
[2009.01.07 21:09:28 | 000,000,680 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\d3d9caps.dat
[2009.01.05 18:11:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.01.05 17:48:50 | 000,206,336 | ---- | C] () -- C:\Users\Zerocool 2009\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.03 17:45:33 | 000,270,243 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.03 17:45:26 | 000,270,219 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Acer GameZone Console
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2012.08.17 21:02:50 | 000,000,000 | -HSD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\.#
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Acer GameZone Console
[2009.01.11 13:24:00 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Ashampoo
[2011.12.09 18:54:13 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\bizarre creations
[2011.05.19 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Canon
[2012.08.05 22:14:06 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DAEMON Tools Lite
[2009.01.18 22:18:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\eSobi
[2009.01.05 18:25:49 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu
[2010.11.15 20:14:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu 10
[2011.03.23 18:19:33 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GetRightToGo
[2011.07.02 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\gtk-2.0
[2009.04.08 16:15:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\ipla
[2010.10.03 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Leadertech
[2010.01.18 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Lexware
[2009.01.25 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\MusicNet
[2009.01.26 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nowe Gadu-Gadu
[2009.09.17 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenFM
[2009.04.13 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenOffice.org
[2012.07.22 10:27:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\PC Suite
[2012.07.21 11:53:01 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Samsung
[2010.11.03 20:24:21 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu
[2010.05.09 20:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\uTorrent
[2012.08.17 21:38:40 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.08.17 21:02:50 | 000,000,000 | -HSD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\.#
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Acer GameZone Console
[2009.01.11 13:13:36 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Adobe
[2009.08.15 15:54:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Apple Computer
[2009.01.11 13:24:00 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Ashampoo
[2012.07.21 12:44:46 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Avira
[2011.12.09 18:54:13 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\bizarre creations
[2011.05.19 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Canon
[2011.08.14 14:30:26 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Corel
[2009.01.23 16:43:26 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\CyberLink
[2012.08.05 22:14:06 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DAEMON Tools Lite
[2009.05.17 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\DivX
[2009.01.18 22:18:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\eSobi
[2009.01.05 18:25:49 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu
[2010.11.15 20:14:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Gadu-Gadu 10
[2011.03.23 18:19:33 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GetRightToGo
[2009.01.03 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Google
[2009.01.07 20:32:10 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\GRETECH
[2011.07.02 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\gtk-2.0
[2009.01.03 17:40:28 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Identities
[2009.04.08 16:15:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\ipla
[2010.10.03 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Leadertech
[2010.01.18 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Lexware
[2009.01.03 17:40:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Macromedia
[2012.01.10 23:55:08 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Media Center Programs
[2009.01.11 11:49:45 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Media Player Classic
[2012.08.01 08:38:54 | 000,000,000 | --SD | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Microsoft
[2010.04.11 08:21:14 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks
[2010.11.25 23:20:16 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Mozilla
[2009.01.25 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\MusicNet
[2009.01.09 22:28:47 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nero
[2009.01.26 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Nowe Gadu-Gadu
[2009.09.17 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenFM
[2009.04.13 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\OpenOffice.org
[2012.07.22 10:27:55 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\PC Suite
[2010.03.11 15:09:03 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Real
[2012.07.21 11:53:01 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Samsung
[2012.08.18 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Skype
[2012.03.29 16:07:38 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\skypePM
[2010.11.03 20:24:21 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu
[2010.05.09 20:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\uTorrent
[2009.05.17 18:03:56 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\vlc
[2012.08.09 21:29:16 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\Winamp
[2009.01.09 22:14:48 | 000,000,000 | ---D | M] -- C:\Users\Zerocool 2009\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.04.11 08:21:14 | 000,144,053 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\uninstall.exe
[2010.02.11 21:31:38 | 000,097,216 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.07.06 20:26:58 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
[2010.02.23 22:09:27 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.03.07 20:43:23 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010.03.08 10:27:27 | 000,079,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.10\RUP\vista.exe
[2010.06.28 18:38:02 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.11\setup.exe
[2010.12.03 20:20:29 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.13\chr\ChromeInstaller.exe
[2011.01.31 21:15:19 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2009.06.13 19:37:01 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg0\realplayer11gold.exe
[2009.06.25 20:07:29 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe
[2009.07.06 20:26:58 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\temp\~Upg2\realplayer11gold.exe
[2012.07.08 17:07:06 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Zerocool 2009\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
[2010.11.03 20:24:08 | 000,696,341 | ---- | M] () -- C:\Users\Zerocool 2009\AppData\Roaming\UBitMenu\unins000.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys
[2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
__________________
Alt 20.08.2012, 16:39   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=ntJ1vLMjzzqiWBbfvC7Wdcq80o4?q={searchTerms}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=0fc6abe7-9006-40bc-8950-d7f13e543b3e&apn_sauid=229EF2EC-ECB8-4382-911E-EE185AE02D46
FF - user.js - File not found
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L
:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U
:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n
:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
C:\Users\Zerocool 2009\AppData\Local\*.html
C:\Users\Zerocool 2009\AppData\Roaming\.#
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.08.2012, 20:14   #20
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Hier ist das Ergebnis, nur mal aus Neugier was ist jetzt eigentlich mit meinem System ich befolge brav die Anweisungen würde aber gerne Wissen was ich da mache trotz des 1000% Vertrauens und voller Dankbarkeit.
Code:
ATTFilter
 All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L folder moved successfully.
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U folder moved successfully.
File\Folder C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n not found.
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@ moved successfully.
Error: Unable to interpret <:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L> in the current context!
Error: Unable to interpret <:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U> in the current context!
Error: Unable to interpret <:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n> in the current context!
Error: Unable to interpret <:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@> in the current context!
Error: Unable to interpret <C:\Users\Zerocool 2009\AppData\Local\*.html> in the current context!
Error: Unable to interpret <C:\Users\Zerocool 2009\AppData\Roaming\.#> in the current context!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 380939 bytes
->Temporary Internet Files folder emptied: 685548 bytes
->Flash cache emptied: 75 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 400707 bytes
->Flash cache emptied: 56478 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Zerocool 2009
->Temp folder emptied: 149896409 bytes
->Temporary Internet Files folder emptied: 168009402 bytes
->Java cache emptied: 32904497 bytes
->FireFox cache emptied: 751570946 bytes
->Apple Safari cache emptied: 50171904 bytes
->Flash cache emptied: 96875 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2428680 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1976638 bytes
RecycleBin emptied: 1081600 bytes
 
Total Files Cleaned = 1.106,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Zerocool 2009
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.58.0 log created on 08202012_210006

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 21.08.2012, 12:24   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Wir fixen damit Einträge und löschen Dateien und Ordner vom Schädling

Ich hatte da leider ein paar kleine Fehler im Script, wiederhol das bitte mit diesem korrigierten Script:

Code:
ATTFilter
:OTL
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=ntJ1vLMjzzqiWBbfvC7Wdcq80o4?q={searchTerms}
IE - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000\..\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=0fc6abe7-9006-40bc-8950-d7f13e543b3e&apn_sauid=229EF2EC-ECB8-4382-911E-EE185AE02D46
FF - user.js - File not found
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKU\S-1-5-21-2039312405-3540577612-1764067970-1000..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n
C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@
C:\Users\Zerocool 2009\AppData\Local\*.html
C:\Users\Zerocool 2009\AppData\Roaming\.#
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
__________________
--> TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen

Alt 26.08.2012, 15:41   #22
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Ist mein Systemn jetzt sauber?? wen ja was kann ich tun damit es so bleibt??
Code:
ATTFilter
 All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F5CC92D-83E2-4B11-8BF2-A6526D4E1B12}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService not found.
Registry value HKEY_USERS\S-1-5-21-2039312405-3540577612-1764067970-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
========== FILES ==========
File\Folder C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L not found.
File\Folder C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U not found.
File\Folder C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n not found.
File\Folder C:\Users\Zerocool 2009\AppData\Local\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@ not found.
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\L folder moved successfully.
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\U folder moved successfully.
File\Folder C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\n not found.
C:\Windows\Installer\{c2f6d2ed-da52-20b6-2d28-9c7af25a1553}\@ moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempAp5560.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempBX5508.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempBz2996.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempDt5560.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\Tempgd5560.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\Temphj4964.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempKU3312.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempkW3312.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempLS3312.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempPC5560.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\TempPD3652.html moved successfully.
C:\Users\Zerocool 2009\AppData\Local\Temppg3312.html moved successfully.
C:\Users\Zerocool 2009\AppData\Roaming\.# folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Zerocool 2009
->Temp folder emptied: 3098591 bytes
->Temporary Internet Files folder emptied: 352844740 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 726401384 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 7852679 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13798 bytes
RecycleBin emptied: 138669 bytes
 
Total Files Cleaned = 1.040,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Zerocool 2009
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.58.0 log created on 08262012_162401

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 30.08.2012, 18:43   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.09.2012, 19:57   #24
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Code:
ATTFilter
 20:48:30.0075 0688  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:48:30.0257 0688  ============================================================
20:48:30.0257 0688  Current date / time: 2012/09/03 20:48:30.0257
20:48:30.0257 0688  SystemInfo:
20:48:30.0257 0688  
20:48:30.0257 0688  OS Version: 6.0.6002 ServicePack: 2.0
20:48:30.0257 0688  Product type: Workstation
20:48:30.0258 0688  ComputerName: ZEROCOOL2009
20:48:30.0258 0688  UserName: Zerocool 2009
20:48:30.0258 0688  Windows directory: C:\Windows
20:48:30.0258 0688  System windows directory: C:\Windows
20:48:30.0258 0688  Processor architecture: Intel x86
20:48:30.0258 0688  Number of processors: 2
20:48:30.0258 0688  Page size: 0x1000
20:48:30.0258 0688  Boot type: Normal boot
20:48:30.0258 0688  ============================================================
20:48:30.0977 0688  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:48:30.0980 0688  ============================================================
20:48:30.0980 0688  \Device\Harddisk0\DR0:
20:48:30.0980 0688  MBR partitions:
20:48:30.0980 0688  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xDEE2000
20:48:30.0980 0688  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2E2800, BlocksNum 0xDEE2800
20:48:30.0980 0688  ============================================================
20:48:31.0041 0688  C: <-> \Device\Harddisk0\DR0\Partition1
20:48:31.0119 0688  D: <-> \Device\Harddisk0\DR0\Partition2
20:48:31.0120 0688  ============================================================
20:48:31.0120 0688  Initialize success
20:48:31.0120 0688  ============================================================
20:50:08.0430 3820  ============================================================
20:50:08.0430 3820  Scan started
20:50:08.0430 3820  Mode: Manual; SigCheck; TDLFS; 
20:50:08.0430 3820  ============================================================
20:50:08.0904 3820  ================ Scan system memory ========================
20:50:08.0905 3820  System memory - ok
20:50:08.0905 3820  ================ Scan services =============================
20:50:09.0213 3820  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:50:09.0369 3820  ACPI - ok
20:50:09.0473 3820  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:09.0495 3820  AdobeFlashPlayerUpdateSvc - ok
20:50:09.0566 3820  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:50:09.0605 3820  adp94xx - ok
20:50:09.0653 3820  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:50:09.0682 3820  adpahci - ok
20:50:09.0729 3820  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:50:09.0752 3820  adpu160m - ok
20:50:09.0790 3820  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:50:09.0815 3820  adpu320 - ok
20:50:09.0872 3820  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:50:10.0030 3820  AeLookupSvc - ok
20:50:10.0092 3820  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:50:10.0197 3820  AFD - ok
20:50:10.0221 3820  [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
20:50:10.0283 3820  AgereModemAudio - ok
20:50:10.0370 3820  [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
20:50:10.0498 3820  AgereSoftModem - ok
20:50:10.0531 3820  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:50:10.0553 3820  agp440 - ok
20:50:10.0585 3820  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:50:10.0608 3820  aic78xx - ok
20:50:10.0646 3820  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:50:10.0791 3820  ALG - ok
20:50:10.0818 3820  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:50:10.0838 3820  aliide - ok
20:50:10.0860 3820  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:50:10.0881 3820  amdagp - ok
20:50:10.0919 3820  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:50:10.0939 3820  amdide - ok
20:50:10.0980 3820  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:50:11.0036 3820  AmdK7 - ok
20:50:11.0092 3820  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:50:11.0148 3820  AmdK8 - ok
20:50:11.0236 3820  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:50:11.0256 3820  AntiVirSchedulerService - ok
20:50:11.0313 3820  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:50:11.0331 3820  AntiVirService - ok
20:50:11.0366 3820  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:50:11.0435 3820  Appinfo - ok
20:50:11.0449 3820  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
20:50:11.0473 3820  arc - ok
20:50:11.0496 3820  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:50:11.0517 3820  arcsas - ok
20:50:11.0562 3820  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:50:11.0618 3820  AsyncMac - ok
20:50:11.0668 3820  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:50:11.0689 3820  atapi - ok
20:50:11.0753 3820  [ 8BE56F8300E1C37B578DA23C71816B7A ] athr            C:\Windows\system32\DRIVERS\athr.sys
20:50:11.0894 3820  athr - ok
20:50:11.0955 3820  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:50:12.0001 3820  AudioEndpointBuilder - ok
20:50:12.0023 3820  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:50:12.0059 3820  Audiosrv - ok
20:50:12.0103 3820  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:50:12.0129 3820  avgntflt - ok
20:50:12.0163 3820  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:50:12.0187 3820  avipbb - ok
20:50:12.0244 3820  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:50:12.0263 3820  avkmgr - ok
20:50:12.0341 3820  [ 7D0F2BFA273831124FA08526AF48AF18 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:50:12.0404 3820  b57nd60x - ok
20:50:12.0455 3820  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:50:12.0531 3820  Beep - ok
20:50:12.0631 3820  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
20:50:12.0774 3820  BITS - ok
20:50:12.0798 3820  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:50:12.0853 3820  blbdrive - ok
20:50:12.0895 3820  [ 852A1BD08E7DFEB9E30B5440881C0501 ] BlueletAudio    C:\Windows\system32\DRIVERS\blueletaudio.sys
20:50:12.0911 3820  BlueletAudio - ok
20:50:12.0962 3820  [ 8FC27B12A02B43947787F0EF1885DF9B ] BlueletSCOAudio C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
20:50:12.0977 3820  BlueletSCOAudio - ok
20:50:13.0012 3820  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:50:13.0087 3820  bowser - ok
20:50:13.0113 3820  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:50:13.0145 3820  BrFiltLo - ok
20:50:13.0176 3820  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:50:13.0236 3820  BrFiltUp - ok
20:50:13.0277 3820  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:50:13.0347 3820  Browser - ok
20:50:13.0410 3820  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:50:13.0634 3820  Brserid - ok
20:50:13.0660 3820  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:50:13.0748 3820  BrSerWdm - ok
20:50:13.0797 3820  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:50:13.0883 3820  BrUsbMdm - ok
20:50:13.0915 3820  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:50:13.0997 3820  BrUsbSer - ok
20:50:14.0045 3820  [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys
20:50:14.0060 3820  BT - ok
20:50:14.0109 3820  [ DA473D279420234170DA795F1CAD4479 ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
20:50:14.0124 3820  Btcsrusb - ok
20:50:14.0159 3820  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:50:14.0213 3820  BthEnum - ok
20:50:14.0242 3820  [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum       C:\Windows\system32\Drivers\vbtenum.sys
20:50:14.0258 3820  BTHidEnum - ok
20:50:14.0283 3820  [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr        C:\Windows\system32\Drivers\BTHidMgr.sys
20:50:14.0299 3820  BTHidMgr - ok
20:50:14.0334 3820  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:50:14.0415 3820  BTHMODEM - ok
20:50:14.0455 3820  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:50:14.0543 3820  BthPan - ok
20:50:14.0612 3820  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:50:14.0752 3820  BTHPORT - ok
20:50:14.0795 3820  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
20:50:14.0841 3820  BthServ - ok
20:50:14.0869 3820  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:50:14.0890 3820  BTHUSB - ok
20:50:15.0007 3820  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
20:50:15.0012 3820  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
20:50:15.0012 3820  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
20:50:15.0033 3820  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:50:15.0105 3820  cdfs - ok
20:50:15.0178 3820  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:50:15.0226 3820  cdrom - ok
20:50:15.0257 3820  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:50:15.0301 3820  CertPropSvc - ok
20:50:15.0347 3820  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:50:15.0403 3820  circlass - ok
20:50:15.0455 3820  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:50:15.0487 3820  CLFS - ok
20:50:15.0575 3820  [ 5CA9B1062C0C3E3AE19C23AD9D8A5048 ] CLHNService     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
20:50:15.0609 3820  CLHNService ( UnsignedFile.Multi.Generic ) - warning
20:50:15.0609 3820  CLHNService - detected UnsignedFile.Multi.Generic (1)
20:50:15.0687 3820  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:15.0709 3820  clr_optimization_v2.0.50727_32 - ok
20:50:15.0760 3820  clwvd - ok
20:50:15.0786 3820  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:50:15.0836 3820  CmBatt - ok
20:50:15.0872 3820  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:50:15.0892 3820  cmdide - ok
20:50:15.0928 3820  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:50:15.0948 3820  Compbatt - ok
20:50:15.0957 3820  COMSysApp - ok
20:50:15.0965 3820  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:50:15.0985 3820  crcdisk - ok
20:50:16.0006 3820  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:50:16.0054 3820  Crusoe - ok
20:50:16.0100 3820  [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:50:16.0150 3820  CryptSvc - ok
20:50:16.0193 3820  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:50:16.0252 3820  DcomLaunch - ok
20:50:16.0282 3820  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:50:16.0323 3820  DfsC - ok
20:50:16.0463 3820  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:50:16.0659 3820  DFSR - ok
20:50:16.0713 3820  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:50:16.0757 3820  Dhcp - ok
20:50:16.0805 3820  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:50:16.0827 3820  disk - ok
20:50:16.0883 3820  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
20:50:16.0899 3820  DKbFltr - ok
20:50:16.0938 3820  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:50:16.0988 3820  Dnscache - ok
20:50:17.0024 3820  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:50:17.0059 3820  dot3svc - ok
20:50:17.0110 3820  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:50:17.0163 3820  Dot4 - ok
20:50:17.0182 3820  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:50:17.0222 3820  Dot4Print - ok
20:50:17.0270 3820  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
20:50:17.0328 3820  dot4usb - ok
20:50:17.0376 3820  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:50:17.0431 3820  DPS - ok
20:50:17.0483 3820  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:50:17.0531 3820  drmkaud - ok
20:50:17.0615 3820  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:50:17.0666 3820  DXGKrnl - ok
20:50:17.0715 3820  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:50:17.0769 3820  E1G60 - ok
20:50:17.0813 3820  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:50:17.0846 3820  EapHost - ok
20:50:17.0913 3820  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:50:17.0936 3820  Ecache - ok
20:50:18.0079 3820  [ B7DC2580425225C320CEDA78DE55A3D0 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
20:50:18.0108 3820  eDataSecurity Service - ok
20:50:18.0203 3820  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:50:18.0237 3820  ehRecvr - ok
20:50:18.0277 3820  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:50:18.0321 3820  ehSched - ok
20:50:18.0356 3820  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:50:18.0388 3820  ehstart - ok
20:50:18.0431 3820  [ 44996A2ADDD2DB7454F2CA40B67D8941 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
20:50:18.0449 3820  ElbyCDIO - ok
20:50:18.0493 3820  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:50:18.0526 3820  elxstor - ok
20:50:18.0638 3820  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:50:18.0733 3820  EMDMgmt - ok
20:50:18.0783 3820  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:50:18.0836 3820  ErrDev - ok
20:50:18.0887 3820  [ A51FD9DF23720485991F56741BBEFCFB ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
20:50:18.0893 3820  ETService ( UnsignedFile.Multi.Generic ) - warning
20:50:18.0893 3820  ETService - detected UnsignedFile.Multi.Generic (1)
20:50:18.0969 3820  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:50:19.0018 3820  EventSystem - ok
20:50:19.0072 3820  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:50:19.0150 3820  exfat - ok
20:50:19.0209 3820  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:50:19.0285 3820  fastfat - ok
20:50:19.0357 3820  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:50:19.0410 3820  fdc - ok
20:50:19.0457 3820  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:50:19.0499 3820  fdPHost - ok
20:50:19.0529 3820  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:50:19.0620 3820  FDResPub - ok
20:50:19.0649 3820  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:50:19.0670 3820  FileInfo - ok
20:50:19.0692 3820  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:50:19.0758 3820  Filetrace - ok
20:50:19.0781 3820  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:50:19.0838 3820  flpydisk - ok
20:50:19.0877 3820  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:50:19.0902 3820  FltMgr - ok
20:50:19.0982 3820  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
20:50:20.0110 3820  FontCache - ok
20:50:20.0225 3820  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:50:20.0244 3820  FontCache3.0.0.0 - ok
20:50:20.0288 3820  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:50:20.0332 3820  Fs_Rec - ok
20:50:20.0392 3820  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:50:20.0413 3820  gagp30kx - ok
20:50:20.0486 3820  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:50:20.0502 3820  GoogleDesktopManager-051210-111108 - ok
20:50:20.0590 3820  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:50:20.0657 3820  gpsvc - ok
20:50:20.0736 3820  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:20.0753 3820  gupdate - ok
20:50:20.0803 3820  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:20.0820 3820  gupdatem - ok
20:50:20.0892 3820  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:50:20.0911 3820  gusvc - ok
20:50:20.0976 3820  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:50:21.0068 3820  HdAudAddService - ok
20:50:21.0145 3820  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:50:21.0275 3820  HDAudBus - ok
20:50:21.0305 3820  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:50:21.0383 3820  HidBth - ok
20:50:21.0404 3820  [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:50:21.0436 3820  HidIr - ok
20:50:21.0475 3820  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
20:50:21.0513 3820  hidserv - ok
20:50:21.0591 3820  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:50:21.0635 3820  HidUsb - ok
20:50:21.0678 3820  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:50:21.0732 3820  hkmsvc - ok
20:50:21.0754 3820  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:50:21.0775 3820  HpCISSs - ok
20:50:21.0838 3820  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:50:21.0920 3820  HTTP - ok
20:50:21.0952 3820  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:50:21.0973 3820  i2omp - ok
20:50:22.0034 3820  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:50:22.0077 3820  i8042prt - ok
20:50:22.0152 3820  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:50:22.0178 3820  IAANTMON - ok
20:50:22.0245 3820  [ 707C1692214B1C290271067197F075F6 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:50:22.0266 3820  iaStor - ok
20:50:22.0304 3820  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:50:22.0331 3820  iaStorV - ok
20:50:22.0435 3820  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:50:22.0538 3820  idsvc - ok
20:50:22.0567 3820  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:50:22.0586 3820  iirsp - ok
20:50:22.0667 3820  [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:50:22.0684 3820  IJPLMSVC - ok
20:50:22.0754 3820  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:50:22.0824 3820  IKEEXT - ok
20:50:22.0876 3820  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
20:50:22.0892 3820  int15 - ok
20:50:22.0995 3820  [ 3CFA12FEFEA751DAE7B8133A6EF3C0D9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:50:23.0176 3820  IntcAzAudAddService - ok
20:50:23.0208 3820  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:50:23.0230 3820  intelide - ok
20:50:23.0267 3820  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:50:23.0316 3820  intelppm - ok
20:50:23.0358 3820  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:50:23.0411 3820  IPBusEnum - ok
20:50:23.0442 3820  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:50:23.0500 3820  IpFilterDriver - ok
20:50:23.0506 3820  IpInIp - ok
20:50:23.0553 3820  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:50:23.0594 3820  IPMIDRV - ok
20:50:23.0615 3820  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:50:23.0657 3820  IPNAT - ok
20:50:23.0694 3820  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:50:23.0737 3820  IRENUM - ok
20:50:23.0769 3820  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:50:23.0790 3820  isapnp - ok
20:50:23.0833 3820  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:50:23.0858 3820  iScsiPrt - ok
20:50:23.0911 3820  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:50:23.0929 3820  iteatapi - ok
20:50:23.0944 3820  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:50:23.0963 3820  iteraid - ok
20:50:23.0984 3820  [ 858C550EBBD243826A2193262C1B54A3 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
20:50:24.0057 3820  JMCR - ok
20:50:24.0082 3820  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:50:24.0106 3820  kbdclass - ok
20:50:24.0142 3820  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:50:24.0190 3820  kbdhid - ok
20:50:24.0245 3820  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:50:24.0292 3820  KeyIso - ok
20:50:24.0372 3820  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:50:24.0407 3820  KSecDD - ok
20:50:24.0463 3820  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:50:24.0516 3820  KtmRm - ok
20:50:24.0533 3820  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:50:24.0584 3820  LanmanServer - ok
20:50:24.0614 3820  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:50:24.0667 3820  LanmanWorkstation - ok
20:50:24.0740 3820  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:50:24.0746 3820  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:50:24.0746 3820  LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:50:24.0781 3820  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:50:24.0822 3820  lltdio - ok
20:50:24.0876 3820  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:50:24.0929 3820  lltdsvc - ok
20:50:24.0954 3820  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:50:25.0029 3820  lmhosts - ok
20:50:25.0056 3820  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:50:25.0078 3820  LSI_FC - ok
20:50:25.0100 3820  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:50:25.0123 3820  LSI_SAS - ok
20:50:25.0145 3820  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:50:25.0167 3820  LSI_SCSI - ok
20:50:25.0191 3820  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:50:25.0245 3820  luafv - ok
20:50:25.0293 3820  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:50:25.0325 3820  Mcx2Svc - ok
20:50:25.0355 3820  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:50:25.0376 3820  megasas - ok
20:50:25.0411 3820  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:50:25.0463 3820  MegaSR - ok
20:50:25.0597 3820  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:50:25.0616 3820  Microsoft Office Groove Audit Service - ok
20:50:25.0646 3820  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:50:25.0699 3820  MMCSS - ok
20:50:25.0739 3820  MobilityService - ok
20:50:25.0792 3820  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:50:25.0845 3820  Modem - ok
20:50:25.0884 3820  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:50:25.0925 3820  monitor - ok
20:50:25.0943 3820  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:50:25.0964 3820  mouclass - ok
20:50:25.0988 3820  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:50:26.0028 3820  mouhid - ok
20:50:26.0067 3820  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:50:26.0087 3820  MountMgr - ok
20:50:26.0152 3820  [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:50:26.0174 3820  MozillaMaintenance - ok
20:50:26.0213 3820  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:50:26.0237 3820  mpio - ok
20:50:26.0257 3820  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:50:26.0296 3820  mpsdrv - ok
20:50:26.0325 3820  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:50:26.0343 3820  Mraid35x - ok
20:50:26.0379 3820  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:50:26.0414 3820  MRxDAV - ok
20:50:26.0465 3820  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:50:26.0502 3820  mrxsmb - ok
20:50:26.0552 3820  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:50:26.0591 3820  mrxsmb10 - ok
20:50:26.0599 3820  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:50:26.0624 3820  mrxsmb20 - ok
20:50:26.0663 3820  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:50:26.0684 3820  msahci - ok
20:50:26.0729 3820  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:50:26.0752 3820  msdsm - ok
20:50:26.0778 3820  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:50:26.0837 3820  MSDTC - ok
20:50:26.0880 3820  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:50:26.0953 3820  Msfs - ok
20:50:26.0997 3820  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:50:27.0017 3820  msisadrv - ok
20:50:27.0042 3820  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:50:27.0102 3820  MSiSCSI - ok
20:50:27.0108 3820  msiserver - ok
20:50:27.0157 3820  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:50:27.0213 3820  MSKSSRV - ok
20:50:27.0247 3820  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:50:27.0287 3820  MSPCLOCK - ok
20:50:27.0302 3820  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:50:27.0342 3820  MSPQM - ok
20:50:27.0405 3820  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:50:27.0429 3820  MsRPC - ok
20:50:27.0442 3820  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:50:27.0462 3820  mssmbios - ok
20:50:27.0499 3820  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:50:27.0552 3820  MSTEE - ok
20:50:27.0601 3820  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:50:27.0622 3820  Mup - ok
20:50:27.0670 3820  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:50:27.0717 3820  napagent - ok
20:50:27.0766 3820  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:50:27.0803 3820  NativeWifiP - ok
20:50:27.0855 3820  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:50:27.0905 3820  NDIS - ok
20:50:27.0971 3820  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:50:28.0015 3820  NdisTapi - ok
20:50:28.0035 3820  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:50:28.0075 3820  Ndisuio - ok
20:50:28.0125 3820  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:50:28.0158 3820  NdisWan - ok
20:50:28.0197 3820  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:50:28.0230 3820  NDProxy - ok
20:50:28.0284 3820  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:50:28.0291 3820  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:50:28.0291 3820  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:50:28.0307 3820  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:50:28.0356 3820  NetBIOS - ok
20:50:28.0392 3820  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:50:28.0443 3820  netbt - ok
20:50:28.0492 3820  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:50:28.0514 3820  Netlogon - ok
20:50:28.0578 3820  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:50:28.0671 3820  Netman - ok
20:50:28.0704 3820  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:50:28.0767 3820  netprofm - ok
20:50:28.0817 3820  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:50:28.0842 3820  NetTcpPortSharing - ok
20:50:28.0994 3820  [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:50:29.0291 3820  NETw5v32 - ok
20:50:29.0345 3820  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:50:29.0365 3820  nfrd960 - ok
20:50:29.0418 3820  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:50:29.0474 3820  NlaSvc - ok
20:50:29.0505 3820  [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
20:50:29.0576 3820  nmwcd - ok
20:50:29.0609 3820  [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
20:50:29.0652 3820  nmwcdc - ok
20:50:29.0704 3820  [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
20:50:29.0764 3820  nmwcdnsu - ok
20:50:29.0786 3820  [ D23257682D349A5E2E4507ED33DECC16 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
20:50:29.0837 3820  nmwcdnsuc - ok
20:50:29.0875 3820  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:50:29.0921 3820  Npfs - ok
20:50:29.0961 3820  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:50:30.0017 3820  nsi - ok
20:50:30.0064 3820  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:50:30.0104 3820  nsiproxy - ok
20:50:30.0160 3820  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:50:30.0234 3820  Ntfs - ok
20:50:30.0257 3820  [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:50:30.0273 3820  NTIBackupSvc - ok
20:50:30.0350 3820  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
20:50:30.0365 3820  NTIDrvr - ok
20:50:30.0419 3820  [ 547BFA3591C70674B0BFC99354AB78B3 ] NTIPPKernel     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
20:50:30.0437 3820  NTIPPKernel ( UnsignedFile.Multi.Generic ) - warning
20:50:30.0437 3820  NTIPPKernel - detected UnsignedFile.Multi.Generic (1)
20:50:30.0475 3820  [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:50:30.0482 3820  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
20:50:30.0483 3820  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
20:50:30.0524 3820  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:50:30.0596 3820  ntrigdigi - ok
20:50:30.0633 3820  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:50:30.0673 3820  Null - ok
20:50:30.0705 3820  [ 2C7AC27710E8D41C1EB7D1599187D237 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
20:50:30.0721 3820  NVHDA - ok
20:50:30.0961 3820  [ CB0D6F8F65B8766FF2AAAA78881FD9F8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:50:31.0421 3820  nvlddmkm - ok
20:50:31.0444 3820  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:50:31.0475 3820  nvraid - ok
20:50:31.0504 3820  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:50:31.0525 3820  nvstor - ok
20:50:31.0550 3820  [ 15315BB51E9025FE41B482681C6E7BA2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:50:31.0578 3820  nvsvc - ok
20:50:31.0603 3820  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:50:31.0626 3820  nv_agp - ok
20:50:31.0633 3820  NwlnkFlt - ok
20:50:31.0641 3820  NwlnkFwd - ok
20:50:31.0768 3820  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:50:31.0801 3820  odserv - ok
20:50:31.0851 3820  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:50:31.0922 3820  ohci1394 - ok
20:50:31.0967 3820  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:50:31.0987 3820  ose - ok
20:50:32.0032 3820  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:50:32.0159 3820  p2pimsvc - ok
20:50:32.0174 3820  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:50:32.0228 3820  p2psvc - ok
20:50:32.0269 3820  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:50:32.0352 3820  Parport - ok
20:50:32.0394 3820  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:50:32.0415 3820  partmgr - ok
20:50:32.0441 3820  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:50:32.0513 3820  Parvdm - ok
20:50:32.0570 3820  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:50:32.0649 3820  PcaSvc - ok
20:50:32.0692 3820  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:50:32.0736 3820  pccsmcfd - ok
20:50:32.0778 3820  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:50:32.0802 3820  pci - ok
20:50:32.0851 3820  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
20:50:32.0871 3820  pciide - ok
20:50:32.0908 3820  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:50:32.0932 3820  pcmcia - ok
20:50:32.0997 3820  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:50:33.0147 3820  PEAUTH - ok
20:50:33.0243 3820  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:50:33.0417 3820  pla - ok
20:50:33.0459 3820  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:50:33.0510 3820  PlugPlay - ok
20:50:33.0544 3820  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:50:33.0567 3820  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:50:33.0567 3820  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:50:33.0600 3820  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:50:33.0653 3820  PNRPAutoReg - ok
20:50:33.0722 3820  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:50:33.0794 3820  PNRPsvc - ok
20:50:33.0857 3820  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:50:33.0933 3820  PolicyAgent - ok
20:50:34.0014 3820  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:50:34.0067 3820  PptpMiniport - ok
20:50:34.0109 3820  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
20:50:34.0160 3820  Processor - ok
20:50:34.0219 3820  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:50:34.0255 3820  ProfSvc - ok
20:50:34.0296 3820  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:50:34.0317 3820  ProtectedStorage - ok
20:50:34.0379 3820  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:50:34.0425 3820  PSched - ok
20:50:34.0451 3820  [ AB94285FF6C6BC5433407D8D182A4BB4 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
20:50:34.0467 3820  PSDFilter - ok
20:50:34.0493 3820  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
20:50:34.0512 3820  PSDNServ - ok
20:50:34.0525 3820  [ 0EB8CEC99855BEAE5B0D02C2302619EF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
20:50:34.0541 3820  psdvdisk - ok
20:50:34.0614 3820  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:50:34.0757 3820  ql2300 - ok
20:50:34.0808 3820  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:50:34.0830 3820  ql40xx - ok
20:50:34.0911 3820  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:50:34.0953 3820  QWAVE - ok
20:50:34.0993 3820  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:50:35.0014 3820  QWAVEdrv - ok
20:50:35.0043 3820  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:50:35.0097 3820  RasAcd - ok
20:50:35.0152 3820  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:50:35.0239 3820  RasAuto - ok
20:50:35.0276 3820  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:50:35.0331 3820  Rasl2tp - ok
20:50:35.0384 3820  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:50:35.0439 3820  RasMan - ok
20:50:35.0501 3820  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:50:35.0543 3820  RasPppoe - ok
20:50:35.0572 3820  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:50:35.0594 3820  RasSstp - ok
20:50:35.0640 3820  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:50:35.0675 3820  rdbss - ok
20:50:35.0692 3820  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:50:35.0747 3820  RDPCDD - ok
20:50:35.0804 3820  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:50:35.0850 3820  rdpdr - ok
20:50:35.0856 3820  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:50:35.0920 3820  RDPENCDD - ok
20:50:35.0982 3820  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:50:36.0023 3820  RDPWD - ok
20:50:36.0060 3820  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:50:36.0103 3820  RemoteAccess - ok
20:50:36.0145 3820  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:50:36.0181 3820  RemoteRegistry - ok
20:50:36.0212 3820  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:50:36.0266 3820  RFCOMM - ok
20:50:36.0354 3820  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       C:\Program Files\Cyberlink\Shared files\RichVideo.exe
20:50:36.0375 3820  RichVideo - ok
20:50:36.0436 3820  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:50:36.0488 3820  ROOTMODEM - ok
20:50:36.0563 3820  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:50:36.0635 3820  RpcLocator - ok
20:50:36.0683 3820  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:50:36.0745 3820  RpcSs - ok
20:50:36.0767 3820  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:50:36.0809 3820  rspndr - ok
20:50:36.0815 3820  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:50:36.0837 3820  SamSs - ok
20:50:36.0857 3820  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:50:36.0878 3820  sbp2port - ok
20:50:36.0920 3820  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:50:36.0956 3820  SCardSvr - ok
20:50:37.0068 3820  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:50:37.0143 3820  Schedule - ok
20:50:37.0182 3820  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:50:37.0214 3820  SCPolicySvc - ok
20:50:37.0261 3820  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:50:37.0349 3820  sdbus - ok
20:50:37.0392 3820  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:50:37.0442 3820  SDRSVC - ok
20:50:37.0486 3820  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:50:37.0565 3820  secdrv - ok
20:50:37.0590 3820  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:50:37.0634 3820  seclogon - ok
20:50:37.0676 3820  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
20:50:37.0736 3820  SENS - ok
20:50:37.0763 3820  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:50:37.0835 3820  Serenum - ok
20:50:37.0855 3820  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:50:37.0927 3820  Serial - ok
20:50:37.0945 3820  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:50:37.0995 3820  sermouse - ok
20:50:38.0072 3820  [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:50:38.0152 3820  ServiceLayer - ok
20:50:38.0205 3820  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:50:38.0249 3820  SessionEnv - ok
20:50:38.0291 3820  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:50:38.0323 3820  sffdisk - ok
20:50:38.0339 3820  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:50:38.0391 3820  sffp_mmc - ok
20:50:38.0415 3820  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:50:38.0455 3820  sffp_sd - ok
20:50:38.0462 3820  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:50:38.0549 3820  sfloppy - ok
20:50:38.0593 3820  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:50:38.0648 3820  ShellHWDetection - ok
20:50:38.0687 3820  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:50:38.0709 3820  sisagp - ok
20:50:38.0737 3820  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:50:38.0759 3820  SiSRaid2 - ok
20:50:38.0800 3820  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:50:38.0823 3820  SiSRaid4 - ok
20:50:38.0885 3820  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:50:38.0904 3820  SkypeUpdate - ok
20:50:39.0044 3820  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:50:39.0278 3820  slsvc - ok
20:50:39.0313 3820  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:50:39.0354 3820  SLUINotify - ok
20:50:39.0405 3820  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:50:39.0458 3820  Smb - ok
20:50:39.0492 3820  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:50:39.0529 3820  SNMPTRAP - ok
20:50:39.0566 3820  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:50:39.0586 3820  spldr - ok
20:50:39.0620 3820  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:50:39.0672 3820  Spooler - ok
20:50:39.0776 3820  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\System32\Drivers\sptd.sys
20:50:39.0843 3820  sptd - ok
20:50:39.0894 3820  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:50:39.0941 3820  srv - ok
20:50:40.0014 3820  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:50:40.0069 3820  srv2 - ok
20:50:40.0156 3820  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:50:40.0178 3820  srvnet - ok
20:50:40.0246 3820  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:50:40.0333 3820  SSDPSRV - ok
20:50:40.0371 3820  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
20:50:40.0386 3820  ssmdrv - ok
20:50:40.0443 3820  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:50:40.0469 3820  SstpSvc - ok
20:50:40.0515 3820  [ 306521935042FC0A6988D528643619B3 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
20:50:40.0520 3820  StarOpen ( UnsignedFile.Multi.Generic ) - warning
20:50:40.0520 3820  StarOpen - detected UnsignedFile.Multi.Generic (1)
20:50:40.0574 3820  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:50:40.0690 3820  stisvc - ok
20:50:40.0749 3820  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:50:40.0769 3820  swenum - ok
20:50:40.0833 3820  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:50:40.0914 3820  swprv - ok
20:50:40.0936 3820  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:50:40.0955 3820  Symc8xx - ok
20:50:40.0995 3820  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:50:41.0015 3820  Sym_hi - ok
20:50:41.0032 3820  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:50:41.0051 3820  Sym_u3 - ok
20:50:41.0094 3820  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:50:41.0117 3820  SynTP - ok
20:50:41.0159 3820  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:50:41.0230 3820  SysMain - ok
20:50:41.0279 3820  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:50:41.0346 3820  TabletInputService - ok
20:50:41.0391 3820  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:50:41.0431 3820  TapiSrv - ok
20:50:41.0454 3820  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:50:41.0499 3820  TBS - ok
20:50:41.0572 3820  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:50:41.0680 3820  Tcpip - ok
20:50:41.0720 3820  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:50:41.0793 3820  Tcpip6 - ok
20:50:41.0838 3820  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:50:41.0869 3820  tcpipreg - ok
20:50:41.0923 3820  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:50:41.0970 3820  TDPIPE - ok
20:50:41.0996 3820  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:50:42.0037 3820  TDTCP - ok
20:50:42.0123 3820  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:50:42.0180 3820  tdx - ok
20:50:42.0199 3820  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:50:42.0222 3820  TermDD - ok
20:50:42.0247 3820  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:50:42.0344 3820  TermService - ok
20:50:42.0373 3820  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:50:42.0400 3820  Themes - ok
20:50:42.0445 3820  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:50:42.0488 3820  THREADORDER - ok
20:50:42.0523 3820  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:50:42.0587 3820  TrkWks - ok
20:50:42.0627 3820  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:50:42.0669 3820  TrustedInstaller - ok
20:50:42.0699 3820  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:50:42.0740 3820  tssecsrv - ok
20:50:42.0793 3820  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:50:42.0844 3820  tunmp - ok
20:50:42.0878 3820  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:50:42.0899 3820  tunnel - ok
20:50:42.0941 3820  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:50:42.0963 3820  uagp35 - ok
20:50:42.0989 3820  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
20:50:43.0003 3820  UBHelper - ok
20:50:43.0050 3820  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:50:43.0088 3820  udfs - ok
20:50:43.0121 3820  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:50:43.0180 3820  UI0Detect - ok
20:50:43.0198 3820  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:50:43.0220 3820  uliagpkx - ok
20:50:43.0258 3820  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:50:43.0285 3820  uliahci - ok
20:50:43.0339 3820  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:50:43.0361 3820  UlSata - ok
20:50:43.0383 3820  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:50:43.0404 3820  ulsata2 - ok
20:50:43.0437 3820  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:50:43.0543 3820  umbus - ok
20:50:43.0590 3820  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:50:43.0676 3820  upnphost - ok
20:50:43.0733 3820  [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:50:43.0789 3820  upperdev - ok
20:50:43.0852 3820  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:50:43.0894 3820  usbccgp - ok
20:50:43.0926 3820  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:50:43.0998 3820  usbcir - ok
20:50:44.0039 3820  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:50:44.0071 3820  usbehci - ok
20:50:44.0101 3820  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:50:44.0145 3820  usbhub - ok
20:50:44.0168 3820  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:50:44.0239 3820  usbohci - ok
20:50:44.0272 3820  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:50:44.0328 3820  usbprint - ok
20:50:44.0380 3820  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:50:44.0426 3820  usbscan - ok
20:50:44.0467 3820  [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
20:50:44.0498 3820  usbser - ok
20:50:44.0548 3820  [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:50:44.0593 3820  UsbserFilt - ok
20:50:44.0632 3820  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:50:44.0676 3820  USBSTOR - ok
20:50:44.0696 3820  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:50:44.0767 3820  usbuhci - ok
20:50:44.0807 3820  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:50:44.0857 3820  usbvideo - ok
20:50:44.0886 3820  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:50:44.0921 3820  UxSms - ok
20:50:44.0997 3820  [ 94D73B62E458FB56C9CE60AA96D914F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
20:50:45.0046 3820  VClone - ok
20:50:45.0085 3820  [ 51750B0539986186C6931FC40D171521 ] VComm           C:\Windows\system32\DRIVERS\VComm.sys
20:50:45.0102 3820  VComm - ok
20:50:45.0127 3820  [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr        C:\Windows\system32\Drivers\VcommMgr.sys
20:50:45.0143 3820  VcommMgr - ok
20:50:45.0180 3820  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:50:45.0287 3820  vds - ok
20:50:45.0331 3820  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:50:45.0371 3820  vga - ok
20:50:45.0398 3820  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:50:45.0478 3820  VgaSave - ok
20:50:45.0513 3820  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:50:45.0535 3820  viaagp - ok
20:50:45.0552 3820  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:50:45.0594 3820  ViaC7 - ok
20:50:45.0634 3820  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:50:45.0654 3820  viaide - ok
20:50:45.0703 3820  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:50:45.0724 3820  volmgr - ok
20:50:45.0763 3820  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:50:45.0792 3820  volmgrx - ok
20:50:45.0846 3820  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:50:45.0872 3820  volsnap - ok
20:50:45.0901 3820  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:50:45.0925 3820  vsmraid - ok
20:50:45.0978 3820  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:50:46.0092 3820  VSS - ok
20:50:46.0159 3820  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:50:46.0200 3820  W32Time - ok
20:50:46.0226 3820  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:50:46.0309 3820  WacomPen - ok
20:50:46.0360 3820  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:50:46.0393 3820  Wanarp - ok
20:50:46.0399 3820  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:50:46.0431 3820  Wanarpv6 - ok
20:50:46.0485 3820  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:50:46.0536 3820  wcncsvc - ok
20:50:46.0574 3820  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:50:46.0623 3820  WcsPlugInService - ok
20:50:46.0663 3820  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
20:50:46.0683 3820  Wd - ok
20:50:46.0721 3820  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:50:46.0772 3820  Wdf01000 - ok
20:50:46.0807 3820  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:50:46.0864 3820  WdiServiceHost - ok
20:50:46.0870 3820  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:50:46.0915 3820  WdiSystemHost - ok
20:50:46.0954 3820  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:50:46.0991 3820  WebClient - ok
20:50:47.0063 3820  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:50:47.0109 3820  Wecsvc - ok
20:50:47.0151 3820  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:50:47.0187 3820  wercplsupport - ok
20:50:47.0244 3820  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:50:47.0281 3820  WerSvc - ok
20:50:47.0356 3820  [ 3FA87D56769838AAC82FAFC3E78FC732 ] winbondcir      C:\Windows\system32\DRIVERS\winbondcir.sys
20:50:47.0386 3820  winbondcir - ok
20:50:47.0394 3820  WinHttpAutoProxySvc - ok
20:50:47.0490 3820  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:50:47.0524 3820  Winmgmt - ok
20:50:47.0578 3820  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:50:47.0721 3820  WinRM - ok
20:50:47.0780 3820  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:50:47.0850 3820  Wlansvc - ok
20:50:47.0872 3820  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:50:47.0918 3820  WmiAcpi - ok
20:50:47.0972 3820  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:50:48.0019 3820  wmiApSrv - ok
20:50:48.0081 3820  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:50:48.0206 3820  WMPNetworkSvc - ok
20:50:48.0231 3820  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:50:48.0304 3820  WPCSvc - ok
20:50:48.0346 3820  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:50:48.0381 3820  WPDBusEnum - ok
20:50:48.0456 3820  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:50:48.0501 3820  WpdUsb - ok
20:50:48.0531 3820  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:50:48.0580 3820  ws2ifsl - ok
20:50:48.0587 3820  WSearch - ok
20:50:48.0679 3820  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:50:48.0874 3820  wuauserv - ok
20:50:48.0937 3820  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:50:48.0979 3820  WUDFRd - ok
20:50:49.0015 3820  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:50:49.0060 3820  wudfsvc - ok
20:50:49.0154 3820  [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
20:50:49.0170 3820  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
20:50:49.0185 3820  ================ Scan global ===============================
20:50:49.0256 3820  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:50:49.0317 3820  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:50:49.0391 3820  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:50:49.0429 3820  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:50:49.0435 3820  [Global] - ok
20:50:49.0436 3820  ================ Scan MBR ==================================
20:50:49.0450 3820  [ 7BA4C7EA1EF33A92F5F01BE63EDACB6A ] \Device\Harddisk0\DR0
20:50:53.0711 3820  \Device\Harddisk0\DR0 - ok
20:50:53.0712 3820  ================ Scan VBR ==================================
20:50:53.0743 3820  [ E52F6A7A6C042C67D8363387FA2D2F80 ] \Device\Harddisk0\DR0\Partition1
20:50:53.0745 3820  \Device\Harddisk0\DR0\Partition1 - ok
20:50:53.0799 3820  [ 71AAE92D4A24872C6F923F013F544732 ] \Device\Harddisk0\DR0\Partition2
20:50:53.0801 3820  \Device\Harddisk0\DR0\Partition2 - ok
20:50:53.0802 3820  ============================================================
20:50:53.0802 3820  Scan finished
20:50:53.0802 3820  ============================================================
20:50:53.0822 3532  Detected object count: 9
20:50:53.0822 3532  Actual detected object count: 9
20:51:49.0784 3532  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0784 3532  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0787 3532  CLHNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0787 3532  CLHNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0790 3532  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0790 3532  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0792 3532  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0792 3532  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0795 3532  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0795 3532  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0798 3532  NTIPPKernel ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0798 3532  NTIPPKernel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0800 3532  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0800 3532  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0803 3532  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0803 3532  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:51:49.0806 3532  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:49.0806 3532  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 03.09.2012, 20:58   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.09.2012, 13:48   #26
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Frage vorraus kann ich zum jetzigen zeitpunkt online banking durchführen oder ist der PC nicht sicher dafür????

Alt 04.09.2012, 16:25   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Nein noch nicht!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.09.2012, 11:08   #28
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-13.03 - Zerocool 2009 14.09.2012  11:38:15.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3066.2029 [GMT 2:00]
ausgeführt von:: c:\users\Zerocool 2009\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\uninstall.exe
c:\programdata\2CC
c:\programdata\2CC\{D6DFE898-94C9-4467-BC1C-392D39E49079}.swf
c:\programdata\511
c:\programdata\511\{A68FB21A-B9AA-47F7-88A2-CF6014BBA62F}.swf
c:\programdata\5B6
c:\programdata\5B6\{62EBA86B-6810-4300-80D8-8972778303D0}.swf
c:\windows\IsUn0407.exe
c:\windows\system32\ 
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-14 bis 2012-09-14  ))))))))))))))))))))))))))))))
.
.
2012-09-14 09:47 . 2012-09-14 09:50	--------	d-----w-	c:\users\Zerocool 2009\AppData\Local\temp
2012-09-14 09:47 . 2012-09-14 09:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-14 09:47 . 2012-09-14 09:47	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2012-08-20 19:00 . 2012-08-20 19:00	--------	d-----w-	C:\_OTL
2012-08-20 15:35 . 2012-08-20 15:35	--------	d-----w-	c:\program files\BMWi-Businessplaner
2012-08-19 08:56 . 2012-08-19 08:56	--------	d-----w-	c:\program files\WEB.DE MailCheck
2012-08-19 08:56 . 2012-08-19 08:56	--------	d-----w-	c:\users\Zerocool 2009\AppData\Roaming\convert
2012-08-19 08:56 . 2012-08-19 09:03	--------	d-----w-	c:\users\Zerocool 2009\AppData\Roaming\loadtbs
2012-08-15 17:53 . 2012-05-11 15:57	623616	----a-w-	c:\windows\system32\localspl.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-10 19:29 . 2012-05-20 17:05	696520	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-10 19:29 . 2011-05-31 05:00	73416	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-05 13:10 . 2009-09-17 11:07	279552	----a-w-	c:\windows\system32\services.exe
2012-07-03 11:46 . 2012-01-10 21:54	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-29 08:44 . 2012-08-04 05:54	6891424	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B334148-2766-4FE5-80E9-89560228D304}\mpengine.dll
2009-01-27 01:34 . 2012-09-07 19:05	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2012-09-07 19:05	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-09-07 19:05 . 2012-09-07 19:05	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-23 16:56 . 2012-09-07 19:05	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-03 68856]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-07 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-07 92704]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-23 30192]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-25 2569616]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-14 1213848]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 21:42	34040	----a-w-	c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-05-16 13:44	1084840	----a-w-	c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44	85160	----a-w-	c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:29]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-20 13:10]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-20 13:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.web.de/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Zerocool 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ie7pj207.default\
FF - prefs.js: browser.startup.homepage - hxxp://web.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - (no file)
WebBrowser-{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - (no file)
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3576)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Acer\Empowering Technology\Service\ETService.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-14  11:57:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-09-14 09:55
.
Vor Suchlauf: 13 Verzeichnis(se), 22.788.157.440 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 22.628.884.480 Bytes frei
.
- - End Of File - - 4A5D4E33DD7EF00D71C2C120C3A047FF
--- --- ---
Alt 14.09.2012, 15:16   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.09.2012, 15:43   #30
Zerocool1179
 
TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Standard

TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


Frage wieviele Schritte muß ich noch machen bis das System Sauber ist??? oder an welcher Stelle der Berreinigung sind wir???mir kommts bitte entschuldige aber so vor als ob ich nur Logs erstelle sonst nichts???was hab ich den noch für Übeltäter?? Danke!!!

Antwort
Seite 2 von 3 1 2 3

Themen zu TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen
32 bit, ahnung, angezeigt, avira searchfree toolbar, brauche, canon, desktop, diner dash, entfernen, freemail, gelöscht, hochfahren, igoogle, incredibar toolbar, install.exe, intranet, langsam, launch, office 2007, programme, protection, pup.offerbundler.st, revo uninstaller, rootkit.0access, thema, toolbar, tr/atraps.gen, tr/atraps.gen2, trojan.zaccess, verschwunden, visual studio, win32/somoto.a


« ad.adserverplus erscheint immer wieder | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden »


Ähnliche Themen: TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen


  1. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  2. TR/ATRAPS.Gen und TR/ATRAPS.Gen2 von Avira gemeldet und dort nicht zu entfernen
    Log-Analyse und Auswertung - 10.10.2012 (13)
  3. Trojaner Befall TR/ATRAPS.GEN ,TR/ATRAPS.GEN2 , TR/Cutwail.jhg , TR/ZAccess.H , TR/Sirefef.A.37
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  4. TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (31)
  5. TR/Atraps.gen - TR/Atraps.gen2 - TR/Rogue.kdv.686334 - von AVIRA Antivirus entdeckt
    Log-Analyse und Auswertung - 05.09.2012 (24)
  6. TR/ATRAPS.Gen2 und TR/ATRAPS.Gen wird alle paar Minuten von Antivir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (22)
  7. Avira: 800000cb.@ TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer\.. und weitere Pfaden
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (25)
  8. antivir meldet alle paar minuten den fund TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Log-Analyse und Auswertung - 01.08.2012 (4)
  9. Von Avira gefundene Trojaner - TR/Crypt.ZPACK.Gen, TR/ATRAPS.Gen, TR/ATRAPS.Gen2 und BDS/ZAccess.T
    Log-Analyse und Auswertung - 27.07.2012 (25)
  10. TR/Atraps.gen - TR/Atraps.gen2 - BDS/ZAccess.T - über AVIRA Antivirus entdeckt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (4)
  11. Trojaner TR/ATRAPS.gen und TR/ATRAPS.Gen2 lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (30)
  12. Trojaner Atraps.Gen, Atraps.Gen2 und Sirefef.AB.20 - gelöscht, aber auch sicher?
    Log-Analyse und Auswertung - 14.07.2012 (23)
  13. TR/ATRAPS.GEN, TR/ATRAPS.Gen2 6 seit ein paar Minuten auch noch ein Sirefef.P.528
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (1)
  14. Antivir findet 4 Trojaner: TR/ATRAPS.Gen, TR/ATRAPS.Gen2, Sirefef.P.342, Dldr.Phdet.E.41
    Log-Analyse und Auswertung - 11.07.2012 (1)
  15. Nach Befall tr/atraps.gen tr/atraps.gen2 formatiert - Computer startet selbständig neu
    Log-Analyse und Auswertung - 09.07.2012 (1)
  16. Virus (Rootkit.0Access, TR/ATRAPS.Gen, TR/ATRAPS.Gen2) entfernt; tatsächlich clean?
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (7)
  17. Avira ANtivir meldet Befall durch: tr/atraps.gen & tr atraps.gen2
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen - Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: - TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen...
Archiv
Du betrachtest: TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131